Lucene search
DfactoryResponsive Lightbox & Gallery
2 matches found
CVE-2024-31252
Missing Authorization vulnerability in dFactory Responsive Lightbox.This issue affects Responsive Lightbox: from n/a through 2.4.6.
8.8CVSS5AI score0.00303EPSS
CVE-2024-6870
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rl_upload_image AJAX endpoint. This makes it possible for authent...
6.4CVSS5.9AI score0.00058EPSS