This vulnerability in Gutenium Blocks involves improper input sanitization leading to stored cross-site scripting (XSS). An attacker with low privileges can inject malicious scripts that are stored and later executed in the context of other users viewing affected pages. The CVSS vector indicates network attack vector, low attack complexity, requiring privileges and user interaction, with impacts on confidentiality, integrity, and availability. The affected versions are up to 1.1.7. No patch or vendor advisory has been provided yet.

Successful exploitation could allow an attacker to execute arbitrary scripts in the context of users viewing the affected content, potentially leading to data disclosure, modification, or disruption of service. The impact is rated medium based on the CVSS score of 6.5. There are no reports of active exploitation in the wild.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting user privileges to trusted users only and applying web application firewall (WAF) rules to detect and block XSS payloads related to Gutenium Blocks. Monitor for updates from Best WP Developer regarding patches or official mitigations.