CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.9AI score0.00137EPSS

Exploits2

HackRead•added 2025/05/07 5:4 p.m.•11 views

ClickFunnels Investigates Breach After Hackers Leak Business Data

ClickFunnels is investigating a data breach after hackers leaked detailed business data, including emails, phone numbers, and company…...

7.3AI score

Exploits0

NVD•added 2023/08/16 12:15 p.m.•8 views

CVE-2022-4782

5.4CVSS5.3AI score0.00137EPSS

Exploits2References1

OSV•added 2023/08/16 12:15 p.m.•1 views

CVE-2022-4782

5.4CVSS5.8AI score0.00137EPSS

Exploits2References1

Prion•added 2023/08/16 12:15 p.m.•7 views

Cross site scripting

4.9CVSS5.3AI score0.00137EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/08/16 11:3 a.m.•15 views

CVE-2022-4782 ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode

6.1AI score0.00137EPSS

Exploits2References1

CVE•added 2023/08/16 11:3 a.m.•36 views

CVE-2022-4782

CVE-2022-4782 refers to the WordPress plugin ClickFunnels (

5.4CVSS5.2AI score0.00137EPSS

Exploits2References1Affected Software1

Cvelist•added 2023/08/16 11:3 a.m.•14 views

CVE-2022-4782 ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode

5.5AI score0.00137EPSS

Exploits2References1

OSV•added 2023/05/24 4:15 p.m.•2 views

CVE-2022-47152

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

8.8CVSS5.8AI score

Exploits0References1

NVD•added 2023/05/24 4:15 p.m.•14 views

CVE-2022-47152

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

8.8CVSS6.5AI score0.00152EPSS

Exploits0References1

Prion•added 2023/05/24 4:15 p.m.•8 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

6.8CVSS8.7AI score0.00152EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/05/24 3:52 p.m.•4 views

CVE-2022-47152 WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

5.4CVSS7AI score0.00152EPSS

Exploits0References1

Cvelist•added 2023/05/24 3:52 p.m.•14 views

CVE-2022-47152 WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

5.4CVSS9AI score0.00152EPSS

Exploits0References1

CVE•added 2023/05/24 3:52 p.m.•41 views

CVE-2022-47152

CVE-2022-47152 concerns the WordPress ClickFunnels plugin (

8.8CVSS7.1AI score0.00152EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/05/24 12:0 a.m.•2 views

PT-2023-15197 · Unknown · Clickfunnels

Name of the Vulnerable Software and Affected Versions: ClickFunnels plugin versions = 3.1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to...

8.8CVSS8.5AI score0.00152EPSS

Exploits0References4

CNNVD•added 2023/05/24 12:0 a.m.•1 views

WordPress plugin ClickFunnels 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS7.8AI score0.00152EPSS

Exploits0References3

WPVulnDB•added 2023/04/26 12:0 a.m.•18 views

ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC clickfunnelsembed url="javascript:alert1"...

5.4AI score0.00137EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by