๐Ÿ” CVE Alert

CVE-2025-50022

UNKNOWN 0.0

WordPress WP-FB-AutoConnect plugin <= 4.6.4 - Cross Site Scripting (XSS) Vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JK WP-FB-AutoConnect wp-fb-autoconnect allows Stored XSS.This issue affects WP-FB-AutoConnect: from n/a through <= 4.6.4.

CWE CWE-79
Vendor jk
Product wp-fb-autoconnect
Published Jun 20, 2025
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for jk wp-fb-autoconnect

Be the first to know when new unknown vulnerabilities affecting jk wp-fb-autoconnect are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

JK / WP-FB-AutoConnect
0 โ‰ค 4.6.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/wp-fb-autoconnect/vulnerability/wordpress-wp-fb-autoconnect-plugin-4-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Nabil Irawan | Patchstack Bug Bounty Program