cleantalk
Vulnerabilities and Security Researches

Responsive Lightbox & Gallery, CVE-2025-9710

CVE, Research URL

CVE-2025-9710

Home page URL

Security reports for Responsive Lightbox & Gallery

Application

Responsive Lightbox & Gallery

Published on
Oct 06, 2025
Research Description
The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks.
Affected versions
max 2.5.3.
Status
vulnerable
Previous vulnerability researches
WP Newsletter Subscription (CVE-2024-44012) , Sep 28, 2024
New vulnerability
Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2024-8860) , Apr 26, 2026
Responsive Lightbox & Gallery (CVE-2025-9710) , Apr 26, 2026
Hostel (CVE-2025-6234) , Apr 26, 2026
Hostel (CVE-2025-6236) , Apr 26, 2026
MaxiBlocks Free Page Builder & Template Library (CVE-2026-2028) , Apr 26, 2026