What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
CVE-2023-1104
HIGH
CVE-2023-1104: Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
CVSS base score
8.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Key dates
02Disclosure timeline
March 1, 2023
CVE published
March 11, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-26465
CVE-2022-21702 Cross site scripting in Grafana proxy
CVE-2024-48036 WordPress SKT Blocks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability
CVE-2021-24938 WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting
CVE-2026-22210 wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLs
