VYPR

Responsive Lightbox & Gallery

by Responsive Lightbox & Gallery

CVEs (1)

  • CVE-2025-15386HigFeb 24, 2026
    risk 0.57cvss 8.8epss 0.00

    The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved.