CVE-2016-10865
The CVE-2016-10865 issue affects the WordPress plugin Lightbox Plus Colorbox up to version 2.7.2 . The vulnerability is a CSRF fault on the admin page (wp-admin/admin.php?page=lightboxplus) that can lead to a resulting XSS vector. Root cause: inadequate CSRF protection on that admin entry point. ...