CVE-2025-3516

The Simple Lightbox WordPress plugin before 2.9.4 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-3742

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-21653

In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...

PT-2023-34890 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.229 Description: A potential security issue exists due to a warning during failed attribute validation in the act mpls component of the Linux Kernel's net/sched module. The actual impact and attack...