Metrics
Affected Vendors & Products
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-32491 | The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks. |
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 06 Oct 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 06 Oct 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Dfactory
Dfactory responsive Lightbox & Gallery Wordpress Wordpress wordpress |
|
| Vendors & Products |
Dfactory
Dfactory responsive Lightbox & Gallery Wordpress Wordpress wordpress |
Mon, 06 Oct 2025 06:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks. | |
| Title | Responsive Lightbox & Gallery < 2.5.3 - Unauthenticated Stored-XSS via Comments | |
| References |
|
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-10-06T18:50:04.946Z
Reserved: 2025-08-29T18:48:14.022Z
Link: CVE-2025-9710
Updated: 2025-10-06T18:49:49.574Z
Status : Awaiting Analysis
Published: 2025-10-06T06:15:37.467
Modified: 2025-10-06T19:15:36.680
Link: CVE-2025-9710
No data.
OpenCVE Enrichment
Updated: 2025-10-06T14:39:58Z
EUVD