Lucene search
+L

127 matches found

RedhatCVE
RedhatCVE
added 2026/04/05 4:58 p.m.5 views

CVE-2026-0626

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpfoptinform' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of th...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/04 12:31 p.m.16 views

EUVD-2026-18991

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpfoptinform' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of th...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References3
NVD
NVD
added 2026/04/04 12:16 p.m.10 views

CVE-2026-0626

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpfoptinform' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of th...

6.4CVSS0.00199EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/04 11:16 a.m.4 views

CVE-2026-0626

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpfoptinform' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of th...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/04 11:16 a.m.4 views

CVE-2026-0626 WPFunnels <= 3.7.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpf_optin_form' Shortcode

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpfoptinform' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of th...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References2
CVE
CVE
added 2026/04/04 11:16 a.m.26 views

CVE-2026-0626

CVE-2026-0626 affects the WordPress plugin WPFunnels – Easy Funnel Builder (all versions up to and including 3.7.9). The vulnerability is in the wpf_optin_form shortcode, where insufficient input sanitization and output escaping of the button_icon parameter allows an authenticated attacker with c...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.15 views

PT-2026-30343

The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpf optin form' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping of...

6.4CVSS6.1AI score0.00199EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/04 12:0 a.m.10 views

WordPress plugin WPFunnels 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00199EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.4 views

CVE-2026-32530

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

8.8CVSS5.8AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.9 views

EUVD-2026-15899

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

5.8AI score0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.5 views

CVE-2026-32530

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

8.8CVSS0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28044

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

5.8AI score0.00225EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.9 views

CVE-2026-23541

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS5.5AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.8 views

CVE-2026-23541

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.13 views

CVE-2025-69359

Missing Authorization vulnerability in WPFunnels Creator LMS creatorlms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Creator LMS: from n/a through = 1.1.12...

5.3CVSS7AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.10 views

PT-2026-1486

Name of the Vulnerable Software and Affected Versions WPFunnels Creator LMS versions through 1.1.12 Description An authorization issue exists in WPFunnels Creator LMS. The issue involves incorrectly configured access control security levels, potentially allowing unauthorized access. Recommendatio...

6.5AI score0.0023EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.5 views

CVE-2025-67571

Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through = 3.6.2...

5.3CVSS7AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.9 views

EUVD-2025-202075

Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through = 3.6.2...

6.5AI score0.00216EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.10 views

CVE-2025-67571

Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through = 3.6.2...

5.3CVSS0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.27 views

CVE-2025-67571 WordPress WPFunnels plugin <= 3.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through = 3.6.2...

5.3CVSS0.00216EPSS
Exploits0References1
Rows per page
Query Builder