Vulnerabilities > Status301 > Easy Fancybox > 1.5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-26 | CVE-2019-16524 | Cross-site Scripting vulnerability in Status301 Easy Fancybox The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBox) is susceptible to Stored XSS in the Settings Menu inc/class-easyfancybox.php due to improper encoding of arbitrarily submitted settings parameters. | 3.5 |