cleantalk
Vulnerabilities and Security Researches

Responsive Lightbox & Gallery, CVE-2025-9710

CVE, Research URL

CVE-2025-9710

Home page URL

Security reports for Responsive Lightbox & Gallery

Application

Responsive Lightbox & Gallery

Published on
Oct 06, 2025
Research Description
The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks.
Affected versions
max 2.5.3.
Status
vulnerable
Previous vulnerability researches
Event Tickets Manager for WooCommerce – Events and Bookings Calendar, Registration, Event Check-in Using Emails, Edit Your T (CVE-2026-34898) , Apr 26, 2026
New vulnerability
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-5035) , Apr 26, 2026
Elementor Header & Footer Builder (CVE-2025-9703) , Apr 26, 2026
Event Tickets Manager for WooCommerce – Events and Bookings Calendar, Registration, Event Check-in Using Emails, Edit Your T (CVE-2026-34898) , Apr 26, 2026
Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2024-8860) , Apr 26, 2026
Responsive Lightbox & Gallery (CVE-2025-9710) , Apr 26, 2026