Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-3261

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action.

Published

2013-06-01T14:21:06.127

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	photogallerycreator	flash-album-gallery	≤ 2.71	Yes
Application	photogallerycreator	flash-album-gallery	0.29	Yes
Application	photogallerycreator	flash-album-gallery	0.32	Yes
Application	photogallerycreator	flash-album-gallery	0.33	Yes
Application	photogallerycreator	flash-album-gallery	0.34	Yes
Application	photogallerycreator	flash-album-gallery	0.35	Yes
Application	photogallerycreator	flash-album-gallery	0.36	Yes
Application	photogallerycreator	flash-album-gallery	0.37	Yes
Application	photogallerycreator	flash-album-gallery	0.38	Yes
Application	photogallerycreator	flash-album-gallery	0.39	Yes
Application	photogallerycreator	flash-album-gallery	0.39	Yes
Application	photogallerycreator	flash-album-gallery	0.39	Yes
Application	photogallerycreator	flash-album-gallery	0.39	Yes
Application	photogallerycreator	flash-album-gallery	0.40	Yes
Application	photogallerycreator	flash-album-gallery	0.41	Yes
Application	photogallerycreator	flash-album-gallery	0.42	Yes
Application	photogallerycreator	flash-album-gallery	0.43	Yes
Application	photogallerycreator	flash-album-gallery	0.44	Yes
Application	photogallerycreator	flash-album-gallery	0.45	Yes
Application	photogallerycreator	flash-album-gallery	0.46	Yes
Application	photogallerycreator	flash-album-gallery	0.49	Yes
Application	photogallerycreator	flash-album-gallery	0.50	Yes
Application	photogallerycreator	flash-album-gallery	0.52	Yes
Application	photogallerycreator	flash-album-gallery	0.53	Yes
Application	photogallerycreator	flash-album-gallery	0.54	Yes
Application	photogallerycreator	flash-album-gallery	0.55	Yes
Application	photogallerycreator	flash-album-gallery	0.56	Yes
Application	photogallerycreator	flash-album-gallery	0.57	Yes
Application	photogallerycreator	flash-album-gallery	0.58	Yes
Application	photogallerycreator	flash-album-gallery	0.58	Yes
Application	photogallerycreator	flash-album-gallery	0.59	Yes
Application	photogallerycreator	flash-album-gallery	0.60	Yes
Application	photogallerycreator	flash-album-gallery	0.61	Yes
Application	photogallerycreator	flash-album-gallery	1.11	Yes
Application	photogallerycreator	flash-album-gallery	1.12	Yes
Application	photogallerycreator	flash-album-gallery	1.13	Yes
Application	photogallerycreator	flash-album-gallery	1.20	Yes
Application	photogallerycreator	flash-album-gallery	1.21	Yes
Application	photogallerycreator	flash-album-gallery	1.22	Yes
Application	photogallerycreator	flash-album-gallery	1.23	Yes
Application	photogallerycreator	flash-album-gallery	1.31	Yes
Application	photogallerycreator	flash-album-gallery	1.32	Yes
Application	photogallerycreator	flash-album-gallery	1.33	Yes
Application	photogallerycreator	flash-album-gallery	1.40	Yes
Application	photogallerycreator	flash-album-gallery	1.41	Yes
Application	photogallerycreator	flash-album-gallery	1.42	Yes
Application	photogallerycreator	flash-album-gallery	1.43	Yes
Application	photogallerycreator	flash-album-gallery	1.44	Yes
Application	photogallerycreator	flash-album-gallery	1.45	Yes
Application	photogallerycreator	flash-album-gallery	1.47	Yes
Application	photogallerycreator	flash-album-gallery	1.48	Yes
Application	photogallerycreator	flash-album-gallery	1.49	Yes
Application	photogallerycreator	flash-album-gallery	1.50	Yes
Application	photogallerycreator	flash-album-gallery	1.51	Yes
Application	photogallerycreator	flash-album-gallery	1.52	Yes
Application	photogallerycreator	flash-album-gallery	1.53	Yes
Application	photogallerycreator	flash-album-gallery	1.54	Yes
Application	photogallerycreator	flash-album-gallery	1.55	Yes
Application	photogallerycreator	flash-album-gallery	1.56	Yes
Application	photogallerycreator	flash-album-gallery	1.57	Yes
Application	photogallerycreator	flash-album-gallery	1.58	Yes
Application	photogallerycreator	flash-album-gallery	1.59	Yes
Application	photogallerycreator	flash-album-gallery	1.60	Yes
Application	photogallerycreator	flash-album-gallery	1.61	Yes
Application	photogallerycreator	flash-album-gallery	1.62	Yes
Application	photogallerycreator	flash-album-gallery	1.63	Yes
Application	photogallerycreator	flash-album-gallery	1.64	Yes
Application	photogallerycreator	flash-album-gallery	1.65	Yes
Application	photogallerycreator	flash-album-gallery	1.66	Yes
Application	photogallerycreator	flash-album-gallery	1.67	Yes
Application	photogallerycreator	flash-album-gallery	1.70	Yes
Application	photogallerycreator	flash-album-gallery	1.71	Yes
Application	photogallerycreator	flash-album-gallery	1.72	Yes
Application	photogallerycreator	flash-album-gallery	1.73	Yes
Application	photogallerycreator	flash-album-gallery	1.74	Yes
Application	photogallerycreator	flash-album-gallery	1.75	Yes
Application	photogallerycreator	flash-album-gallery	1.76	Yes
Application	photogallerycreator	flash-album-gallery	1.77	Yes
Application	photogallerycreator	flash-album-gallery	1.78	Yes
Application	photogallerycreator	flash-album-gallery	1.79	Yes
Application	photogallerycreator	flash-album-gallery	1.80	Yes
Application	photogallerycreator	flash-album-gallery	1.81	Yes
Application	photogallerycreator	flash-album-gallery	1.82	Yes
Application	photogallerycreator	flash-album-gallery	1.83	Yes
Application	photogallerycreator	flash-album-gallery	1.84	Yes
Application	photogallerycreator	flash-album-gallery	1.85	Yes
Application	photogallerycreator	flash-album-gallery	1.90	Yes
Application	photogallerycreator	flash-album-gallery	2.00	Yes
Application	photogallerycreator	flash-album-gallery	2.10	Yes
Application	photogallerycreator	flash-album-gallery	2.11	Yes
Application	photogallerycreator	flash-album-gallery	2.12	Yes
Application	photogallerycreator	flash-album-gallery	2.14	Yes
Application	photogallerycreator	flash-album-gallery	2.15	Yes
Application	photogallerycreator	flash-album-gallery	2.16	Yes
Application	photogallerycreator	flash-album-gallery	2.17	Yes
Application	photogallerycreator	flash-album-gallery	2.18	Yes
Application	photogallerycreator	flash-album-gallery	2.50	Yes
Application	photogallerycreator	flash-album-gallery	2.51	Yes
Application	photogallerycreator	flash-album-gallery	2.52	Yes
Application	photogallerycreator	flash-album-gallery	2.53	Yes
Application	photogallerycreator	flash-album-gallery	2.54	Yes
Application	photogallerycreator	flash-album-gallery	2.55	Yes
Application	photogallerycreator	flash-album-gallery	2.56	Yes
Application	photogallerycreator	flash-album-gallery	2.70	Yes
Application	wordpress	wordpress	-	No

References

http://secunia.com/advisories/53111 Vendor Advisory ([email protected])
http://wordpress.org/plugins/flash-album-gallery/changelog/ ([email protected])
http://secunia.com/advisories/53111 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://wordpress.org/plugins/flash-album-gallery/changelog/ (af854a3a-2127-422b-91ae-364da2661108)