Lucene search

K
patchstackIranian Exploit DataBasePATCHSTACK:967CAE3A938B58047D9AE6B41D559828
HistoryJul 02, 2013 - 12:00 a.m.

WordPress Category Grid View Gallery Plugin - Cross Site Scripting

2013-07-0200:00:00
Iranian Exploit DataBase
patchstack.com
1
wordpress
category grid view gallery
cross site scripting
update
software
vulnerability

WordPress Category Grid View Gallery plugin’s β€œID” parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication credentials. Other attacks are also possible.

Solution

           Update the plugin. 

Affected configurations

Vulners
Node
anshul_sharmacategory-grid-view-galleryRange≀1.0
VendorProductVersionCPE
anshul_sharmacategory-grid-view-gallery*cpe:2.3:a:anshul_sharma:category-grid-view-gallery:*:*:*:*:*:*:*:*