Vulnerabilities and security researches forresponsive-block-editor-addons responsive-block-editor-addons

Apr 18, 2025

CVE, Research URL: CVE-2025-39578
Home page URL: Security reports for Responsive Blocks – WordPress Gutenberg Blocks
Application: Responsive Blocks – WordPress Gutenberg Blocks
Date: Apr 16, 2025
Research Description: Responsive Blocks – WordPress Gutenberg Blocks [responsive-block-editor-addons] < 2.0.3 CVE-2025-39578 [en] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks allows Stored XSS. This issue affects Responsive Blocks: from n/a through 2.0.2.
Affected versions: Min -, max -.
Status: vulnerable

Feb 06, 2025

CVE, Research URL: CVE-2025-22697
Home page URL: Security reports for Responsive Blocks – WordPress Gutenberg Blocks
Application: Responsive Blocks – WordPress Gutenberg Blocks
Date: Feb 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks allows Reflected XSS. This issue affects Responsive Blocks: from n/a through 1.9.9.
Affected versions: Min -, max -.
Status: vulnerable

Feb 01, 2025

CVE, Research URL: CVE-2024-13732
Home page URL: Security reports for Responsive Blocks – WordPress Gutenberg Blocks
Application: Responsive Blocks – WordPress Gutenberg Blocks
Date: Jan 30, 2025
Research Description: The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘section_tag’ parameter in all versions up to, and including, 1.9.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Dec 24, 2024

CVE, Research URL: CVE-2024-12268
Home page URL: Security reports for Responsive Blocks – WordPress Gutenberg Blocks
Application: Responsive Blocks – WordPress Gutenberg Blocks
Date: Dec 24, 2024
Research Description: The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Aug 20, 2024

CVE, Research URL: CVE-2024-43335
Home page URL: Security reports for Responsive Blocks – WordPress Gutenberg Blocks
Application: Responsive Blocks – WordPress Gutenberg Blocks
Date: Aug 18, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8.
Affected versions: Min -, max -.
Status: vulnerable