Unrated severityNVD Advisory· Published Oct 25, 2013· Updated Apr 29, 2026

CVE-2013-6281

Description

Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "page" parameter.

Affected products

Dhtmlx/Dhtmlxspreadsheet
cpe:2.3:a:dhtmlx:dhtmlxspreadsheet:2.0:-:*:*:*:wordpress:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/123699/WordPress-dhtmlxspreadsheet-Cross-Site-Scripting.htmlnvdExploit
secunia.com/advisories/55396nvdVendor Advisory
osvdb.org/98831nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000