Flat Preloader Project Flat Preloader — known CVE vulnerabilities
Every CVE whose affected-product data names Flat Preloader Project Flat Preloader, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24685 — CVSS 5.4 (medium): The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and…
CVE-2021-24789 — CVSS 4.8 (medium): The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend…