Lightpress Lightbox

2 CVEs affecting Lightpress Lightbox. Latest disclosed: 2025-05-12. Critical: 0, High: 0.

Top CVEs affecting Lightpress Lightbox
CVESeverityScorePublishedSummary
CVE-2025-3649Medium6.82025-05-12The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs, allowing users with at least the contr…
CVE-2024-5425Medium6.42024-06-07The WP jQuery Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ attribute in all versions up to, and including, 1.5.4…