JVN#39819446: WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting

2017-07-04T00:00:00
ID JVN:39819446
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-07-04T00:00:00

Description

## Description

The WordPress plugin "Responsive Lightbox" provided by dFactory contains a reflected cross-site scripting vulnerability (CWE-79).

## Impact

An arbitrary script may be executed on the logged in user's web browser.

## Solution

Update the plugin
Update the plugin according to the information provided by the developer.

## Products Affected

  • Responsive Lightbox prior to version 1.7.2