6 matches found
WordPress Responsive Lightbox & Gallery plugin <= 2.4.7 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Responsive Lightbox versions = 2.4.7...
CVE-2025-5125
The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...
CVE-2025-5125
The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...
CVE-2025-5125
The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...
CVE-2025-5125 Custom Post Carousels with Owl < 1.4.12 - Contributor+ Stored XSS
The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...
CVE-2025-5125
The CVE-2025-5125 entry affects the WordPress plugin “Custom Post Carousels with Owl”, specifically versions prior to 1.4.12. The root cause is unsanitized input in the data-featherlight attribute used by the Featherlight library, enabling a Stored XSS condition as described by multiple sources. ...