All 3 CVE vulnerabilities found in Image Source Control Lite – Show Image Credits and Captions, with AI-generated Chinese analysis, references, and POCs.
Vendor: Thomas Maier
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4852 | Image Source Control Lite – Show Image Credits and Captions <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'Image Source' Field CWE-79 | 6.4 | Medium | 2026-04-20 |
| CVE-2024-13515 | Image Source Control Lite – Show Image Credits and Captions <= 2.28.0 - Reflected Cross-Site Scripting CWE-79 | 6.1 | Medium | 2025-01-18 |
| CVE-2023-52187 | WordPress Image Source Control Plugin <= 2.17.0 is vulnerable to Sensitive Data Exposure CWE-200 | 5.3 | Medium | 2024-01-26 |
All 3 known CVE vulnerabilities affecting Image Source Control Lite – Show Image Credits and Captions with full Chinese analysis, references, and POCs where available.