CVE-2021-41432: Stored Cross-Site Scripting Vulnerability in the Blog Content in FlatPressStored XSS vulnerability in FlatPress 1.2.1 allows arbitrary JavaScript execution via crafted post content.
CVE-2021-41434: Stored Cross-Site Scripting Vulnerability in Expense Management System by EGavilan MediaStored XSS vulnerability in Expense Management System 1.0 allows arbitrary JavaScript execution via expense description input.