Contributor+ DOM-Based Stored XSS via FancyBox JavaScript Library

  • Resolved Randy Walker

    (@randy)


    1 year, 1 month ago

    This vulnerability is supposedly fixed in 2.1.12 but the most recent version on the plugin directory is 2.0.14. Where is the version with the vulnerability fix? Is it a typo—was it fixed in 2.0.12?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Eugene White

    (@eugenewhite)

    1 year, 1 month ago

    Hello, Randy.  

    Thank you for your question. 

    Yes, looks like Wordfence made a mistake in our plugin version. 

    The latest version of the plugin is 2.0.14 and the vulnerability you’re referring to was addressed in version 2.0.12

    Plugin Support Eugene White

    (@eugenewhite)

    9 months, 3 weeks ago

    Hello!

    Since we haven’t heard from you in a while, we’ll go ahead and mark this topic as resolved. 

    If you have any further questions or need our assistance, please feel free to reach out by submitting a new inquiry. 

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Contributor+ DOM-Based Stored XSS via FancyBox JavaScript Library’ is closed to new replies.