CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

May 15, 2025

CVE ID : CVE-2025-3742

Published : May 15, 2025, 6:15 a.m. | 2 hours, 31 minutes ago

Description : The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48027 – pGina HttpAuth DNS Rebinding Vulnerability

Next Article CVE-2024-13914 – “WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability”

Highlights

CVE-2025-31241 – Apple iOS/WatchOS tvOS/PadOS Double Free Vulnerability

May 12, 2025

CVE ID : CVE-2025-31241

Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago

Description : A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

Microsoft plans to lay off 3% of its workforce, reportedly targeting management cuts as it changes to fit a “dynamic marketplace”

A cross-platform Markdown note-taking application

A cross-platform Markdown note-taking application

AI Assistant Demo & Tips for Enterprise Projects

Celebrating Global Accessibility Awareness Day (GAAD)

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

The 6 Linux distros I recommend most for gaming in 2025 – including my favorite

The best smart home tech of CES 2025

Kimi k1.5: A Next Generation Multi-Modal LLM Trained with Reinforcement Learning on Advancing AI with Scalable Multimodal Reasoning and Benchmark Excellence

How to Add a Header to a curl Request

CVE-2025-31241 – Apple iOS/WatchOS tvOS/PadOS Double Free Vulnerability

What’s the point of Headless?

Designing a website to not have 404s

‘Ninja Gaiden 2 Black’ highlights a major on-going issue with Xbox / PC Game Pass

CVE-2025-3742 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

Related Posts