3 matches found
WordPress Responsive Lightbox & Gallery plugin < 2.5.2 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin Responsive Lightbox versions 2.5.2...
CVE-2025-5093
creationtimestamp| type| source ---|---|--- 2025-06-27 06:53:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19672 2025-06-27 10:40:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lslhb46gzm2v...
CVE-2025-5093
The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...