FlatPress version 1.0 suffers from a persistent cross site scripting vulnerability.