CVE-2025-28890 Information

Mar 27, 2025 cve

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in NotFound Lightview Plus allows Reflected XSS. This issue affects Lightview Plus: from n/a through 3.1.3.

Reference

https://patchstack.com/database/wordpress/plugin/lightview-plus/vulnerability/wordpress-lightview-plus-plugin-3-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Share on: