Lucene search
K

6 matches found

Patchstack
Patchstack
added 2026/04/27 1:30 p.m.5 views

WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Funnel Builder by FunnelKit versions = 3.15.0.1...

5.8AI score0.00283EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/11/21 12:29 p.m.13 views

CVE-2025-66067 WordPress Funnel Builder by FunnelKit plugin <= 3.13.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows DOM-Based XSS.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.13.1.2...

6.5CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2025/11/19 6:15 a.m.6 views

CVE-2025-12878

The FunnelKit – Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wfopphone shortcode in all versions up to, and including, 3.13.1.2. This is due to insufficient input sanitization and output escaping on the user-supplied default...

6.4CVSS0.00209EPSS
Exploits0References7
NVD
NVD
added 2025/08/20 8:15 a.m.13 views

CVE-2025-54750

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows PHP Local File Inclusion.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.11.1...

7.5CVSS0.00469EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.23 views

WordPress Funnel Kit Funnel Builder PRO Plugin <= 3.4.5 is vulnerable to Cross Site Scripting (XSS)

Software Funnel Kit Funnel Builder PRO Type Plugin Vulnerable versions = 3.4.5 Fixed in 3.5.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1056 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8c1faa8fa285 Credits Francesco...

6.4CVSS5.8AI score0.00248EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/29 12:0 a.m.3 views

WordPress plugin Funnel Kit Funnel Builder PRO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.4CVSS5.8AI score0.00248EPSS
Exploits0References3
Rows per page
Query Builder