5 matches found
WordPress Responsive Lightbox & Gallery plugin < 2.5.1 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin Responsive Lightbox versions 2.5.1...
CVE-2025-3742
The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-3742
CVE-2025-3742 affects the WordPress plugin “Responsive Lightbox & Gallery” (pre-2.5.1). The root cause is unvalidated/escaped attributes being output in pages/posts, enabling Stored Cross-Site Scripting for users with the contributor role and above. Impact is stored XSS in affected content, with ...
CVE-2025-3742 Responsive Lightbox & Gallery < 2.5.1 - Contributor+ Stored XSS
The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-3742 Responsive Lightbox & Gallery < 2.5.1 - Contributor+ Stored XSS
The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...