Cross site scripting

2013-07-1614:08:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

Cross-site scripting (XSS) vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter.

CPENameOperatorVersion
category-grid-view-galleryeq2.3.1

CPE	Name	Operator	Version
	category-grid-view-gallery	eq	2.3.1

References

exploit.iedb.ir/exploits-177.html

openwall.com/lists/oss-security/2013/07/11/11

osvdb.org/94805

packetstormsecurity.com/files/122259/WordPress-Category-Grid-View-Gallery-XSS.html

seclists.org/bugtraq/2013/Jul/17

www.securityfocus.com/bid/60905

exchange.xforce.ibmcloud.com/vulnerabilities/85395