CVE-2026-0737 | gn_themes WP Shortcodes Plugin up to 7.4.7 on WordPress Shortcode su_lightbox src cross site scripting

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability labeled as problematic has been found in gn_themes WP Shortcodes Plugin up to 7.4.7 on WordPress. This affects the function su_lightbox of the component Shortcode Handler. The manipulation of the argument src results in cross site scripting.

This vulnerability is reported as CVE-2026-0737. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-0737 | gn_themes WP Shortcodes Plugin up to 7.4.7 on WordPress Shortcode su_lightbox src cross site scripting

Post correlati

CVE-2021-26115 | Fortinet FortiWAN up to 4.5.7 os command injection (FG-IR-21-069)

CVE-2025-25193 | netty up to 4.1.118 resource consumption (GHSA-389x-839f-4rhx)

CVE-2023-28546 | Qualcomm 4 Gen 1 Mobile Platform SPS Application memory corruption

CVE-2024-34586 | Samsung Devices up to SMR Feb-2021 Release 1 KnoxCustomManagerService insufficient permissions or privileges