4 matches found
CVE-2022-0161
The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0161
The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0161 ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0161
The CVE-2022-0161 issue affects the WordPress plugin ARI Fancy Lightbox prior to version 1.3.9. The root cause is failure to sanitize and escape the msg parameter when rendering it on an admin page, which enables a Reflected Cross-Site Scripting (XSS) vulnerability. Affected product: ARI Fancy Li...