CVE-2026-22345

Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...

CVE-2025-13612

The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aigpl-gallery-album shortcode in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2025-13612 Album and Image Gallery Plus Lightbox <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin's Shortcode

The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aigpl-gallery-album shortcode in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2025-12691

The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...

EUVD-2025-197960

The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...

CVE-2025-12691

The CVE-2025-12691 entry concerns the Photonic Gallery & Lightbox for Flickr, SmugMug & Others WordPress plugin (versions &lt;= 3.21). The connected Wordfence report confirms a stored cross-site scripting flaw in the lightbox caption attribute, exploitable by authenticated users with contributor+...

CVE-2025-12691 Photonic Gallery & Lightbox for Flickr, SmugMug & Others <= 3.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute

The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...

PT-2025-47283

Name of the Vulnerable Software and Affected Versions Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress versions prior to 3.22 Description The software is susceptible to Stored Cross-Site Scripting through its lightbox functionality. This is due to inadequate input...

EUVD-2025-30659

Malicious code in bioql PyPI...

EUVD-2024-42548

Malicious code in bioql PyPI...

CVE-2025-57966

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lightbox: from n/a through = 1.0.0.41...

CVE-2025-57966

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lightbox: from n/a through = 1.0.0.41...

WordPress Gallery Lightbox plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Prissy in WordPress Plugin Gallery Lightbox versions = 1.0.0.41...

CVE-2025-57966

CVE-2025-57966 is a Stored XSS in Gallery Lightbox (WordPress plugin). Affected: Gallery Lightbox versions from n/a through 1.0.0.41. Root cause: Improper neutralization of input during web page generation. Impact: low confidentiality, integrity, and availability (per CVSS 3.1 metrics). Exploitat...

CVE-2025-57966 WordPress Gallery Lightbox Plugin <= 1.0.0.41 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Gallery Lightbox allows Stored XSS. This issue affects Gallery Lightbox: from n/a through 1.0.0.41...

CVE-2025-57966 WordPress Gallery Lightbox plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lightbox: from n/a through = 1.0.0.41...

WordPress plugin Gallery Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38816

Name of the Vulnerable Software and Affected Versions GhozyLab Gallery Lightbox versions through 1.0.0.41 Description The software contains a flaw due to improper input handling during web page creation, leading to a Cross-site Scripting XSS issue. Specifically, the vulnerability allows for Store...

CVE-2024-47623

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lightbox: from n/a through = 1.0.0.39...

PT-2025-4706 · Unknown · Oğulcan Özüğenc Gallery/Lightbox

Name of the Vulnerable Software and Affected Versions: Oğulcan Özügenç Gallery and Lightbox versions 1.0.14 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS, which allows stored XSS attacks...