230 matches found
CVE-2023-51672
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3...
WordPress Plugin FunnelKit Checkout 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...
CVE-2023-51672 WordPress FunnelKit Checkout plugin <= 3.10.3 - Unauthenticated Arbitrary Post/Page Deletion vulnerability
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3...
CVE-2023-51672 WordPress FunnelKit Checkout plugin <= 3.10.3 - Unauthenticated Arbitrary Post/Page Deletion vulnerability
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3...
CVE-2024-2580
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through 2.8.2...
CVE-2024-2580 WordPress Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin <= 2.8.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through 2.8.2...
CVE-2024-2580
CVE-2024-2580 affects WordPress Automation By Autonami (FunnelKit Automations) up to version 2.8.2, with a Stored XSS in Cross Site Scripting via input during web page generation. Root cause: improper input neutralization/output escaping. Impact: potential stored attacker-controlled scripts execu...
CVE-2024-2580 WordPress Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin <= 2.8.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through 2.8.2...
WordPress Plugin FunnelKit Automations 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin FunnelKit...
PT-2024-14232 · Unknown · Funnelkit Checkout
Name of the Vulnerable Software and Affected Versions: FunnelKit Checkout versions 3.10.3 and earlier Description: A Missing Authorization issue affects the software, potentially allowing unauthorized access. The estimated number of affected devices is not specified. There is no information about...
Automation By Autonami < 2.7.0 - Authenticated(Administrator+) SQL Injection
Description The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in all versions up to 2.7.0 exclusive due to insufficient escaping on the user supplied parameter and...
FunnelKit Checkout < 3.11.0 - Unauthenticated Arbitrary Content Deletion
Description The FunnelKit Checkout plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on an unknown function in all versions up to, and including, 3.10.3. This makes it possible for unauthenticated attackers, to delete arbitrary content...
FunnelKit Checkout < 3.11.0 - Subscriber+ Settings Update
Description The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...
FunnelKit Checkout < 3.11.0 - Subscriber+ Arbitrary Plugin Activation
Description The FunnelKit Checkout plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in all versions up to, and including, 3.10.3. This makes it possible for authenticated attackers, with subscriber access and above, t...
CVE-2023-50856
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits.This issue affects Funnel Builder for WordPress by FunnelKit –...
CVE-2023-50857
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2023-50857
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2023-50856
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits.This issue affects Funnel Builder for WordPress by FunnelKit –...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2023-50856
CVE-2023-50856 affects Funnel Builder for WordPress by FunnelKit (funnel-builder) up to version 2.14.3. It is an SQL Injection (improper neutralization of SQL elements) vulnerability that can be exploited remotely over the network with no user interaction, requiring high privileges, and can impac...