CVE-2022-0161

The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

EUVD-2024-42346

Malicious code in bioql PyPI...

EUVD-2025-26993

Malicious code in bioql PyPI...

CVE-2025-58784

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784 WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784 WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784

CVE-2025-58784 affects the WordPress plugin ARI Fancy Lightbox. It is a Stored XSS due to improper input neutralization during web page generation, affecting ARI Fancy Lightbox versions through 1.4.0. The issue can store attacker-controlled input that is later reflected in pages. Remediation: upd...

WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.4.0...

WordPress plugin ARI Fancy Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-36124

Name of the Vulnerable Software and Affected Versions: ARI Fancy Lightbox versions through 1.4.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, specifically a Stored Cross-site Scripting XSS issue. This allows for the injection of...

CVE-2024-47310

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310 WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310 WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310

CVE-2024-47310 affects the WordPress plugin ARI Fancy Lightbox (Popup for WordPress) up to version 1.3.17. Root cause: Improper input neutralization during web page generation, enabling stored XSS in the plugin’s output. Evidence in CVE records and Patchstack indicates the fix is to upgrade to ve...

WordPress plugin ARI Fancy Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-32522 · Unknown · Ari Fancy Lightbox

Name of the Vulnerable Software and Affected Versions: ARI Fancy Lightbox versions 1.3.17 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.3.17...

WordPress ARI Fancy Lightbox Plugin <= 1.3.17 is vulnerable to Cross Site Scripting (XSS)

Software ARI Fancy Lightbox Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47310 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3cc490ce7fcd Credits Robert DeVore Required privilege...