CVE-2025-5093 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

June 27, 2025

CVE ID : CVE-2025-5093

Published : June 27, 2025, 6:15 a.m. | 53 minutes ago

Description : The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5526 – BuddyPress Docs Information Disclosure Vulnerability

Next Article CVE-2025-5035 – Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

Highlights

CVE-2025-54062 – WeGIA SQL Injection Vulnerability

July 17, 2025

CVE ID : CVE-2025-54062

Published : July 17, 2025, 3:15 p.m. | 3 hours, 21 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `/html/funcionario/profile_dependente.php` endpoint, specifically in the `id_dependente` parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.4.6 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-5093 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

Rilasciata Slackel 8.0: Una Distribuzione GNU/Linux Basata su Slackware

JetBrains YouTrack Price Hike: New Plans & Features Arrive October 1, 2025

Rilasciata Commodore OS Vision 3.0: la distribuzione GNU/Linux per chi ama giocare e il retrocomputing

Microsoft AI Introduces Code Researcher: A Deep Research Agent for Large Systems Code and Commit History

CVE-2025-54062 – WeGIA SQL Injection Vulnerability

CVE-2025-53176 – Adobe Illustrator Heap-Based Buffer Overflow

SonicWall Issues Patch for Exploit Chain in SMA Devices

Ivanti Endpoint Manager Mobile Vulnerabilities Allow Attackers to Decrypt Other Users’ Passwords

CVE-2025-5093 – WordPress Responsive Lightbox & Gallery Stored Cross-Site Scripting Vulnerability

Related Posts