Threat Entry Updated 2025-01-31

CVE-2024-13732 - Responsive Blocks Plugin

The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘section_tag’ parameter in all versions up to, and including, 1.9.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Responsive Blocks

CVE-2024-13732

MEDIUM CVSS 6.4 2025-01-30

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-03-01

CVE-2024-12268 - Responsive Blocks Plugin

The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Responsive Blocks

CVE-2024-12268

MEDIUM CVSS 6.4 2024-12-24

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-09-13

CVE-2024-43335 - Responsive Blocks Plugin

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8.

PLUGIN Responsive Blocks

CVE-2024-43335

MEDIUM CVSS 6.5 2024-08-18

Risk Score

Open Full Technical Breakdown