exploitDog

GHSA-277x-frmf-w2gm

Опубликовано: 30 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks.

The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks.

Ссылки

EPSS

Процентиль: 25%

0.00083

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-3745

CVSS3: 6.3

nvd

5 месяцев назад

The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks.

EPSS

Процентиль: 25%

0.00083

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79