The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-09T12:35:45
Updated: 2024-08-06T03:38:56.525Z
Reserved: 2019-08-09T00:00:00
Link: CVE-2016-10865
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-08-09T13:15:11.573
Modified: 2019-08-15T13:26:25.280
Link: CVE-2016-10865
Redhat
No data.