VYPR

Gallery Blocks With Lightbox

by WordPress

CVEs (2)

  • CVE-2023-0441HigMar 27, 2023
    risk 0.53cvss 8.1epss 0.01

    The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which…

  • CVE-2024-5424MedJun 28, 2024
    risk 0.35cvss 6.4epss 0.00

    The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘galleryID’ and 'className' parameters in all versions up to, and…