CVE-2024-35651 WordPress WP Flow Plus plugin <= 5.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2...

WordPress WP Flow Plus Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Flow Plus Type Plugin Vulnerable versions = 5.2.2 Fixed in 5.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35651 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcb093c2f536 Credits LVT-tholv2k Required privilege Contributo...