Medium severity6.1NVD Advisory· Published Mar 14, 2022· Updated Jun 17, 2026
CVE-2022-0161
CVE-2022-0161
Description
The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ARI/ARI Fancy Lightbox WordPress plugindescription
- Range: <1.3.9
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2680993nvdPatchThird Party Advisory
- wpscan.com/vulnerability/6b37fa17-0dcb-47a7-b1eb-f9f6abb458c0nvdExploitPatchThird Party Advisory
News mentions
0No linked articles in our index yet.