The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-08-09T12:35:45

Updated: 2024-08-06T03:38:56.525Z

Reserved: 2019-08-09T00:00:00

Link: CVE-2016-10865

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-09T13:15:11.573

Modified: 2024-11-21T02:44:56.357

Link: CVE-2016-10865

cve-icon Redhat

No data.