Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Mehanoid Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-29803 1 Mehanoid 1 Flatpm 2025-06-09 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05.
CVE-2022-3934 1 Mehanoid 1 Flat Pm 2025-04-22 N/A 5.4 MEDIUM
The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin