What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.
CVE-2023-1148
MEDIUM
CVE-2023-1148: Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
CVSS base score
6.5/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
March 2, 2023
CVE published
March 7, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-11276 PDF Builder for WooCommerce. Create invoices,packing slips and more <= 1.2.136 - Reflected Cross-Site Scripting
CVE-2025-49299 WordPress WebHotelier plugin <= 1.9.2 - Cross Site Scripting (XSS) Vulnerability
CVE-2024-51896 WordPress Magic Slider plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2022-35653
CVE-2023-3521 Cross-site Scripting (XSS) - Reflected in fossbilling/fossbilling
