Stored XSS in Responsive Blocks WordPress Plugin via Section Tag Parameter
The Responsive Blocks WordPress Gutenberg Blocks plugin has a Stored Cross Site Scripting vulnerability in the 'section_tag' parameter for all versions up to 1.9.9. The vulnerability results from weak input sanitization and output escaping. Authenticated attackers with Contributor-level permissions or higher can insert malicious web scripts into pages. These injected scripts will automatically execute when other users view the compromised page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cyberchimps responsive blocks – wordpress gutenberg blocks |
||
cyberchimps responsive blocks |