Vulnerabilities > Flatpress > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-02 CVE-2024-33209 Cross-site Scripting vulnerability in Flatpress 1.3
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS).
network
low complexity
flatpress CWE-79
5.4
2024-10-01 CVE-2024-31835 Cross-site Scripting vulnerability in Flatpress
Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter.
network
low complexity
flatpress CWE-79
4.8
2024-09-27 CVE-2024-25412 Cross-site Scripting vulnerability in Flatpress
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field.
network
low complexity
flatpress CWE-79
6.1
2023-03-02 CVE-2023-1146 Unspecified vulnerability in Flatpress
Cross-site Scripting (XSS) - Generic in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
5.4
2023-03-02 CVE-2023-1147 Unspecified vulnerability in Flatpress
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
5.4
2023-03-02 CVE-2023-1148 Cross-site Scripting vulnerability in Flatpress
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress CWE-79
4.8
2023-03-02 CVE-2023-1106 Unspecified vulnerability in Flatpress
Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
6.1
2023-03-02 CVE-2023-1107 Unspecified vulnerability in Flatpress
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
5.4
2023-03-01 CVE-2023-1104 Unspecified vulnerability in Flatpress
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
5.4
2022-12-28 CVE-2022-4820 Unspecified vulnerability in Flatpress
A vulnerability classified as problematic has been found in FlatPress.
network
low complexity
flatpress
6.1