WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin FooBox Image Lightbox versions = 2.7.33...

WordPress FooBox plugin <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Robert DeVore in WordPress Plugin FooBox Image Lightbox versions = 2.7.34...

EUVD-2025-20387

Malicious code in bioql PyPI...

EUVD-2025-10480

Malicious code in bioql PyPI...

CVE-2025-5537

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2025-5537

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2025-5537

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting

The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2025-5537

The FooBox Lightbox & Modal Popup WordPress plugin (versions up to 2.7.34) is affected by a Stored Cross-Site Scripting vulnerability via image alt texts due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Author level or higher, enabling an a...

WordPress plugin Lightbox & Modal Popup WordPress Plugin – FooBox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Lightbox &...

PT-2025-28330 · WordPress · Foobox

Name of the Vulnerable Software and Affected Versions: The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress versions up to, and including, 2.7.34 Description: The issue is related to Stored Cross-Site Scripting via image alternative texts due to insufficient input sanitizatio...

CVE-2024-3276

The Lightbox & Modal Popup WordPress Plugin WordPress plugin before 2.7.28, foobox-image-lightbox-premium WordPress plugin before 2.7.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when...

CVE-2025-32139

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooBox Image Lightbox foobox-image-lightbox.This issue affects FooBox Image Lightbox : from n/a through = 2.7.33...

CVE-2025-32139

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooBox Image Lightbox foobox-image-lightbox.This issue affects FooBox Image Lightbox : from n/a through = 2.7.33...

CVE-2025-32139 WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bradvin FooBox Image Lightbox . This issue affects FooBox Image Lightbox : from n/a through 2.7.33...

CVE-2025-32139

CVE-2025-32139 refers to the WordPress plugin FooBox Image Lightbox (Lightbox) with an authenticated stored XSS vulnerability (Improper Neutralization of Input During Web Page Generation) affecting FooBox Image Lightbox versions from n/a up to 2.7.33. The Red Hat/Wordfence entries corroborate: vu...

CVE-2025-32139 WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooBox Image Lightbox foobox-image-lightbox.This issue affects FooBox Image Lightbox : from n/a through = 2.7.33...

WordPress plugin FooBox Image Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore in WordPress Plugin FooBox Image Lightbox versions = 2.7.33...