WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress GRAND FlaGallery plugin 6.1.2 and earlier versions have a cross-site scripting vulnerability that stems from the plugin’s failure to clean up and escape some gallery settings. An attacker could exploit this vulnerability to perform cross-site scripting attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress grand flagallery plugin | le | 6.1.2 |