CVE-2023-46626

MEDIUM 6.1

WordPress FLOWFACT WP Connector Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

CVSS Score

6.1

EPSS Score

0.0%

EPSS Percentile

0th

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions.

CWE	CWE-79
Vendor	flowfact
Product	flowfact wp connector
Published	Nov 8, 2023
Last Updated	Apr 28, 2026

Stay Ahead of the Next One

Get instant alerts for flowfact flowfact wp connector

Be the first to know when new medium vulnerabilities affecting flowfact flowfact wp connector are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

FLOWFACT / FLOWFACT WP Connector

n/a ≤ 2.1.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/vulnerability/flowfact-wp-connector/wordpress-flowfact-wp-connector-plugin-2-1-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Jonas Höbenreich (Patchstack Alliance)