Missing Authorization Security Issue

  • davidovic123

    (@davidovic123)


    7 months, 3 weeks ago

    Hi,

    There’s a security issue reported by WordFence:
    Gutentor <= 3.5.2 – Missing Authorization
    CVE-2025-58680
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

    Can you please fix this?
    There are many reports like this, and the developer has not responded yet!
    Alternatively, you could get in touch with WordFence to see if it’s a false positive.
    Thank you!

    • This topic was modified 7 months, 3 weeks ago by davidovic123.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor codersantosh

    (@codersantosh)

    7 months, 2 weeks ago

    Hello, we’ve pushed an update. The issues should now be resolved in the latest version of Gutentor.

    Thread Starter davidovic123

    (@davidovic123)

    7 months, 1 week ago

    Hi, @codersantosh

    The security issue has not yet been marked as resolved by Wordfence!
    Have you contacted them to follow up on your situation?
    You can find your Gutentor security reporting page at this address:
    https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/gutentor

    Have you checked this page?
    Have you bookmarked this page or added it to your dashboard for regular and instant monitoring?
    As you can see, you have had several security alerts since July 2, 2025, and it is still there! But you have not responded to date! This is not serious!

    Even though Gutentor may seem excellent, and it is excellent, but this raises questions:
    – You lack responsiveness and follow-up on your plugin, which raises questions about confidence in the long-term maintenance of the plugin.
    – Gutentor has recurring security alerts.
    – Users have reported slowness issues due to this plugin.

    You need to fix and improve the entire Gutentor code.
    I’m hesitant, but thank you for continuing to maintain this plugin.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Missing Authorization Security Issue’ is closed to new replies.