Title: Contributor+ DOM-Based Stored XSS via FancyBox JavaScript Library
Last modified: March 11, 2025

---

# Contributor+ DOM-Based Stored XSS via FancyBox JavaScript Library

 *  Resolved [Randy Walker](https://wordpress.org/support/users/randy/)
 * (@randy)
 * [1 year, 1 month ago](https://wordpress.org/support/topic/contributor-dom-based-stored-xss-via-fancybox-javascript-library/)
 * This vulnerability is supposedly fixed in 2.1.12 but the most recent version 
   on the plugin directory is 2.0.14. Where is the version with the vulnerability
   fix? Is it a typo—was it fixed in 2.0.12?
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fcontributor-dom-based-stored-xss-via-fancybox-javascript-library%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Support [Eugene White](https://wordpress.org/support/users/eugenewhite/)
 * (@eugenewhite)
 * [1 year, 1 month ago](https://wordpress.org/support/topic/contributor-dom-based-stored-xss-via-fancybox-javascript-library/#post-18361480)
 * Hello, Randy.  
 * Thank you for your question. 
 * Yes, looks like Wordfence made a mistake in our plugin version. 
 * The latest version of the plugin is 2.0.14 and the vulnerability you’re referring
   to was addressed in version 2.0.12
 *  Plugin Support [Eugene White](https://wordpress.org/support/users/eugenewhite/)
 * (@eugenewhite)
 * [10 months ago](https://wordpress.org/support/topic/contributor-dom-based-stored-xss-via-fancybox-javascript-library/#post-18529638)
 * Hello!
 * Since we haven’t heard from you in a while, we’ll go ahead and mark this topic
   as resolved. 
 * If you have any further questions or need our assistance, please feel free to
   reach out by submitting a new inquiry. 
 * Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Contributor+ DOM-Based Stored XSS via FancyBox JavaScript Library’ is
closed to new replies.

 * ![](https://ps.w.org/getwid/assets/icon.svg?rev=2238400)
 * [Getwid - Gutenberg Blocks](https://wordpress.org/plugins/getwid/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/getwid/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/getwid/)
 * [Active Topics](https://wordpress.org/support/plugin/getwid/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/getwid/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/getwid/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [Eugene White](https://wordpress.org/support/users/eugenewhite/)
 * Last activity: [10 months ago](https://wordpress.org/support/topic/contributor-dom-based-stored-xss-via-fancybox-javascript-library/#post-18529638)
 * Status: resolved