cleantalk
Vulnerabilities and Security Researches

Flexi – Guest Submit, CVE-2022-0449

CVE, Research URL

CVE-2022-0449

Home page URL

Security reports for Flexi – Guest Submit

Application

Flexi – Guest Submit

Published on
Mar 14, 2022
Research Description
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting
Affected versions
Min -, max 4.20.
Status
vulnerable
Previous vulnerability researches
Flexible Cookies (CVE-2025-30805) , Apr 02, 2025
FlexIDX Home Search (CVE-2025-25082) , Feb 05, 2025
Flexible Blogtitle (CVE-2025-23846) , Jan 24, 2025
Flexi – Guest Submit (CVE-2025-32589) , Apr 13, 2025
Flexi – Guest Submit (CVE-2022-0449) , Jun 07, 2024
New vulnerability
Advance WP Query Search Filter (CVE-2025-26743) , Apr 15, 2025
SKT Skill Bar (CVE-2025-26880) , Apr 15, 2025
WP Featured Screenshot (CVE-2025-32557) , Apr 15, 2025
Additional Custom Product Tabs for WooCommerce (CVE-2025-26749) , Apr 15, 2025
Autoptimize , Apr 15, 2025