700 matches found
CVE-2026-2479 Responsive Lightbox & Gallery <= 2.7.1 - Authenticated (Author+) Server-Side Request Forgery via Remote Library Image Upload
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.1. This is due to the use of strpos for substring-based hostname validation instead of strict host comparison in the ajaxuploadimage function. This makes i...
WordPress plugin Responsive Lightbox & Gallery 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress Responsive Lightbox & Gallery plugin <= 2.7.1 - Authenticated (Author+) Server-Side Request Forgery via Remote Library Image Upload vulnerability
Authenticated Author+ Server-Side Request Forgery via Remote Library Image Upload vulnerability discovered by lucsob in WordPress Plugin Responsive Lightbox versions = 2.7.1...
CVE-2025-15386
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
EUVD-2025-207548
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
CVE-2025-15386 Responsive Lightbox & Gallery < 2.6.1 - Unauthenticated Stored XSS
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
CVE-2025-15386
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
CVE-2025-15386 Responsive Lightbox & Gallery < 2.6.1 - Unauthenticated Stored XSS
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
CVE-2025-15386
The CVE describes an Unauthenticated Stored XSS in the WordPress plugin “Responsive Lightbox & Gallery”
WordPress plugin Responsive Lightbox & Gallery 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-21665
Name of the Vulnerable Software and Affected Versions Responsive Lightbox & Gallery WordPress plugin versions prior to 2.6.1 Description The software contains a flaw in its regex replacement rules that allows for an Unauthenticated Stored-XSS attack. This occurs when a malicious link is posted as...
CVE-2026-22345
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...
CVE-2026-22345
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...
CVE-2026-22345
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...
CVE-2026-22345 WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...
CVE-2026-22345 WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...
CVE-2026-22345
CVE-2026-22345 stems from a deserialization/ object-injection flaw in the WordPress plugin family Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery (component: new-image-gallery). The Red Hat/NVD entries and PatchStack corroborate that versions up to and including 1.6.0 ...
CVE-2025-13612
The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aigpl-gallery-album shortcode in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...
PT-2026-21196
Name of the Vulnerable Software and Affected Versions A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions through 1.6.0 Description The software contains a flaw related to the deserialization of untrusted data, specifically allowing for object injection...
WordPress plugin Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...