CVE-2024-13834 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request

🗓️ 15 Feb 2025 14:21:22Reported by WordfenceType

Vulnerability in Responsive Plus plugin allows authenticated attacks via Server-Side Request Forgery.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-13834	15 Feb 202514:23	–	circl
CNNVD	WordPress plugin Responsive Plus 代码问题漏洞	15 Feb 202500:00	–	cnnvd
CVE	CVE-2024-13834	15 Feb 202514:21	–	cve
EUVD	EUVD-2024-51758	3 Oct 202520:07	–	euvd
NVD	CVE-2024-13834	15 Feb 202515:15	–	nvd
OSV	CVE-2024-13834	15 Feb 202515:15	–	osv
Patchstack	WordPress Responsive Plus plugin <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request vulnerability	17 Feb 202510:18	–	patchstack
Positive Technologies	PT-2025-6614 · WordPress · Responsive Plus	15 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-13834	17 Feb 202515:20	–	redhatcve
Vulnrichment	CVE-2024-13834 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request	15 Feb 202514:21	–	vulnrichment

[
  {
    "vendor": "cyberchimps",
    "product": "Responsive Plus – Elementor Templates & Starter Sites",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.1.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3240422/responsive-add-ons
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/b2833265-f1e5-4cfd-ad2f-ca28a59de82f

08 Apr 2026 17:16Current

CVSS 3.15.4

EPSS0.00244

CWE-918