Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-5092: DOM-Based Stored XSS in Multiple WordPress Plugins via lightGallery

www.wordfence.com 2025-11-20查看中文 →
Security AdvisoryCVE-2025-5092MediumWordPress
Affected:
  • Gallery with thumbnail slider <= 7.8
  • Ibtana – WordPress Website Builder <= 1.2.5.1
  • Image Hover Effects Ultimate <= 9.10.5
  • LightGallery WP <= 1.0.5
  • OnePress <= 2.3.15
Fixed in:
  • Ibtana – WordPress Website Builder 1.2.5.2
  • Portfolio, Gallery, Product Catalog – Grid KIT 2.2.2
  • Royal Addons for Elementor – Addons and Templates Kit for Elementor 1.7.1032
  • TP WooCommerce Product Gallery 2.0.0
Referenced CVEs: CVE-2025-5092 · 6.4
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from www.wordfence.com, cleaned by our LLM pipeline, and translated to English. View original.
More from this source
WordPress Logitivity Unauthenticated Information Disclosure via REST API 2026-05-10 WordPress E2Pdf Authenticated Stored XSS Vulnerability Advisory 2026-05-09 360 Secure Browser RCE Vulnerability (CVE-2024-4348) with POC 2026-05-09 Yonyou GRP-u8 Database Config Info Disclosure Vulnerability with POC 2026-05-09 Apache ActiveMQ CVE-2023-46604 RCE Vulnerability Analysis and Mitigation 2026-05-08
Offline Archive

Offline screenshot & PDF are Pro-exclusive

Upgrade to Pro