VYPR

FooBox

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-5537MedJul 8, 2025
    risk 0.42cvss 6.4epss 0.00

    The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2024-5668MedAug 8, 2024
    risk 0.35cvss 6.4epss 0.00

    The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 2.7.28 due to insufficient input sanitization and output escaping on user supplied…