Flatpress v1.2.1 exists to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function.
flatpress flatpress 1.2.1