Lazysizes Project Lazysizes — known CVE vulnerabilities
Every CVE whose affected-product data names Lazysizes Project Lazysizes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2020-7642 — CVSS 5.4 (medium): lazysizes through 5.2.0 allows execution of malicious JavaScript. The following attributes are not sanitized by the video-embed plugin…