CVSS 3.1 Score 6.1 of 10 (medium)


Published Nov 8, 2023
Updated: Nov 14, 2023


CVE-2023-46626 is a vulnerability categorized as Unauth. Reflected Cross-Site Scripting (XSS) in the FLOWFACT WP Connector plugin versions up to 2.1.7. The risk score is 26, indicating a medium severity level. The vulnerability requires user interaction and can be exploited over a network. It has a low impact on integrity and confidentiality, and no impact on availability. The base score is 6.1, with an exploitability score of 2.8. It affects the vdUjsU product and is related to KPzZAE. The CWE ID associated with this vulnerability is CWE-79, which refers to improper neutralization of input during web page generation (Cross-site Scripting). No remediation steps or potential danger to organizations are mentioned in the provided information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46626 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options