All 3 CVE vulnerabilities found in Album and Image Gallery plus Lightbox, with AI-generated Chinese analysis, references, and POCs.
Vendor: essentialplugin
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13612 | Album and Image Gallery Plus Lightbox <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin's Shortcode CWE-79 | 6.4 | Medium | 2026-02-19 |
| CVE-2023-25060 | WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability CWE-862 | 5.3 | Medium | 2024-12-09 |
| CVE-2024-4194 | Album and Image Gallery plus Lightbox <= 2.0 - Unauthenticated Arbitrary Shortcode Execution CWE-94 | 6.5 | Medium | 2024-06-06 |
All 3 known CVE vulnerabilities affecting Album and Image Gallery plus Lightbox with full Chinese analysis, references, and POCs where available.