121 matches found
CVE-2025-28935
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in puzich Fancybox Plus fancybox-plus allows Reflected XSS.This issue affects Fancybox Plus: from n/a through = 1.0.1...
CVE-2025-28935 WordPress Fancybox Plus plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in puzich Fancybox Plus fancybox-plus allows Reflected XSS.This issue affects Fancybox Plus: from n/a through = 1.0.1...
CVE-2025-28935
CVE-2025-28935 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin FancyBox Plus up to version 1.0.1 . The issue is described as an improper neutralization of input during web page generation, enabling reflected XSS attempts. The connected documents provide the same de...
WordPress plugin Fancybox Plus 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
WordPress Fancybox Plus plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by johska in WordPress Plugin Fancybox Plus versions = 1.0.1...
CVE-2025-23594
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Uzzal Mondal Google Map With Fancybox location-piker allows Reflected XSS.This issue affects Google Map With Fancybox: from n/a through = 2.1.0...
CVE-2024-54401
Cross-Site Request Forgery CSRF vulnerability in Ciprian Turcu Advanced Fancybox advanced-fancybox allows Stored XSS.This issue affects Advanced Fancybox: from n/a through = 1.1.1...
CVE-2025-23594
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Uzzal Mondal Google Map With Fancybox location-piker allows Reflected XSS.This issue affects Google Map With Fancybox: from n/a through = 2.1.0...
CVE-2025-23594 WordPress Google Map With Fancybox plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Uzzal Mondal Google Map With Fancybox location-piker allows Reflected XSS.This issue affects Google Map With Fancybox: from n/a through = 2.1.0...
CVE-2025-23594
CVE-2025-23594 is a reflected XSS in WordPress Google Map With Fancybox plugin (versions up to and including 2.1.0) caused by improper neutralization of inputs during web page generation. Public sources (NVD/Red Hat/CVE records) confirm the issue affects Google Map With Fancybox
WordPress plugin Google Map With Fancybox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2025-4961 · Unknown · Google Map With Fancybox
Name of the Vulnerable Software and Affected Versions: Google Map With Fancybox versions prior to 2.1.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS. Specifically, it enables Reflected XSS...
WordPress Google Map With Fancybox plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Google Map With Fancybox versions = 2.1.0...
CVE-2024-54401
Cross-Site Request Forgery CSRF vulnerability in Ciprian Turcu Advanced Fancybox advanced-fancybox allows Stored XSS.This issue affects Advanced Fancybox: from n/a through = 1.1.1...
CVE-2024-54401 WordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Ciprian Turcu Advanced Fancybox advanced-fancybox allows Stored XSS.This issue affects Advanced Fancybox: from n/a through = 1.1.1...
CVE-2024-54401
CVE-2024-54401 (Advanced Fancybox) is a Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in the Advanced Fancybox plugin. The vulnerability affects versions up to 1.1.1. The connected Red Hat/ENISA/Wordfence sources corroborate the CSRF-to-XSS pattern for this plugin...
CVE-2024-54401 WordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Ciprian Turcu Advanced Fancybox advanced-fancybox allows Stored XSS.This issue affects Advanced Fancybox: from n/a through = 1.1.1...
PT-2024-36288 · Unknown · Advanced Fancybox
Name of the Vulnerable Software and Affected Versions: Advanced Fancybox versions 1.1.1 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF problem that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web applicatio...
WordPress plugin Advanced Fancybox 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Advanced Fancybox versions = 1.1.1...