CVE-2026-28110

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist all-in-one-bannerWithPlaylist allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Playlist: from n/a through =...

CVE-2026-28099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider Ultra uberSliderultra allows Reflected XSS.This issue affects UberSlider Ultra: from n/a through = 2.3...

EUVD-2026-9755

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider PerpetuumMobile uberSliderperpetuummobile allows Reflected XSS.This issue affects UberSlider PerpetuumMobile: from n/a through = 2.3...

EUVD-2026-9758

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LBG Zoominoutslider lbgzoominoutslider allows Reflected XSS.This issue affects LBG Zoominoutslider: from n/a through = 5.4.5...

CVE-2026-28109

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Reflected XSS.This issue affects LambertGroup - AllInOne - Content Slider: from n/a through = 3.8...

CVE-2026-28101

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider MouseInteraction uberSlidermouseinteraction allows Reflected XSS.This issue affects UberSlider MouseInteraction: from n/a through = 2.3...

PT-2026-23377

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider Classic uberSlider classic allows Reflected XSS.This issue affects UberSlider Classic: from n/a through = 2.5...

CVE-2025-69053

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

CVE-2025-49066

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...

CVE-2025-27002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-68056

CVE-2025-68056 affects the WordPress plugin LBG Zoominoutslider (LambertGroup)

PT-2025-51447

Name of the Vulnerable Software and Affected Versions LambertGroup LBG Zoominoutslider versions through 5.4.5 Description A flaw exists in LambertGroup LBG Zoominoutslider that allows for SQL Injection. This occurs due to improper neutralization of special elements used in an SQL command. The iss...

CVE-2025-60110

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows SQL Injection.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

CVE-2025-60109

CVE-2025-60109 affects the LambertGroup AllInOne Content Slider WordPress plugin. The issue is an improper neutralization of user input in an SQL query, enabling Blind SQL Injection. Impact is high for confidentiality (C:H) and low to moderate for availability, with CVSS v3.1 base score 8.5. Affe...

CVE-2025-48163

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support lbg-audio8-html5-radio-ads allows Reflected XSS.This issue affects SHOUT - HTML5 Radio Player With Ads - ShoutCast a...

CVE-2025-48159

CVE-2025-48159: WordPress plugin Youtube Vimeo Video Player and Slider WP Plugin

CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

PT-2025-33984 · Unknown · Lambertgroup Youtube Vimeo Video Player/Slider

Name of the Vulnerable Software and Affected Versions: LambertGroup Youtube Vimeo Video Player and Slider versions n/a through 3.8 Description: The software contains an improper neutralization of input during web page generation, leading to a reflected cross-site scripting XSS issue...

PT-2025-33915 · WordPress · Multimedia Playlist Slider Addon For Wpbakery Page Builder

Name of the Vulnerable Software and Affected Versions: Multimedia Playlist Slider Addon for WPBakery Page Builder versions through 2.1 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Reflected Cross-site Scripting XSS...