fkie_cve-2013-3261
Vulnerability from fkie_nvd
Published
2013-06-01 14:21
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5431205-99DC-45DC-834F-13B78A220B07",
"versionEndIncluding": "2.71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B283E9-11B4-4D85-BBE0-1944DC6AC5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD05D54-C5D5-415B-942A-7AF8C0635351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C33BECFB-AD7F-47D5-9332-6344A8F91519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF3BF39-6419-41B7-BEEE-438CAE72C085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "21B3EE5D-4FE6-4799-8ACB-637E1B8F5DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "78507237-70B3-4809-9985-168E680E42D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA928D5-BA70-4D5D-B3DD-26A1EDD93F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "36E9BCDD-CA2A-47E1-B365-5B3E80A5AF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "1C219F66-800F-4BFC-B66F-4E52EB27ACFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl1:*:*:*:*:*:*",
"matchCriteriaId": "49223070-2A2A-4505-9135-CD393E6B6487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl2:*:*:*:*:*:*",
"matchCriteriaId": "EA296C5E-C125-4C95-B074-08DEDCD3FB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl3:*:*:*:*:*:*",
"matchCriteriaId": "6CF0002E-35F7-4DD7-88CE-5D42024A4AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "2F48B2E2-EB41-40F5-AACF-34BDF5816B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9C8787-8974-4A9D-AE11-54D9A948C6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "79283AD5-6999-466B-859A-6385C22854E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "26E85C19-EF3D-4ACF-8675-F4366341C20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "876C6277-D21A-4E6A-945D-7BE1BED2C2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF7BF58-F402-4816-A3CE-3AEA3C63CB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "5A14014C-B98D-4F70-8505-3CDFAF9A1B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "60A36473-9A55-45B5-999E-7772B754F10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF7DFD-AC34-42FD-B36B-1B0CEFA9FE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "156932A7-9416-4597-96B1-C4B0EC9FDDA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D884C-29B3-4376-B871-7C5265642348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "44D65B1E-D982-44F5-8C70-C9205B660D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "5164FFE0-4254-4741-B014-AF84AD5987D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "E04F584D-E87B-4ADA-B6D6-E2BFC6F58EB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "F678272E-59F0-41BA-8CE8-057B473DDB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "C20ABCDF-0E3D-40F9-9FD5-A53D33AC9068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:pl1:*:*:*:*:*:*",
"matchCriteriaId": "104E56D2-3219-46EF-AA44-CE1986FD290F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "D538AA95-6B56-4F6F-828E-0522F4495E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AE6C8A-022E-4469-A343-913B8E3B79D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2C440B-7588-43A6-BBBD-9C6DAB07967F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3F87CE34-9189-4EA4-83BD-7E5A552FB596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF2417A-DCDC-44A9-8E42-F884604CD850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA38E2F5-D1B8-43D6-8556-5063F0CD8708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "767AF04C-B814-4CB6-9FF3-E1037EACACA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FC86B466-2F1C-4DA1-99B3-5087DD278825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD3BF1D-44D7-4C48-94CD-BABB111AAA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "847B778A-2761-47A3-8AB5-34D43B06B4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBF67C0-95C7-4FCD-97FC-19C3DA204D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E92415D6-4E40-4D70-8C5B-A3BA319648A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "E811A964-6BA3-4569-99F6-67B84AAFC4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "143C730B-6B21-461C-81D6-ECDD6F073AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A12B83-DD28-4703-BF9B-36460F52F0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "36097EB6-4D29-4C24-987A-364EAD085D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "C5764E06-71B0-4D0B-8E5C-52E5FE1CC8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "B414EC04-848D-4C80-8E35-11128D73F8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "B35AEA41-1FFB-4E71-8F27-458EC93EA40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.47:*:*:*:*:*:*:*",
"matchCriteriaId": "6401403C-FCCB-416A-9E0F-F7EB2E706184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "A245014D-B81C-43C2-936F-C60CBD0EC0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.49:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9815C9-80A4-451D-BFA5-315A49712989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.50:*:*:*:*:*:*:*",
"matchCriteriaId": "AD148703-7B99-419B-A52E-4A8A1848635F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.51:*:*:*:*:*:*:*",
"matchCriteriaId": "BB22A347-9DA2-4C6E-8FD8-C8EAFE2C124E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.52:*:*:*:*:*:*:*",
"matchCriteriaId": "1784F89F-3FFB-4EB5-B6BE-734D6159DC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD72121-BF91-480F-8189-74F1E8D9EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "BED203BF-A514-4C37-9206-B8E595902A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.55:*:*:*:*:*:*:*",
"matchCriteriaId": "807690AE-6828-48A0-8489-E9A53B251F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.56:*:*:*:*:*:*:*",
"matchCriteriaId": "A13366B2-A10C-4BD4-A463-7E176999D380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.57:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B68C94-E39F-4D48-BF03-2E6242BA8D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.58:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FDC387-1E17-412A-A34F-2F372B0B36DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.59:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA7AE12-64A5-420A-B30F-4BC7E480A514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.60:*:*:*:*:*:*:*",
"matchCriteriaId": "2872C912-CDC8-4F7B-9959-A64F76B6FA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.61:*:*:*:*:*:*:*",
"matchCriteriaId": "4D85EF10-DE05-4E30-90A6-B3DBC146F3AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.62:*:*:*:*:*:*:*",
"matchCriteriaId": "2EACCB37-3416-4407-9ABB-0F02C1CD2F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "B759871E-7643-42F4-B287-D3E48CD2CF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.64:*:*:*:*:*:*:*",
"matchCriteriaId": "91094369-5DF6-4AC5-8BCE-0CB1E5AB642A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.65:*:*:*:*:*:*:*",
"matchCriteriaId": "653F51C2-59F4-4148-8AC3-629FE7AED9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.66:*:*:*:*:*:*:*",
"matchCriteriaId": "C844B9ED-CB4B-4C48-B379-2A0610D0A3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.67:*:*:*:*:*:*:*",
"matchCriteriaId": "17F65E8F-8EB6-4A6D-9EFF-027AEBAD0EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "125EB36D-7246-40C6-A8B3-C82DC9CBD253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.71:*:*:*:*:*:*:*",
"matchCriteriaId": "59E205DE-097F-4CE0-B39A-534D78A665AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E10EDF-64E5-4111-B7C0-3B1F8DCE568F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "69A8260E-6F44-4C1D-A733-8E4F1A60DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.74:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC7E061-2A8B-4387-A318-5EF19980386B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.75:*:*:*:*:*:*:*",
"matchCriteriaId": "37657368-33FC-4E20-BF97-5230501F1E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "75066A0E-0E48-48E2-88C0-95CD4D8CDE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.77:*:*:*:*:*:*:*",
"matchCriteriaId": "4208D127-69F6-41C0-8930-957C9B6D5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.78:*:*:*:*:*:*:*",
"matchCriteriaId": "E60DFDDA-578F-49F7-B756-35069BB29F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9EAA97-18C5-46E6-9175-ADCC6EEF7656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.80:*:*:*:*:*:*:*",
"matchCriteriaId": "10DB67D8-6F9A-4508-ABB3-5C24ECDE76DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.81:*:*:*:*:*:*:*",
"matchCriteriaId": "D89C5119-F0BA-48DE-93F9-D96E42BF8F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.82:*:*:*:*:*:*:*",
"matchCriteriaId": "B79BA7BB-3F3F-4C27-A261-25F49C3117C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B056BAC2-C400-43DE-B57C-F894DB27E1A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCE7105-43C5-480E-AE35-B48CB3D6A710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.85:*:*:*:*:*:*:*",
"matchCriteriaId": "22EA8BA1-FE4D-4B48-8F29-35E7529732FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "AE19563A-3B80-40D0-8235-053CD3B295EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "23EC4B90-F713-476C-9330-D11F2B7B991A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6437CF95-9C2C-45D9-B811-AFD00DC7C5E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FB330525-8278-4F66-B933-8947BBE40533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1C177F08-9992-41A3-94D7-98A26CA5D55F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C35CC8D9-3E24-4A2A-BCCC-6111220C73FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "62A00538-48F1-4442-AD22-4D3E75CF0F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72CE517C-A261-4323-AA13-C6EE36DA7829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4DCAC2EE-9F4C-45AB-ABDA-0FD9316685CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3B348CBD-1400-4B83-89D0-6A69DDAAA92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0A2B69-4B77-4D7C-BD41-36A79F9196AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "C4639264-BD28-47FA-818A-CD425546FB8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D4D9D0-35E9-4E82-B639-4D6126F764DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDB4C54-0EAC-45E5-8FE4-0F977C8E800C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.54:*:*:*:*:*:*:*",
"matchCriteriaId": "39EE5E5F-53AF-47CB-8045-6A9C39EB2065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.55:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE99327-F726-489E-9994-BA1E635EBBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.56:*:*:*:*:*:*:*",
"matchCriteriaId": "B85CD453-0BFB-4C75-94FD-03BAF74A6D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.70:*:*:*:*:*:*:*",
"matchCriteriaId": "7A25BA7F-6F57-404E-93E1-52A86BE82A30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados en wp-admin/admin.php en el complemnto GRAND FlAGallery anteriores a v2.72 para WordPress permite a a atacantes remotos a inyectar secuencias de comandos Web o HTML a trav\u00e9s del par\u00e1metro s en una acci\u00f3n flag-manage-gallery."
}
],
"id": "CVE-2013-3261",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-06-01T14:21:06.127",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53111"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…