Vulnerabilities > ARI Soft > ARI Fancy Lightbox > 1.2.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-0161 | Cross-site Scripting vulnerability in Ari-Soft ARI Fancy Lightbox The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | 4.3 |