CVE-2025-44108 – Flatpress CMS Stored XSS

CVE ID : CVE-2025-44108

Published : May 19, 2025, 2:15 p.m. | 52 minutes ago

Description : A stored Cross-Site Scripting (XSS) vulnerability exists in the administration panel of Flatpress CMS before 1.4 via the gallery captions component. An attacker with admin privileges can inject a malicious JavaScript payload into the system, which is then stored persistently.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…