Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/07/10 4:29 a.m.8 views

CVE-2025-5537

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.5AI score0.0017EPSS
Exploits0References1
Circl
Circl
added 2025/07/08 5:17 a.m.6 views

CVE-2025-5537

creationtimestamp| type| source ---|---|--- 2025-07-08 05:17:01+00:00| seen| Telegram/e8HByPGOeHN6bMUSDCsQX3GzxD71v3Hlete8xQI67wVDfOU...

6.4CVSS4.8AI score0.0017EPSS
Exploits0
NVD
NVD
added 2025/07/08 5:15 a.m.6 views

CVE-2025-5537

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/08 4:22 a.m.4 views

CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.9AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2025/07/08 4:22 a.m.42 views

CVE-2025-5537

The FooBox Lightbox & Modal Popup WordPress plugin (versions up to 2.7.34) is affected by a Stored Cross-Site Scripting vulnerability via image alt texts due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Author level or higher, enabling an a...

6.4CVSS5.6AI score0.0017EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/08 4:22 a.m.10 views

CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.0017EPSS
Exploits0References2
Rows per page
Query Builder