CVE-2025-9710

Name of the Vulnerable Software and Affected Versions Responsive Lightbox & Gallery WordPress plugin versions prior to 2.5.3

Description The software does not properly handle HTML tag attribute modifications, which could allow unauthenticated attackers to include event handlers and conduct Stored Cross-Site Scripting (XSS) attacks. The issue allows abuse of the functionality through modifications to HTML tag attributes.

Recommendations Update to version 2.5.3 or later.