Browse all 3 CVE security advisories affecting flowdee. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Flowdee provides workflow automation and process management solutions for enterprise environments. Historically, the platform has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the three CVEs associated with the product highlight consistent weaknesses in authentication mechanisms and API security. The organization has demonstrated a pattern of addressing vulnerabilities through patch releases, though the recurrence of similar issues suggests potential challenges in implementing secure coding practices across development cycles.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-47615 | WordPress Amazon Product in a Post plugin <= 5.2.2 - Cross Site Scripting (XSS) Vulnerability — Amazon Product in a PostCWE-79 | 5.9 | Medium | 2025-05-07 |
| CVE-2023-47780 | WordPress EasyAzon – Amazon Associates Affiliate Plugin plugin <= 5.1.0 - Broken Access Control vulnerability — EasyAzonCWE-862 | 4.3 | Medium | 2024-12-09 |
| CVE-2023-6956 | EasyAzon – Amazon Associates Affiliate Plugin <= 5.1.0 - Reflected Cross-Site Scripting via easyazon-cloaking-locale — EasyAzon – Amazon Associates Affiliate PluginCWE-79 | 6.1 | Medium | 2024-06-06 |
This page lists every published CVE security advisory associated with flowdee. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.