Firelightwp Lightpress Lightbox
2 CVEs affecting Firelightwp Lightpress Lightbox. Latest disclosed: 2026-04-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4379 | Medium | 6.4 | 2026-04-08 | The LightPress Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `group` attribute in the `[gallery]` shortcode in all version… |
CVE-2024-5425 | Medium | 6.4 | 2024-06-07 | The WP jQuery Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ attribute in all versions up to, and including, 1.5.4… |