This vulnerability in CyberChimps Responsive Blocks (up to version 2.0.5) is caused by improper input neutralization during web page generation, leading to stored cross-site scripting (XSS). An attacker could inject malicious scripts that persist and execute in the context of users viewing the affected content. The CVSS 3.1 vector indicates network attack vector, low attack complexity, requiring low privileges and user interaction, with impacts on confidentiality, integrity, and availability rated as low to low to low respectively, resulting in an overall medium severity score of 6.5.

Successful exploitation could allow an attacker to execute arbitrary scripts in the context of affected users, potentially leading to information disclosure, session hijacking, or other impacts on user interaction with the affected web pages. The impact is rated medium based on the CVSS score and the nature of stored XSS vulnerabilities.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider disabling or limiting use of the affected Responsive Blocks plugin versions. Implementing web application firewalls (WAFs) that detect and block XSS payloads may provide temporary mitigation. Monitor vendor channels for updates and apply patches promptly once available.