WordPress Plugin Vulnerabilities

fGallery_Plus - fim_rss.php album Parameter Reflected XSS

Description

The fgallery_plus WordPress plugin was affected by a fim_rss.php album Parameter Reflected XSS security vulnerability.

Affects Plugins

Plugin icon
fgallery_plus
No known fix

References

URL
https://packetstormsecurity.com/files/#123347/
URL
https://seclists.org/bugtraq/2013/Sep/105
URL
https://seclists.org/bugtraq/2013/Sep/107
URL
https://seclists.org/bugtraq/2013/Sep/108

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
95636751-550d-4676-b1cb-ac4ea2c2d384

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2022-11-17
Title
Ultimate Tables <= 1.6.5 - Reflected Cross-Site Scripting
Published
2010-11-05
Title
Feedlist < 2.70.00 - XSS
Published
2025-12-15
Title
WP-ShowHide < 1.06 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2020-12-26
Title
LiteSpeed Cache < 3.6.1 - Authenticated Stored Cross-Site Scripting
Published
2024-05-13
Title
Jetpack < 13.4 - Contributor+ Stored Cross-Site Scripting via wpvideo Shortcode