Support » Plugin: FancyBox for WordPress » [Fixed] Not safe!

  • Hi,

    My blog has been hacked because of this plugin.

    There is a security issue. It’s allow to inject some JS code in your pages.

    @moskis: If you want to fix this, I can give you the way to reproduce this issue.

    Edit: The issue was fixed! Thanks for the support! I’m using this plugin since 5 years, it rocks!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Hi mickaelb,

    Sorry for the inconvenience.

    Please do let me know about the issue, you can email me: jose at

    Hi José,

    Thanks for this answer, I wasn’t sure you are still active here…

    I send you an email with more details!

    Jose, has the plugin be patched. The reason asked was because it was removed earlier from WordPress, but now it’s back up.



    The patch has been applied and the update should be appearing now as version 3.0.3.

    Another patch will appear shortly that renames the affected setting (Extra Calls), to make sure the malicious code is not causing trouble for users that update the plugin without removing the actual malicious code.


    Thank you for the support!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Fixed] Not safe!’ is closed to new replies.