Lucene search
K

25 matches found

osv
osv
added 2023/07/27 3:15 p.m.4 views

CVE-2023-37977

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFunnels Team Drag & Drop Sales Funnel Builder for WordPress – WPFunnels plugin = 2.7.16 versions...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/07/27 12:0 a.m.9 views

PT-2023-26224 · WordPress · Wpfunnels

Name of the Vulnerable Software and Affected Versions: WPFunnels Team Drag & Drop Sales Funnel Builder for WordPress – WPFunnels plugin versions = 2.7.16 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References4
patchstack
patchstack
added 2023/07/11 12:0 a.m.6 views

WordPress WPFunnels Plugin <= 2.7.15 is vulnerable to Insecure Direct Object References (IDOR)

Software WPFunnels Type Plugin Vulnerable versions = 2.7.15 Fixed in 2.7.16 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE N/A Patch priority Low CVSS severity Low 5.4 Developer WPFunnels Team PSID fefed9db57ed Credits Unknown Required privilege...

6.8AI score
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/02/06 7:59 p.m.7 views

CVE-2023-0173 WPFunnels < 2.6.9 - Contributor+ Stored XSS

The Drag & Drop Sales Funnel Builder for WordPress plugin before 2.6.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

6.1AI score0.00573EPSS
Exploits1References1
patchstack
patchstack
added 2023/01/11 12:0 a.m.10 views

WordPress WPFunnels Plugin < 2.6.9 is vulnerable to Cross Site Scripting (XSS)

Software WPFunnels Type Plugin Vulnerable versions 2.6.9 Fixed in 2.6.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0173 Patch priority Medium CVSS severity Medium 6.5 Developer WPFunnels Team PSID 8cceeb86a6f0 Credits István Márton Required...

5.4CVSS5.7AI score0.00573EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder