CVE-2013-4117

NUCLEI

Anshul Sharma Category-grid-view-gallery - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Iranian Exploit DataBase · textwebappsphp

https://www.exploit-db.com/exploits/38625

View Code ZIP pw:eip

Nuclei Templates (1)

WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting

MEDIUMby daffainfo

References (7)

[Various Sources] http://exploit.iedb.ir/exploits-177.html

[Third Party Advisory, VDB Entry] http://osvdb.org/94805

[Mailing List] http://seclists.org/bugtraq/2013/Jul/17

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/85395

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/60905

[Mailing List] http://openwall.com/lists/oss-security/2013/07/11/11

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/122259/WordPress-Category-Grid-View-Gallery-XSS.html

Scores

EPSS 0.1176

EPSS Percentile 93.6%

Details

CWE

CWE-79

Status published

Products (2)

anshul_sharma/category-grid-view-gallery

n/a/n/a

Published Jul 16, 2013

Tracked Since Feb 18, 2026