Vulnerabilities and security researches forflexi flexi
Direction: ascendingJun 07, 2024
Flexi – Guest Submit # CVE-2022-0449
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 14, 2022
- Research Description
- The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 13, 2025
Flexi – Guest Submit # CVE-2025-32589
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 11, 2025
- Research Description
- Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in odude Flexi – Guest Submit allows PHP Local File Inclusion. This issue affects Flexi – Guest Submit: from n/a through 4.28.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable