cleantalk
Vulnerabilities and Security Researches

Easy FancyBox – WordPress Lightbox Plugin, CVE-2024-50460

CVE, Research URL

CVE-2024-50460

Home page URL

Security reports for Easy FancyBox – WordPress Lightbox Plugin

Application

Easy FancyBox – WordPress Lightbox Plugin

Published on
Oct 28, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FirelightWP Firelight Lightbox allows Stored XSS.This issue affects Firelight Lightbox: from n/a through 2.3.3.
Affected versions
max 2.3.4.
Status
vulnerable
Previous vulnerability researches
Easy FancyBox – WordPress Lightbox Plugin (CVE-2024-5020) , Dec 06, 2024
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-5035) , Apr 26, 2026
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-52707) , Jun 30, 2025
Easy FancyBox – WordPress Lightbox Plugin , Jul 24, 2024
Easy FancyBox – WordPress Lightbox Plugin (CVE-2024-50460) , Oct 27, 2024
New vulnerability
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-5035) , Apr 26, 2026
Elementor Header & Footer Builder (CVE-2025-9703) , Apr 26, 2026
Event Tickets Manager for WooCommerce – Events and Bookings Calendar, Registration, Event Check-in Using Emails, Edit Your T (CVE-2026-34898) , Apr 26, 2026
Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2024-8860) , Apr 26, 2026
Responsive Lightbox & Gallery (CVE-2025-9710) , Apr 26, 2026