CVE-2025-58808

CVE-2025-58808 applies to the WordPress plugin PrettyPhoto (versions up to 1.2.4). The issue is an stored Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. The CVSSv3.1 base score is 6.5 (Medium) with Network attack vector, low privileges required, and...

CVE-2015-10128

A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function royalprettyphotopluginlinks of the file rt-prettyphoto.php. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgradin...

CVE-2024-5162

The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-5162

CVE-2024-5162 corresponds to WordPress plugin WordPress prettyPhoto. The vulnerability is a Stored XSS via the url parameter affecting all versions

WordPress prettyPhoto Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software prettyPhoto Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5162 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 30cbe1032315 Credits stealthcopter Required privile...

CVE-2015-10128

A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function royalprettyphotopluginlinks of the file rt-prettyphoto.php. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgradin...

CVE-2015-10128

The CVE-2015-10128 entry affects the rt-prettyphoto Plugin for WordPress, up to version 1.2. The vulnerability targets the function royal_prettyphoto_plugin_links in rt-prettyphoto.php and enables cross-site scripting (XSS). Exploitation can be performed remotely. A patch is available: upgrade to...

CVE-2015-10128 rt-prettyphoto Plugin rt-prettyphoto.php royal_prettyphoto_plugin_links cross site scripting

A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function royalprettyphotopluginlinks of the file rt-prettyphoto.php. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgradin...

PT-2024-10561 · Unknown · Rt-Prettyphoto Plugin

Name of the Vulnerable Software and Affected Versions: rt-prettyphoto Plugin versions up to 1.2 Description: A vulnerability was found in the rt-prettyphoto Plugin, which is classified as problematic. The issue affects the royal prettyphoto plugin links function of the file rt-prettyphoto.php,...

Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)

The jQuery prettyPhoto library bundled with many plugins was found to be vulnerable to DOM Cross-Site Scripting XSS. http://www.example.com/prettyPhotogallery/1,/...