230 matches found
WordPress plugin Funnel Builder by FunnelKit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-34024 · Unknown · Funnelkit Funnel Builder
Name of the Vulnerable Software and Affected Versions: FunnelKit Funnel Builder versions through 3.11.1 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion vulnerability within FunnelKit Funnel...
WordPress Funnel Builder by FunnelKit Plugin <= 3.11.1 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Funnel Builder by FunnelKit versions = 3.11.1...
CVE-2025-7654
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wfgetcookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make...
CVE-2025-7654
CVE-2025-7654 concerns multiple FunnelKit plugins (FunnelKit Automations and FunnelKit – Funnel Builder for WooCommerce Checkout). The vulnerability is a Sensitive Information Exposure via the wf_get_cookie shortcode that authenticated attackers with Contributor-level access and above can leverag...
CVE-2025-7654 Multiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wfgetcookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make...
CVE-2025-7654 Multiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wfgetcookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make...
PT-2025-33711 · WordPress · Funnelkit – Funnel Builder For Woocommerce Checkout +1
Name of the Vulnerable Software and Affected Versions: FunnelKit – Funnel Builder for WooCommerce Checkout FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce Description: Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf get...
wordpress plugin FunnelKit – Funnel Builder for WooCommerce Checkout和wordpress plugin FunnelKit Automations 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... An information disclosur...
WordPress FunnelKit plugin <= 3.11.0.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by wesley wcraft in WordPress Plugin Funnel Builder by FunnelKit versions = 3.11.0.2...
WordPress Funnel Builder by FunnelKit plugin SQL Injection Vulnerability
WordPress Funnel Builder by FunnelKit plugin is a professional sales funnel builder plugin for WordPress platform, which is mainly used to optimize the WooCommerce shopping process and increase the conversion rate. The WordPress Funnel Builder by FunnelKit plugin suffers from a SQL injection...
CVE-2025-49034
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows SQL Injection.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.10.2...
CVE-2025-49034
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows SQL Injection.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.10.2...
CVE-2025-49034
CVE-2025-49034 : WordPress Funnel Builder by FunnelKit plugin (
CVE-2025-49034 WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder by FunnelKit allows SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.10.2...
CVE-2025-49034 WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows SQL Injection.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.10.2...
PT-2025-29805 · Unknown · Funnelkit Funnel Builder
Name of the Vulnerable Software and Affected Versions: FunnelKit Funnel Builder versions through 3.10.2 Description: FunnelKit Funnel Builder is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This issue allows for potential SQL injectio...
WordPress plugin Funnel Builder by FunnelKit SQL注入漏洞
WordPress Funnel Builder by FunnelKit plugin is a professional sales funnel builder plugin for WordPress platform, which is mainly used to optimize the WooCommerce shopping process and increase the conversion rate. The WordPress Funnel Builder by FunnelKit plugin suffers from a SQL injection...
CVE-2025-49868
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through = 3.6.0...
CVE-2025-1562
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash in all...