9 matches found
WordPress FlatPM - Ad Manager, AdSense and Custom Code plugin <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta vulnerability
WordPress FlatPM - Ad Manager, AdSense and Custom Code plugin = 3.2.2 - Authenticated Contributor+ Stored Cross-Site Scripting via Custom Post Meta vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin FlatPM versions = 3.2.2...
CVE-2026-0690
The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-0690
CVE-2026-0690 involves the WordPress plugin FlatPM – Ad Manager, AdSense and Custom Code. Multiple sources confirm a Stored Cross-Site Scripting (XSS) flaw in all versions up to and including 3.2.2, caused by insufficient input sanitization and output escaping of the rank_math_description/custom ...
CVE-2026-0690 FlatPM – Ad Manager, AdSense and Custom Code <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta
The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress plugin FlatPM – Ad Manager, AdSense, and Custom Code: Cross-site Script Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-3577
Name of the Vulnerable Software and Affected Versions FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress versions through 3.2.2 Description The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress has a Stored Cross-Site Scripting issue. This is due to inadequate...
CVE-2022-3934
The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Plugin FlatPM 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
CVE-2022-3934
The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...