CVE-2022-0161

The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

EUVD-2024-42346

Malicious code in bioql PyPI...

EUVD-2025-26993

Malicious code in bioql PyPI...

CVE-2025-58784

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784

CVE-2025-58784 affects the WordPress plugin ARI Fancy Lightbox. It is a Stored XSS due to improper input neutralization during web page generation, affecting ARI Fancy Lightbox versions through 1.4.0. The issue can store attacker-controlled input that is later reflected in pages. Remediation: upd...

CVE-2025-58784 WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

CVE-2025-58784 WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.4.0...

WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.4.0...

WordPress plugin ARI Fancy Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-36124

Name of the Vulnerable Software and Affected Versions: ARI Fancy Lightbox versions through 1.4.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, specifically a Stored Cross-site Scripting XSS issue. This allows for the injection of...

CVE-2024-47310

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310 WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310 WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2024-47310

CVE-2024-47310 affects the WordPress plugin ARI Fancy Lightbox (Popup for WordPress) up to version 1.3.17. Root cause: Improper input neutralization during web page generation, enabling stored XSS in the plugin’s output. Evidence in CVE records and Patchstack indicates the fix is to upgrade to ve...

PT-2024-32522 · Unknown · Ari Fancy Lightbox

Name of the Vulnerable Software and Affected Versions: ARI Fancy Lightbox versions 1.3.17 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

WordPress plugin ARI Fancy Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.3.17...

WordPress ARI Fancy Lightbox Plugin <= 1.3.17 is vulnerable to Cross Site Scripting (XSS)

Software ARI Fancy Lightbox Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47310 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3cc490ce7fcd Credits Robert DeVore Required privilege...