Cross-Site Scripting Vulnerability in GRAND FlAGallery Plugin for WordPress
CVE-2013-3261

Currently unrated

Key Information:

Vendor: Wordpress
Status: Flash-album-gallery
Vendor: CVE Published:; 1 June 2013

What is CVE-2013-3261?

The GRAND FlAGallery plugin for WordPress is vulnerable to a cross-site scripting (XSS) issue that allows attackers to inject arbitrary web scripts or HTML. An exploit can occur via the 's' parameter in a flag-manage-gallery action within the wp-admin/admin.php file. This vulnerability could lead to unauthorized actions being executed in the context of the user’s session, potentially compromising the security of websites utilizing this plugin.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/53111

third-party-advisoryx_refsource_SECUNIA

http://wordpress.org/plugins/flash-album-gallery/changelog/

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 1, 2013

JSON

Wordpress

What is CVE-2013-3261?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.