VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 1, 2013· Updated Apr 29, 2026

CVE-2013-3261

CVE-2013-3261

Description

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action.

Affected products

104
  • Photogallerycreator/Flash Album Gallery104 versions
    cpe:2.3:a:photogallerycreator:flash-album-gallery:*:*:*:*:*:*:*:*+ 103 more
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:*:*:*:*:*:*:*:*range: <=2.71
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.29:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.32:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.34:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.36:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.37:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.38:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl1:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl2:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.39:pl3:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.40:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.42:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.43:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.44:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.45:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.46:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.49:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.50:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.52:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.53:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.54:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.55:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.56:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.57:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.58:pl1:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.59:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:0.61:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.20:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.22:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.23:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.31:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.32:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.33:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.40:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.41:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.43:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.44:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.45:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.47:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.48:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.49:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.50:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.51:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.52:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.53:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.54:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.55:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.56:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.57:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.58:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.59:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.60:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.61:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.62:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.63:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.64:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.65:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.66:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.67:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.70:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.71:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.72:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.73:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.74:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.75:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.76:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.77:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.78:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.79:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.80:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.81:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.82:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.83:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.84:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.85:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:1.90:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.00:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.18:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.50:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.51:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.52:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.53:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.54:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.55:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.56:*:*:*:*:*:*:*
    • cpe:2.3:a:photogallerycreator:flash-album-gallery:2.70:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.