Cross-site Scripting Vulnerability in Category Grid View Gallery Plugin for WordPress
CVE-2013-4117

Currently unrated

Key Information:

Vendor: Wordpress
Status: Category-grid-view-gallery
Vendor: CVE Published:; 16 July 2013

Summary

The Category Grid View Gallery plugin for WordPress is affected by a Cross-site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary HTML or web scripts via the ID parameter in the includes/CatGridPost.php file. This exposure can lead to unauthorized actions performed on behalf of users, compromising user data and site integrity. It is crucial for website administrators to ensure timely updates and implement security measures to mitigate such vulnerabilities.

References

http://osvdb.org/94805

vdb-entryx_refsource_OSVDB

http://openwall.com/lists/oss-security/2013/07/11/11

mailing-listx_refsource_MLIST

http://exploit.iedb.ir/exploits-177.html

x_refsource_MISC

Timeline

Vulnerability published
Jul 16, 2013
Vulnerability Reserved
Jun 12, 2013