Vulnerabilities > Flatpress

DATE CVE VULNERABILITY TITLE RISK
2023-02-22 CVE-2023-0947 Path Traversal vulnerability in Flatpress
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress CWE-22
critical
9.8
2022-12-28 CVE-2022-4820 Cross-site Scripting vulnerability in Flatpress
A vulnerability classified as problematic has been found in FlatPress.
network
low complexity
flatpress CWE-79
6.1
2022-12-28 CVE-2022-4821 Cross-site Scripting vulnerability in Flatpress
A vulnerability classified as problematic was found in FlatPress.
network
low complexity
flatpress CWE-79
6.1
2022-12-28 CVE-2022-4822 Cross-site Scripting vulnerability in Flatpress
A vulnerability, which was classified as problematic, has been found in FlatPress.
network
low complexity
flatpress CWE-79
6.1
2022-12-27 CVE-2022-4755 Cross-site Scripting vulnerability in Flatpress
A vulnerability was found in FlatPress and classified as problematic.
network
low complexity
flatpress CWE-79
6.1
2022-12-27 CVE-2022-4748 Path Traversal vulnerability in Flatpress
A vulnerability was found in FlatPress.
network
low complexity
flatpress CWE-22
critical
9.8
2022-10-11 CVE-2022-40047 Cross-site Scripting vulnerability in Flatpress 1.2.1
Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.
network
low complexity
flatpress CWE-79
5.4
2022-09-29 CVE-2022-40048 Unrestricted Upload of File with Dangerous Type vulnerability in Flatpress 1.2.1
Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function.
network
low complexity
flatpress CWE-434
7.2
2022-06-23 CVE-2021-41432 Cross-site Scripting vulnerability in Flatpress 1.2.1
A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content.
network
flatpress CWE-79
3.5
2022-02-15 CVE-2022-24588 Cross-site Scripting vulnerability in Flatpress 1.2.1
Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function.
network
low complexity
flatpress CWE-79
5.4