23systems: Security Vulnerabilities
The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-08-09