CVE-2025-3742

Name of the Vulnerable Software and Affected Versions: Responsive Lightbox & Gallery WordPress plugin versions prior to 2.5.1

Description: The issue concerns a Stored Cross-Site Scripting attack. Users with the contributor role and above can exploit this due to the plugin's failure to validate and escape some attributes before outputting them in a page or post.

Recommendations: For versions prior to 2.5.1, update to version 2.5.1 or later to resolve the issue. As a temporary workaround, consider restricting the contributor role and above to minimize the risk of exploitation.