Description prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. Remediation References CVE-2015-9478 Related Vulnerabilities Oracle HTTP Server CVE-2020-2545 Vulnerability (CVE-2020-2545) WordPress 3.8.x PHP Object Injection (3.8 - 3.8.35) WordPress Plugin WordPress Social Ring (Facebook Like, Google +1, ReTweet, LinkedIn and Pin It) Cross-Site Scripting (1.1.9) Atlassian Jira Missing Authorization Vulnerability (CVE-2019-20407) WordPress Plugin SpiderCatalog 's_p_c_t' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.1) Severity Medium Classification CVE-2015-9478 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities