CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

May 15, 2025

CVE ID : CVE-2025-3742

Published : May 15, 2025, 6:15 a.m. | 2 hours, 31 minutes ago

Description : The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48027 – pGina HttpAuth DNS Rebinding Vulnerability

Next Article CVE-2024-13914 – “WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability”

Highlights

CVE-2025-6007 – “kiCode111 like-girl SQL Injection Vulnerability”

June 12, 2025

CVE ID : CVE-2025-6007

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability, which was classified as critical, was found in kiCode111 like-girl 5.2.0. Affected is an unknown function of the file /admin/CopyadminPost.php. The manipulation of the argument icp/Copyright leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

The best smartphones without AI features in 2025: Expert tested and recommended

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes – here’s why

Gemini just got two of ChatGPT’s best features – and they’re free

The HP OmniBook 5 laptop offers 34 hours of battery life – and it’s 60% off today only

Laravel Boost is released

Laravel Boost is released

Frontend Standards for Optimizely Configured Commerce: Clean & Scalable Web Best Practices

Live Agent Escalation in Copilot Studio Using D365 Omnichannel – Architecture and Use Case

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

You Think You Need a Monster PC to Run Local AI, Don’t You? — My Seven-Year-Old Mid-range Laptop Says Otherwise

8 Registry Tweaks that will Make File Explorer Faster and Easier to Use on Windows 11

CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

How the always-on generation can level up its cybersecurity game

Supply-chain dependencies: Check your resilience blind spot

CVE-2025-48954 – Discourse is an open-source discussion platform. V

How to install stream to IoT platform — Total.js

CVE-2024-42699 – OpenCMS Cross-Site Scripting (XSS)

Simplify Real-Time Notifications with Laravel’s Anonymous Broadcasts

CVE-2025-6007 – “kiCode111 like-girl SQL Injection Vulnerability”

asdf is an extendable version manager

CVE-2025-36014 – IBM Integration Bus for z/OS Code Injection Vulnerability

CVE-2025-4057 – ActiveMQ Artemis Password Regeneration Vulnerability

CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

Related Posts