Fortinet Discovers WordPress WP Video Lightbox Plugin Cross-Site Scripting Vulnerability
Fortinet's FortiGuard Labs has discovered a cross-site scripting (XSS) vulnerability in WordPress WP Video Lightbox Plugin.
Wordpress WP Video Lightbox is a video plugin with over 60,000 active installations. The WordPress Video Lightbox plugin allows you to embed videos on a page using lightbox overlay display.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Aug 11, 2021
Upgrade to the version 1.9.3 or above.
Fortinet reported the vulnerability to Tips & Tricks HQ development team on August 9, 2021.
Tips & Tricks HQ confirmed the vulnerability on August 9, 2021.
Tips & Tricks HQ patched the vulnerability on August 16, 2021.