{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-06-01T10:00:00Z", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "53111", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/53111"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2013-3261", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "53111", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/53111"}, {"name": "http://wordpress.org/plugins/flash-album-gallery/changelog/", "refsource": "CONFIRM", "url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:07:36.681Z"}, "title": "CVE Program Container", "references": [{"name": "53111", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/53111"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2013-3261", "datePublished": "2013-06-01T10:00:00Z", "dateReserved": "2013-04-22T00:00:00Z", "dateUpdated": "2024-09-16T20:53:29.367Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5431205-99DC-45DC-834F-13B78A220B07", "versionEndIncluding": "2.71", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.29:*:*:*:*:*:*:*", "matchCriteriaId": "C6B283E9-11B4-4D85-BBE0-1944DC6AC5F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.32:*:*:*:*:*:*:*", "matchCriteriaId": "ADD05D54-C5D5-415B-942A-7AF8C0635351", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "C33BECFB-AD7F-47D5-9332-6344A8F91519", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "EBF3BF39-6419-41B7-BEEE-438CAE72C085", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "21B3EE5D-4FE6-4799-8ACB-637E1B8F5DB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "78507237-70B3-4809-9985-168E680E42D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.37:*:*:*:*:*:*:*", "matchCriteriaId": "AFA928D5-BA70-4D5D-B3DD-26A1EDD93F14", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.38:*:*:*:*:*:*:*", "matchCriteriaId": "36E9BCDD-CA2A-47E1-B365-5B3E80A5AF7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:*:*:*:*:*:*:*", "matchCriteriaId": "1C219F66-800F-4BFC-B66F-4E52EB27ACFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl1:*:*:*:*:*:*", "matchCriteriaId": "49223070-2A2A-4505-9135-CD393E6B6487", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl2:*:*:*:*:*:*", "matchCriteriaId": "EA296C5E-C125-4C95-B074-08DEDCD3FB75", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl3:*:*:*:*:*:*", "matchCriteriaId": "6CF0002E-35F7-4DD7-88CE-5D42024A4AD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.40:*:*:*:*:*:*:*", "matchCriteriaId": "2F48B2E2-EB41-40F5-AACF-34BDF5816B2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.41:*:*:*:*:*:*:*", "matchCriteriaId": "BD9C8787-8974-4A9D-AE11-54D9A948C6CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.42:*:*:*:*:*:*:*", "matchCriteriaId": "79283AD5-6999-466B-859A-6385C22854E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.43:*:*:*:*:*:*:*", "matchCriteriaId": "26E85C19-EF3D-4ACF-8675-F4366341C20F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.44:*:*:*:*:*:*:*", "matchCriteriaId": "876C6277-D21A-4E6A-945D-7BE1BED2C2A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.45:*:*:*:*:*:*:*", "matchCriteriaId": "6FF7BF58-F402-4816-A3CE-3AEA3C63CB60", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.46:*:*:*:*:*:*:*", "matchCriteriaId": "5A14014C-B98D-4F70-8505-3CDFAF9A1B4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.49:*:*:*:*:*:*:*", "matchCriteriaId": "60A36473-9A55-45B5-999E-7772B754F10B", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.50:*:*:*:*:*:*:*", "matchCriteriaId": "8CDF7DFD-AC34-42FD-B36B-1B0CEFA9FE5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.52:*:*:*:*:*:*:*", "matchCriteriaId": "156932A7-9416-4597-96B1-C4B0EC9FDDA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.53:*:*:*:*:*:*:*", "matchCriteriaId": "9E8D884C-29B3-4376-B871-7C5265642348", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.54:*:*:*:*:*:*:*", "matchCriteriaId": "44D65B1E-D982-44F5-8C70-C9205B660D0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.55:*:*:*:*:*:*:*", "matchCriteriaId": "5164FFE0-4254-4741-B014-AF84AD5987D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.56:*:*:*:*:*:*:*", "matchCriteriaId": "E04F584D-E87B-4ADA-B6D6-E2BFC6F58EB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.57:*:*:*:*:*:*:*", "matchCriteriaId": "F678272E-59F0-41BA-8CE8-057B473DDB33", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:*:*:*:*:*:*:*", "matchCriteriaId": "C20ABCDF-0E3D-40F9-9FD5-A53D33AC9068", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:pl1:*:*:*:*:*:*", "matchCriteriaId": "104E56D2-3219-46EF-AA44-CE1986FD290F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.59:*:*:*:*:*:*:*", "matchCriteriaId": "D538AA95-6B56-4F6F-828E-0522F4495E2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.60:*:*:*:*:*:*:*", "matchCriteriaId": "A4AE6C8A-022E-4469-A343-913B8E3B79D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:0.61:*:*:*:*:*:*:*", "matchCriteriaId": "7F2C440B-7588-43A6-BBBD-9C6DAB07967F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "3F87CE34-9189-4EA4-83BD-7E5A552FB596", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "9AF2417A-DCDC-44A9-8E42-F884604CD850", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "FA38E2F5-D1B8-43D6-8556-5063F0CD8708", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "767AF04C-B814-4CB6-9FF3-E1037EACACA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "FC86B466-2F1C-4DA1-99B3-5087DD278825", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "0BD3BF1D-44D7-4C48-94CD-BABB111AAA45", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.23:*:*:*:*:*:*:*", "matchCriteriaId": "847B778A-2761-47A3-8AB5-34D43B06B4C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.31:*:*:*:*:*:*:*", "matchCriteriaId": "2EBF67C0-95C7-4FCD-97FC-19C3DA204D74", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.32:*:*:*:*:*:*:*", "matchCriteriaId": "E92415D6-4E40-4D70-8C5B-A3BA319648A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.33:*:*:*:*:*:*:*", "matchCriteriaId": "E811A964-6BA3-4569-99F6-67B84AAFC4DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.40:*:*:*:*:*:*:*", "matchCriteriaId": "143C730B-6B21-461C-81D6-ECDD6F073AFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.41:*:*:*:*:*:*:*", "matchCriteriaId": "D1A12B83-DD28-4703-BF9B-36460F52F0A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.42:*:*:*:*:*:*:*", "matchCriteriaId": "36097EB6-4D29-4C24-987A-364EAD085D8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.43:*:*:*:*:*:*:*", "matchCriteriaId": "C5764E06-71B0-4D0B-8E5C-52E5FE1CC8D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.44:*:*:*:*:*:*:*", "matchCriteriaId": "B414EC04-848D-4C80-8E35-11128D73F8B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.45:*:*:*:*:*:*:*", "matchCriteriaId": "B35AEA41-1FFB-4E71-8F27-458EC93EA40A", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.47:*:*:*:*:*:*:*", "matchCriteriaId": "6401403C-FCCB-416A-9E0F-F7EB2E706184", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.48:*:*:*:*:*:*:*", "matchCriteriaId": "A245014D-B81C-43C2-936F-C60CBD0EC0DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.49:*:*:*:*:*:*:*", "matchCriteriaId": "4B9815C9-80A4-451D-BFA5-315A49712989", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.50:*:*:*:*:*:*:*", "matchCriteriaId": "AD148703-7B99-419B-A52E-4A8A1848635F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.51:*:*:*:*:*:*:*", "matchCriteriaId": "BB22A347-9DA2-4C6E-8FD8-C8EAFE2C124E", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.52:*:*:*:*:*:*:*", "matchCriteriaId": "1784F89F-3FFB-4EB5-B6BE-734D6159DC72", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.53:*:*:*:*:*:*:*", "matchCriteriaId": "4DD72121-BF91-480F-8189-74F1E8D9EFBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.54:*:*:*:*:*:*:*", "matchCriteriaId": "BED203BF-A514-4C37-9206-B8E595902A77", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.55:*:*:*:*:*:*:*", "matchCriteriaId": "807690AE-6828-48A0-8489-E9A53B251F95", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.56:*:*:*:*:*:*:*", "matchCriteriaId": "A13366B2-A10C-4BD4-A463-7E176999D380", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.57:*:*:*:*:*:*:*", "matchCriteriaId": "F2B68C94-E39F-4D48-BF03-2E6242BA8D26", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.58:*:*:*:*:*:*:*", "matchCriteriaId": "A3FDC387-1E17-412A-A34F-2F372B0B36DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.59:*:*:*:*:*:*:*", "matchCriteriaId": "DEA7AE12-64A5-420A-B30F-4BC7E480A514", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.60:*:*:*:*:*:*:*", "matchCriteriaId": "2872C912-CDC8-4F7B-9959-A64F76B6FA69", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.61:*:*:*:*:*:*:*", "matchCriteriaId": "4D85EF10-DE05-4E30-90A6-B3DBC146F3AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.62:*:*:*:*:*:*:*", "matchCriteriaId": "2EACCB37-3416-4407-9ABB-0F02C1CD2F0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.63:*:*:*:*:*:*:*", "matchCriteriaId": "B759871E-7643-42F4-B287-D3E48CD2CF8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.64:*:*:*:*:*:*:*", "matchCriteriaId": "91094369-5DF6-4AC5-8BCE-0CB1E5AB642A", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.65:*:*:*:*:*:*:*", "matchCriteriaId": "653F51C2-59F4-4148-8AC3-629FE7AED9E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.66:*:*:*:*:*:*:*", "matchCriteriaId": "C844B9ED-CB4B-4C48-B379-2A0610D0A3BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.67:*:*:*:*:*:*:*", "matchCriteriaId": "17F65E8F-8EB6-4A6D-9EFF-027AEBAD0EFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.70:*:*:*:*:*:*:*", "matchCriteriaId": "125EB36D-7246-40C6-A8B3-C82DC9CBD253", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.71:*:*:*:*:*:*:*", "matchCriteriaId": "59E205DE-097F-4CE0-B39A-534D78A665AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.72:*:*:*:*:*:*:*", "matchCriteriaId": "F3E10EDF-64E5-4111-B7C0-3B1F8DCE568F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.73:*:*:*:*:*:*:*", "matchCriteriaId": "69A8260E-6F44-4C1D-A733-8E4F1A60DC8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.74:*:*:*:*:*:*:*", "matchCriteriaId": "DCC7E061-2A8B-4387-A318-5EF19980386B", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.75:*:*:*:*:*:*:*", "matchCriteriaId": "37657368-33FC-4E20-BF97-5230501F1E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.76:*:*:*:*:*:*:*", "matchCriteriaId": "75066A0E-0E48-48E2-88C0-95CD4D8CDE89", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.77:*:*:*:*:*:*:*", "matchCriteriaId": "4208D127-69F6-41C0-8930-957C9B6D5854", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.78:*:*:*:*:*:*:*", "matchCriteriaId": "E60DFDDA-578F-49F7-B756-35069BB29F2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.79:*:*:*:*:*:*:*", "matchCriteriaId": "3D9EAA97-18C5-46E6-9175-ADCC6EEF7656", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.80:*:*:*:*:*:*:*", "matchCriteriaId": "10DB67D8-6F9A-4508-ABB3-5C24ECDE76DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.81:*:*:*:*:*:*:*", "matchCriteriaId": "D89C5119-F0BA-48DE-93F9-D96E42BF8F17", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.82:*:*:*:*:*:*:*", "matchCriteriaId": "B79BA7BB-3F3F-4C27-A261-25F49C3117C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.83:*:*:*:*:*:*:*", "matchCriteriaId": "B056BAC2-C400-43DE-B57C-F894DB27E1A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.84:*:*:*:*:*:*:*", "matchCriteriaId": "EDCE7105-43C5-480E-AE35-B48CB3D6A710", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.85:*:*:*:*:*:*:*", "matchCriteriaId": "22EA8BA1-FE4D-4B48-8F29-35E7529732FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:1.90:*:*:*:*:*:*:*", "matchCriteriaId": "AE19563A-3B80-40D0-8235-053CD3B295EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "23EC4B90-F713-476C-9330-D11F2B7B991A", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.10:*:*:*:*:*:*:*", "matchCriteriaId": "6437CF95-9C2C-45D9-B811-AFD00DC7C5E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.11:*:*:*:*:*:*:*", "matchCriteriaId": "FB330525-8278-4F66-B933-8947BBE40533", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.12:*:*:*:*:*:*:*", "matchCriteriaId": "1C177F08-9992-41A3-94D7-98A26CA5D55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.14:*:*:*:*:*:*:*", "matchCriteriaId": "C35CC8D9-3E24-4A2A-BCCC-6111220C73FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.15:*:*:*:*:*:*:*", "matchCriteriaId": "62A00538-48F1-4442-AD22-4D3E75CF0F76", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.16:*:*:*:*:*:*:*", "matchCriteriaId": "72CE517C-A261-4323-AA13-C6EE36DA7829", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.17:*:*:*:*:*:*:*", "matchCriteriaId": "4DCAC2EE-9F4C-45AB-ABDA-0FD9316685CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.18:*:*:*:*:*:*:*", "matchCriteriaId": "3B348CBD-1400-4B83-89D0-6A69DDAAA92A", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.50:*:*:*:*:*:*:*", "matchCriteriaId": "FD0A2B69-4B77-4D7C-BD41-36A79F9196AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.51:*:*:*:*:*:*:*", "matchCriteriaId": "C4639264-BD28-47FA-818A-CD425546FB8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.52:*:*:*:*:*:*:*", "matchCriteriaId": "E3D4D9D0-35E9-4E82-B639-4D6126F764DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.53:*:*:*:*:*:*:*", "matchCriteriaId": "8FDB4C54-0EAC-45E5-8FE4-0F977C8E800C", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.54:*:*:*:*:*:*:*", "matchCriteriaId": "39EE5E5F-53AF-47CB-8045-6A9C39EB2065", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.55:*:*:*:*:*:*:*", "matchCriteriaId": "EBE99327-F726-489E-9994-BA1E635EBBD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.56:*:*:*:*:*:*:*", "matchCriteriaId": "B85CD453-0BFB-4C75-94FD-03BAF74A6D41", "vulnerable": true}, {"criteria": "cpe:2.3:a:photogallerycreator:flash-album-gallery:2.70:*:*:*:*:*:*:*", "matchCriteriaId": "7A25BA7F-6F57-404E-93E1-52A86BE82A30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados en wp-admin/admin.php en el complemnto GRAND FlAGallery anteriores a v2.72 para WordPress permite a a atacantes remotos a inyectar secuencias de comandos Web o HTML a trav\u00e9s del par\u00e1metro s en una acci\u00f3n flag-manage-gallery."}], "id": "CVE-2013-3261", "lastModified": "2013-06-03T15:30:45.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-06-01T14:21:06.127", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/53111"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://wordpress.org/plugins/flash-album-gallery/changelog/"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}