Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

flatpressblog — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting flatpressblog. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FlatPress is a lightweight PHP blogging platform designed for simple content management without requiring a database. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 13 recorded CVEs. The platform's minimal architecture reduces complexity but has led to security gaps in input validation and file handling. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations, particularly in environments where default configurations remain unchanged.

Top products by flatpressblog: flatpressblog/flatpress
CVE IDTitleCVSSSeverityPublished
CVE-2024-4023 Stored XSS in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2025-03-20
CVE-2024-9699 Cross-Site Scripting (XSS) in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2025-03-20
CVE-2024-9847 Cross-Site Request Forgery (CSRF) in flatpressblog/flatpress — flatpressblog/flatpressCWE-352 6.5 -2025-03-20
CVE-2023-1106 Cross-site Scripting (XSS) - Reflected in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 6.1 -2023-03-02
CVE-2023-1107 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2023-03-02
CVE-2023-1146 Cross-site Scripting (XSS) - Generic in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2023-03-02
CVE-2023-1147 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2023-03-02
CVE-2023-1148 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2023-03-02
CVE-2023-1104 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2023-03-01
CVE-2023-1105 External Control of File Name or Path in flatpressblog/flatpress — flatpressblog/flatpressCWE-73 8.1 -2023-03-01
CVE-2023-0947 Path Traversal in flatpressblog/flatpress — flatpressblog/flatpressCWE-22 9.8 -2023-02-22
CVE-2022-4605 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress — flatpressblog/flatpressCWE-79 5.4 -2022-12-18
CVE-2022-4606 PHP Remote File Inclusion in flatpressblog/flatpress — flatpressblog/flatpressCWE-98 9.8 -2022-12-18

This page lists every published CVE security advisory associated with flatpressblog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.