Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatpress flatpress - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1106
Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
NA
CVE-2023-1148
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
NA
CVE-2022-4606
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
NA
CVE-2023-0947
Path Traversal in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
NA
CVE-2022-4755
A vulnerability was found in FlatPress and classified as problematic. This issue affects the function main of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component Media Manager Plugin. The manipulation of the argument mm-newgallery-name leads to cr...
Flatpress Flatpress -
3.5
CVSSv2
CVE-2020-35241
FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog Content component. This vulnerability can allow an malicious user to inject the XSS payload in Blog content via the admin panel. Each time any user will go to that blog page, the XSS triggers and the attacker c...
Flatpress Flatpress 1.0.3
4.3
CVSSv2
CVE-2014-100036
Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the content parameter to the default URI.
Flatpress Flatpress 1.0.2
4.3
CVSSv2
CVE-2008-4120
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote malicious users to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php.
Flatpress Flatpress 0.804
1 EDB exploit
NA
CVE-2022-40047
Flatpress v1.2.1 exists to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.
Flatpress Flatpress 1.2.1
3.5
CVSSv2
CVE-2022-24588
Flatpress v1.2.1 exists to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function.
Flatpress Flatpress 1.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »