Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-54051: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in bPlugins LightBox Block

Medium
VulnerabilityCVE-2025-54051cvecve-2025-54051cwe-79
Published: Wed Jul 16 2025 (07/16/2025, 10:36:52 UTC)
Source: CVE Database V5
Vendor/Project: bPlugins
Product: LightBox Block

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LightBox Block allows Stored XSS. This issue affects LightBox Block: from n/a through 1.1.30.

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-07-16T08:52:07.076Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 687782fba83201eaacd9799f

Added to database: 7/16/2025, 10:46:19 AM

Last updated: 7/16/2025, 10:46:19 AM

Views: 1

Related Threats

CVE-2025-54050: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in CyberChimps Responsive Addons for Elementor

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54047: CWE-862 Missing Authorization in QuanticaLabs Cost Calculator

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54043: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in YayCommerce SMTP for Amazon SES

High
VulnerabilityWed Jul 16 2025

CVE-2025-54042: CWE-352 Cross-Site Request Forgery (CSRF) in xfinitysoft WP Post Hide

Medium
VulnerabilityWed Jul 16 2025

CVE-2025-54041: CWE-352 Cross-Site Request Forgery (CSRF) in WP Swings Wallet System for WooCommerce

Medium
VulnerabilityWed Jul 16 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats