GCVE - cpe:2.3:a:n/a:flatpress:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:flatpress:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Flatpress (`246ed563-d45c-50c1-8a5f-736c35a27bca`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-4822`	vulnerable	2026-06-08 05:52:00.421896	FlatPress Setup main.lib.php cross site scripting LOW (2.4) A vulnerability, which was classified as problematic, has been found in FlatPress. This issue affects some unknown processing of the file setup/lib/main.lib.php of the component Setup. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 5f23b4c2eac294cc0ba5e541f83a6f8a26f9fed1. It is recommended to apply a patch to fix this issue. The identifier VDB-217001 was assigned to this vulnerability. Published: 2022-12-28T20:47:21.360Z Updated: 2024-08-03T01:55:45.765Z Open on db.gcve.eu Reference links https://vuldb.com/?id.217001 https://vuldb.com/?ctiid.217001 https://github.com/flatpressblog/flatpress/issues/176 https://github.com/flatpressblog/flatpress/commit/5f23b4c2eac294cc0ba5e541f83a6f8a26f9fed1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4821`	vulnerable	2026-06-08 05:52:00.421557	FlatPress XML File Handler/MD File admin.uploader.php onupload cross site scripting LOW (2.4) A vulnerability classified as problematic was found in FlatPress. This vulnerability affects the function onupload of the file admin/panels/uploader/admin.uploader.php of the component XML File Handler/MD File Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 3cc223dec5260e533a84b5cf5780d3a4fbf21241. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217000. Published: 2022-12-28T20:45:48.557Z Updated: 2024-08-03T01:55:45.551Z Open on db.gcve.eu Reference links https://vuldb.com/?id.217000 https://vuldb.com/?ctiid.217000 https://github.com/flatpressblog/flatpress/issues/178 https://github.com/flatpressblog/flatpress/commit/3cc223dec5260e533a84b5cf5780d3a4fbf21241	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4820`	vulnerable	2026-06-08 05:52:00.421022	FlatPress Admin Area admin.entry.list.php cross site scripting LOW (3.5) A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 229752b51025e678370298284d42f8ebb231f67f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216999. Published: 2022-12-28T20:42:48.276Z Updated: 2024-08-03T01:55:45.454Z Open on db.gcve.eu Reference links https://vuldb.com/?id.216999 https://vuldb.com/?ctiid.216999 https://github.com/flatpressblog/flatpress/issues/180 https://github.com/flatpressblog/flatpress/commit/229752b51025e678370298284d42f8ebb231f67f	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4755`	vulnerable	2026-06-08 05:52:00.300900	FlatPress Media Manager Plugin panel.mediamanager.file.php main cross site scripting LOW (3.5) A vulnerability was found in FlatPress and classified as problematic. This issue affects the function main of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component Media Manager Plugin. The manipulation of the argument mm-newgallery-name leads to cross site scripting. The attack may be initiated remotely. The name of the patch is d3f329496536dc99f9707f2f295d571d65a496f5. It is recommended to apply a patch to fix this issue. The identifier VDB-216869 was assigned to this vulnerability. Published: 2022-12-27T09:39:11.575Z Updated: 2024-08-03T01:48:40.224Z Open on db.gcve.eu Reference links https://vuldb.com/?id.216869 https://vuldb.com/?ctiid.216869 https://github.com/flatpressblog/flatpress/issues/177 https://github.com/flatpressblog/flatpress/commit/d3f329496536dc99f9707f2f295d571d65a496f5	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4748`	vulnerable	2026-06-08 05:52:00.286426	FlatPress File Delete panel.mediamanager.file.php doItemActions path traversal MEDIUM (5.5) A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler. The manipulation of the argument deletefile leads to path traversal. The name of the patch is 5d5c7f6d8f072d14926fc2c3a97cdd763802f170. It is recommended to apply a patch to fix this issue. The identifier VDB-216861 was assigned to this vulnerability. Published: 2022-12-27T08:26:42.624Z Updated: 2024-08-03T01:48:40.421Z Open on db.gcve.eu Reference links https://vuldb.com/?id.216861 https://vuldb.com/?ctiid.216861 https://github.com/flatpressblog/flatpress/issues/179 https://github.com/flatpressblog/flatpress/commit/5d5c7f6d8f072d14926fc2c3a97cdd763802f170	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.