VYPR
Medium severity6.1NVD Advisory· Published Aug 9, 2019· Updated Jun 17, 2026No known patch

CVE-2016-10865

CVE-2016-10865

Description

The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.