3 matches found
PT-2026-39944
The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filter images function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing preg replace that does not properly handle HTML attribute boundaries when replacing...
EUVD-2015-9255
The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion...
VulnCheck KEV: CVE-2015-9415
The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion...