CVE-2025-5035 – Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

June 27, 2025

CVE ID : CVE-2025-5035

Published : June 27, 2025, 6:15 a.m. | 53 minutes ago

Description : The Firelight Lightbox WordPress plugin before 2.3.16 does not sanitise and escape title attributes before outputting them in the page, which could allow users with a role as low as contributors to perform stored Cross-Site Scripting attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5093 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5194 – WordPress Map Block Stored Cross-Site Scripting

Highlights

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

May 1, 2025

CVE ID : CVE-2025-43595

Published : May 1, 2025, 10:15 p.m. | 1 hour, 12 minutes ago

Description : An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower privileged user to execute commands with root level privileges in the ‘Online Backup’ folder. Users are recommended to upgrade to MSP360 Backup 4.4 (released on 2025-04-22).

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

The top 4 Bluetooth speakers I’m taking everywhere this summer (including a surprise pick)

Your Android phone is getting a big security upgrade for free – here’s what’s new

How a 5-minute circuit scan saved me hundreds (and exposed a serious wiring surprise)

Using AI saves teachers ‘six weeks per year,’ Gallup poll finds – but at what cost?

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

ISO 20022 – End of MT Coexistence for Cash Instructions Fast Approaching

Building Trust and Shaping the Future: Implementing Responsible AI – Part 2

Windows 11 KB5060826 fixes slow Search, direct download links

Windows 11 KB5060826 fixes slow Search, direct download links

Rilasciata Tails 6.17: Più Privacy e Sicurezza con le Nuove Funzionalità

Rilasciata Deepin 25: La distribuzione GNU/Linux immutabile con assistente vocale e pacchetti universali

CVE-2025-5035 – Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

CVE-2025-6772 – Eosphoros-AI Db-GPT Path Traversal Vulnerability

CVE-2025-6773 – HKUDS LightRAG Path Traversal Vulnerability

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

STALKER 2’s 1.4 patch has arrived with over 700 gameplay fixes and improvements to enemy AI

openVidu is a platform to develop WebRTC real-time applications

Error’d: Mais Que Nada

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

4 Best Free and Open Source GUI Bookmark Managers

CVE-2025-48491 – Project AI Exposed Hardcoded API Key Vulnerability

CVE-2025-49251 – ThemBay Fana PHP Remote File Inclusion Vulnerability

CVE-2025-5035 – Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

Related Posts