cleantalk
Vulnerabilities and Security Researches

Easy FancyBox – WordPress Lightbox Plugin, CVE-2025-52707

CVE, Research URL

CVE-2025-52707

Home page URL

Security reports for Easy FancyBox – WordPress Lightbox Plugin

Application

Easy FancyBox – WordPress Lightbox Plugin

Published on
Jun 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FirelightWP Firelight Lightbox allows Stored XSS. This issue affects Firelight Lightbox: from n/a through 2.3.16.
Affected versions
Min -, max 2.3.17.
Status
vulnerable
Previous vulnerability researches
ShiftNav – Responsive Mobile Menu (CVE-2025-49243) , Jun 15, 2025
ShiftNav – Responsive Mobile Menu (CVE-2022-4627) , Jun 07, 2024
New vulnerability
App Builder – Create Native Android & iOS Apps On The Flight (CVE-2025-49989) , Jul 01, 2025
Sitekit (CVE-2025-50047) , Jul 01, 2025
Responsive Food and Drink Menu (CVE-2025-6378) , Jul 01, 2025
Flexo Counter (CVE-2025-50052) , Jul 01, 2025
Classified Listing – Classified ads & Business Directory Plugin (CVE-2025-52715) , Jul 01, 2025