WordPress WP Video Lightbox plugin <= 1.9.11 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin WP Video Lightbox versions = 1.9.11...

WordPress Easy 3D Viewer plugin <= 1.8.6.6 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Easy 3D Viewer versions = 1.8.6.6...

WordPress Easy Image Gallery plugin <= 1.5.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Easy Image Gallery versions = 1.5.2...

EUVD-2015-9318

Malware in sbrugna...

EUVD-2013-6639

Malware in sbrugna...

EUVD-2025-19857

Malicious code in bioql PyPI...

EUVD-2025-26970

Malicious code in bioql PyPI...

CVE-2025-58808

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through = 1.2.5...

CVE-2025-58808

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through = 1.2.5...

CVE-2025-58808 WordPress prettyPhoto Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through = 1.2.5...

CVE-2025-58808

CVE-2025-58808 applies to the WordPress plugin PrettyPhoto (versions up to 1.2.4). The issue is an stored Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. The CVSSv3.1 base score is 6.5 (Medium) with Network attack vector, low privileges required, and...

CVE-2025-58808 WordPress prettyPhoto Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through = 1.2.5...

WordPress prettyPhoto Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy in WordPress Plugin prettyPhoto versions = 1.2.5...

WordPress plugin prettyPhoto 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-36147

Name of the Vulnerable Software and Affected Versions: prettyPhoto versions through 1.2.4 Description: The software contains an improper neutralization of input during web page generation, leading to a cross-site scripting XSS issue. The vulnerability allows for stored XSS attacks. Recommendation...

CVE-2025-2540

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library version 3.1.6 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2025-2540

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library version 3.1.6 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2025-2540

CVE-2025-2540 covers a class of stored DOM-based Cross-Site Scripting flaws in WordPress plugins that bundle the prettyPhoto JavaScript library (v3.1.6). The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated attackers with co...

CVE-2025-2540 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library version 3.1.6 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2025-2540 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library version 3.1.6 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...