Responsive Blocks Page Builder For Blocks Patterns
Monthly
Responsive Blocks - Page Builder for Blocks & Patterns plugin for WordPress versions up to 2.2.1 allows authenticated contributors and higher to modify global site-wide plugin configuration, including custom CSS settings, block availability, layout defaults (content width, padding, gap), and auto-recovery behavior due to missing authorization checks. This capability escalation bypasses intended role-based access control, enabling lower-privileged users to degrade site functionality and inject CSS-based attacks. No public exploit code or active exploitation confirmed at time of analysis; CVSS 4.3 (low) reflects the authentication requirement and integrity-only impact, but real-world risk depends on contributor population and site governance.
Responsive Blocks - Page Builder for Blocks & Patterns plugin for WordPress versions up to 2.2.1 allows authenticated contributors and higher to modify global site-wide plugin configuration, including custom CSS settings, block availability, layout defaults (content width, padding, gap), and auto-recovery behavior due to missing authorization checks. This capability escalation bypasses intended role-based access control, enabling lower-privileged users to degrade site functionality and inject CSS-based attacks. No public exploit code or active exploitation confirmed at time of analysis; CVSS 4.3 (low) reflects the authentication requirement and integrity-only impact, but real-world risk depends on contributor population and site governance.