Reflected Cross-Site Scripting (XSS) vulnerabilities discovered by Krzysztof Zając in WordPress ARI Fancy Lightbox plugin (versions <= 1.3.8).
Update the WordPress ARI Fancy Lightbox plugin to the latest available version (at least 1.3.9).