Medium severity6.5NVD Advisory· Published Jun 4, 2024· Updated Jun 17, 2026
CVE-2024-35651
CVE-2024-35651
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=5.2.2
- Spiffy Plugins/WP Flow Plusv5Range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.