The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contrib
The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, whic
The Simple Lightbox WordPress plugin before 2.9.4 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization
The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with
The Firelight Lightbox WordPress plugin before 2.3.16 does not sanitise and escape title attributes before outputting them in the page, which could allow users with a role as low as contributors to pe
The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users
The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and includ
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled SimpleLightbox JavaScript library (version 2.1.5) in various versions due to insufficient input sa
The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attac
The LightPress Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `group` attribute in the `[gallery]` shortcode in all versions up to, and including, 2.3.4. This is du
The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `aigpl-gallery-album` shortcode in all versions up to, and including, 2.1.7
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider – Responsive Lightbox Gallery simple-lightbox
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Responsive Lightbox responsive-lightbox allows Stored XSS.This issue affects Responsive L
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.3 via the 'get_image_size_by_url' function. This is due to
The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the
Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library (<= 2.8.3) in various versions due to insufficient input saniti
The Image Gallery – Responsive Photo Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'awsmgallery' parameter in all versions up to, and including, 1.0.5 due to ins
The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption-title` & `data-caption-de
Page 1+ Next →