Easy Fancybox < 1.8.18 - Authenticated Stored XSS

Affects Plugin

fixed in version 1.8.18

References

CVE 2019-16524
URL https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190911-01_Easy_FancyBox_WP_Plugin_Stored_XSS

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Jakob Hagl
Views 4388
Verified No
WPVDB ID 9891

Timeline

Publicly Published 2019-09-25 (2 months ago)
Added 2019-09-27 (2 months ago)
Last Updated 2019-11-28 (10 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin