The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...
5.4CVSS
5.3AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Etison, LLC ClickFunnels plugin <= 3.1.1...
8.8CVSS
8.8AI Score
0.001EPSS