This vulnerability involves improper neutralization of input (CWE-79) in the WP Moose Kenta Gutenberg Blocks Responsive Blocks and block templates library for the Gutenberg Editor, leading to stored cross-site scripting (XSS). It affects versions through 1.3.9 and can allow an attacker with low privileges and requiring user interaction to execute scripts in the context of the affected application. The CVSS 3.1 vector indicates network attack vector, low attack complexity, low privileges required, user interaction needed, and impacts confidentiality, integrity, and availability at a low level.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of users interacting with the affected Gutenberg blocks, potentially leading to data disclosure, modification, or disruption of service. The impact is rated medium based on the CVSS score of 6.5. There are no reports of active exploitation in the wild.

No official patch or remediation is currently available. Users should monitor the vendor's advisory channels for updates. Until a fix is released, consider limiting the use of the affected plugin or restricting user input that can be rendered by the vulnerable blocks. Avoid granting unnecessary privileges to users who can add or modify content using these blocks.