CVE-2023-45747
WordPress WP Lightbox 2 Plugin <= 3.0.6.5 is vulnerable to Cross Site Scripting (XSS)Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Syed Balkhi WP Lightbox 2 plugin <= 3.0.6.5 versions.
We have discovered 22,682 live websites that are affected by CVE-2023-45747.
Affected Software
| Product |  WP Lightbox 2 |
| Category | Wordpress Plugins |
| Vulnerable Domains | 22,682 live websites (100.00% of WP Lightbox 2 install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 5 versions ( 100.00% of all versions) |
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')Details
- Published - Oct 24, 2023
- Updated - Feb 19, 2025
Credits
- Rio Darmawan (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2023-45747 usage by Country
 United States | 3,754 websites |
 Germany | 4,462 websites |
 Japan | 2,981 websites |
 Poland | 1,655 websites |
 Russia | 1,504 websites |
 France | 1,388 websites |
 GB | 522 websites |
 Netherlands | 518 websites |
 Canada | 452 websites |
 Switzerland | 392 websites |
CVE-2023-45747 usage by TLD
| .com | 7,022 websites |
| .de | 3,285 websites |
| .ru | 1,374 websites |
| .pl | 1,263 websites |
| .org | 770 websites |
| .net | 724 websites |
| .jp | 671 websites |
| .fr | 613 websites |
| .nl | 473 websites |
| .co.jp | 402 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-45747
Top websites that are affected by CVE-2023-45747. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **************.pl | Poland | **,*** | |
| **************.com |  Czech Republic | **,*** | |
| *****.**.gov | United States | **,*** | |
| ****.**.gov | United States | **,*** | |
| ************.com | United States | **,*** | |
| *******.org | GB | **,*** | |
| *****.com | United States | **,*** | |
| ******.com | United States | **,*** | |
| ***************.com |  Singapore | **,*** | |
| ****.eu | GB | **,*** |
FAQ
CVE-2023-45747 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in WP Lightbox 2
A total of 22,682 websites have been identified as vulnerable to CVE-2023-45747, discovered through global website indexing conducted by WebTechSurvey.
WP Lightbox 2 is susceptible to CVE-2023-45747 vulnerability.
WP Lightbox 2 versions before, and including, 3.0.6.5 are vulnerable to CVE-2023-45747.