Lucene search
China National Vulnerability DatabaseCNVD-2023-04623HistoryMar 16, 2022 - 12:00 a.m.
WordPress ARI Fancy Lightbox plugin cross-site scripting vulnerability
2022-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
30.2%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. cross-site scripting vulnerability exists in versions of the WordPress ARI Fancy Lightbox plugin prior to 1.3.9, which stems from a vulnerability in the ARI Fancy Lightbox plugin fails to clean and escape msg parameters before exporting them to the admin page, which can be exploited by attackers to cause reflected cross-site scripting.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress ari fancy lightbox plugin | lt | 1.3.9 |
Related
cvelist
cvelist
CVE-2022-0161 ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
2022-03-14 14:41:19
nvd
nvd
CVE-2022-0161
2022-03-14 15:15:09
wpvulndb
wpvulndb
ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
2022-02-17 00:00:00
patchstack
patchstack
wpexploit
wpexploit
ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
2022-02-17 00:00:00
prion
prion
Cross site scripting
2022-03-14 15:15:00
cve
cve
CVE-2022-0161
2022-03-14 15:15:09