3 matches found
CVE-2024-11938
The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE-2024-11938 One Click Upsell Funnel for WooCommerce <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode
The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE-2024-11938
CVE-2024-11938 affects the One Click Upsell Funnel for WooCommerce – Free Funnel Builder to create WooCommerce Upsell (WordPress plugin). The vulnerability is a Stored Cross-Site Scripting (XSS) via the wps_wocuf_pro_yes shortcode attributes, caused by insufficient input sanitization and output e...