Firelightwp Firelight_lightbox
3 CVEs affecting Firelightwp Firelight_lightbox. Latest disclosed: 2025-06-27. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-3597 | Medium | 5.9 | 2025-05-12 | The Firelight Lightbox WordPress plugin before 2.3.15 does not prevent users with post writing capabilities from executing arbitrary Javascript when the jQuery… |
CVE-2024-50460 | Medium | 5.9 | 2024-10-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firelight Firelight Lightbox easy-fancybox allows Stored… |
CVE-2025-5035 | Medium | 5.4 | 2025-06-27 | The Firelight Lightbox WordPress plugin before 2.3.16 does not sanitise and escape title attributes before outputting them in the page, which could allow users… |