2 matches found
CVE-2013-3261
Cross-site scripting XSS vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action...
CVE-2013-3261
CVE-2013-3261 affects the WordPress GRAND FlAGallery plugin, specifically versions before 2.72. The vulnerability is a reflected XSS in wp-admin/admin.php where an attacker can inject arbitrary script/HTML through the s parameter in a flag-manage-gallery action. The issue is caused by insufficien...