Report of Security Vulnerability in wp video-lightbox Plugin

  • Resolved errorfix

    (@errorfix)


    11 months, 3 weeks ago

    Dear Support Team,
I have identified a security vulnerability within the wp video-lightbox plugin.
I am providing the details below.
"CWE 80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"


Flaw Category: Cross-Site Scripting

Description: This call contains a cross-site scripting (XSS) flaw. The application
populates the HTTP response with untrusted input, allowing an attacker
to embed malicious content, such as Javascript code, which will be
executed in the context of the victim's browser. XSS vulnerabilities are
commonly exploited to steal or manipulate cookies, modify presentation
of content, and compromise confidential information, with new attack
vectors being discovered on a regular basis.


    Following are the errors associated with the issue.
    Video_Lightbo x_Settings_Pa ge.prettyPhot…

    Please provide further details or clarifications regarding the errors.
    Thank you.

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Report of Security Vulnerability in wp video-lightbox Plugin’ is closed to new replies.