Responsive Lightbox

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-5093 MEDIUM POC PATCH This Month

The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

WordPress XSS Responsive Lightbox PHP
NVD WPScan
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-3742 MEDIUM POC This Month

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Responsive Lightbox PHP
NVD WPScan
CVSS 3.1
6.8
EPSS
0.3%
CVE-2025-5093
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

WordPress XSS Responsive Lightbox +1
NVD WPScan
CVE-2025-3742
EPSS 0% CVSS 6.8
MEDIUM POC This Month

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Responsive Lightbox +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy