WordPress, asking WordPress publishers and users to upgrade immediately to FancyBox 3.0.4 and monitoring WordPress
sites for infections. The Wordfence blog iterates that the user should upgrade to any further releases from FancyBox. They
warned that issue may need further patching.
The issue was highlighted on WordPress forums recently. The investigation discovered what is apparently a zero day in
FancyBox plugin. It is advisable for all users of FancyBox plugin to update immediately and monitor their sites for any
FancyBox plugin releases.