Vulnerabilities > Noorsplugin > Responsive Lightbox2 > 1.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-3987 | Cross-site Scripting vulnerability in Noorsplugin Responsive Lightbox2 1.0.1/1.0.2/1.0.3 The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks | 5.4 |