Lucene search

CVE-2023-51670 WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerability

🗓️ 12 Jun 2024 08:14:54Reported by PatchstackType

WordPress FunnelKit Checkout plugin Authenticated Arbitrary Plugin Activation vulnerability

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2023-51670	12 Jun 202409:15	–	cve
Patchstack	WordPress FunnelKit Checkout Plugin <= 3.10.3 is vulnerable to Settings Change	27 Dec 202300:00	–	patchstack
NVD	CVE-2023-51670	12 Jun 202409:15	–	nvd
WPVulnDB	FunnelKit Checkout < 3.11.0 - Subscriber+ Arbitrary Plugin Activation	3 Jan 202400:00	–	wpvulndb
Vulnrichment	CVE-2023-51670 WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerability	12 Jun 202408:54	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (December 18, 2023 to December 31, 2023)	5 Jan 202413:20	–	wordfence

[
  {
    "defaultStatus": "unaffected",
    "product": "FunnelKit Checkout",
    "vendor": "FunnelKit",
    "versions": [
      {
        "changes": [
          {
            "at": "3.11.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.10.3",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/woofunnels-aero-checkout/wordpress-funnelkit-checkout-plugin-3-10-3-authenticated-arbitrary-plugin-activation-vulnerability

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Jun 2024 08:54Current

CVSS34.3

EPSS0.00126

CWE-862