cleantalk
Vulnerabilities and Security Researches

Responsive Lightbox & Gallery, CVE-2025-5093

CVE, Research URL

CVE-2025-5093

Home page URL

Security reports for Responsive Lightbox & Gallery

Application

Responsive Lightbox & Gallery

Published on
Jun 27, 2025
Research Description
The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions
max 2.5.2.
Status
vulnerable
Previous vulnerability researches
Portfolio & Image Gallery for WordPress | PowerFolio (CVE-2024-22150) , Jun 07, 2024
Portfolio & Image Gallery for WordPress | PowerFolio (2dcc339fa5572c0b8975f48ffa24bcca0ae340a1) , Jun 07, 2024
Portfolio & Image Gallery for WordPress | PowerFolio (CVE-2022-4765) , Jun 07, 2024
Portfolio & Image Gallery for WordPress | PowerFolio (CVE-2025-57932) , Apr 24, 2026
Portfolio & Image Gallery for WordPress | PowerFolio (CVE-2022-4974) , Nov 15, 2024
New vulnerability
SnapWidget Social Photo Feed Widget (CVE-2025-58241) , Apr 25, 2026
Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider (CVE-2025-59573) , Apr 25, 2026
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2025-7721) , Apr 25, 2026
World first Lifetime free Form Builder for WordPress (CVE-2025-58957) , Apr 25, 2026
Ultimate Classified Listings (CVE-2025-9874) , Apr 25, 2026