Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/11/21 7:33 a.m.5 views

CVE-2025-5092

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00213EPSS
Exploits0References1
nvd
nvd
added 2025/11/20 3:17 p.m.9 views

CVE-2025-5092

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00213EPSS
Exploits0References7
cvelist
cvelist
added 2025/11/20 6:38 a.m.12 views

CVE-2025-5092 Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00213EPSS
Exploits0References7
euvd
euvd
added 2025/11/20 6:38 a.m.10 views

EUVD-2025-198262

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.1AI score0.00213EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2025/11/20 12:0 a.m.6 views

PT-2025-47557

Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library = 2.8.3 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00213EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/11/20 12:0 a.m.9 views

WordPress plugin theme 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

6.4CVSS5.6AI score0.00213EPSS
Exploits0References7
Rows per page
Query Builder