Medium 6.5
2025-08-20< 1.1.6
CVE-2025-49397
WP Colorbox
Minimum safe version
1.1.6
Update to 1.1.6 or later to address 4 fixable vulnerabilities
Latest available1.1.6 ✓
N/A
< 1.1.5
Colorbox Lightbox < 1.1.5 - Contributor+ Stored Cross-Site Scripting
N/A
2020-08-14< 1.1.5
WordPress Colorbox Lightbox Plugin <= 1.1.4 - Stored Cross-Site Scripting
N/A
2020-08-17< 1.1.3
WordPress Colorbox Lightbox plugin <= 1.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability