CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-3987

The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.0%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/d9309a09-34ba-4e56-b683-e677ad277b29
https://wpscan.com/vulnerability/d9309a09-34ba-4e56-b683-e677ad277b29

Products affected by CVE-2022-3987

Noorsplugin » Responsive Lightbox2 » Version: N/A

cpe:2.3:a:noorsplugin:responsive_lightbox2:-
Noorsplugin » Responsive Lightbox2 » Version: 1.0.1

cpe:2.3:a:noorsplugin:responsive_lightbox2:1.0.1
Noorsplugin » Responsive Lightbox2 » Version: 1.0.2

cpe:2.3:a:noorsplugin:responsive_lightbox2:1.0.2
Noorsplugin » Responsive Lightbox2 » Version: 1.0.3

cpe:2.3:a:noorsplugin:responsive_lightbox2:1.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-3987

Products

Pricing

Contact Us