Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

flector — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting flector. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Flector is a web application framework primarily used for building dynamic web applications and APIs. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The framework's modular architecture has introduced additional attack surfaces through third-party plugins. While no major public security incidents have been widely documented, the four CVEs associated with Flector highlight consistent security concerns, particularly around authentication mechanisms and data sanitization. Its widespread adoption in enterprise environments makes it a persistent target for exploitation, necessitating regular security assessments and prompt patching.

Top products by flector: Easy Textillate RSS for Yandex Turbo BBSpoiler
CVE IDTitleCVSSSeverityPublished
CVE-2024-32526 WordPress Easy Textillate plugin <= 2.02 - Cross Site Scripting (XSS) vulnerability — Easy TextillateCWE-79 6.5 Medium2024-04-17
CVE-2024-2303 Easy Textillate <= 2.01 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — Easy TextillateCWE-79 6.4 Medium2024-03-26
CVE-2023-23873 WordPress BBSpoiler Plugin <= 2.01 is vulnerable to Cross Site Scripting (XSS) — BBSpoilerCWE-79 6.5 Medium2023-05-10
CVE-2021-24277 RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS) — RSS for Yandex TurboCWE-79 5.4 -2021-05-14

This page lists every published CVE security advisory associated with flector. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.