Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.7 views

CVE-2026-47100

Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject...

8.7CVSS5.6AI score0.00457EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/19 2:0 p.m.43 views

CVE-2026-47100 Funnel Builder for WooCommerce Checkout < 3.15.0.3 Missing Authorization via AJAX

Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject...

8.7CVSS0.00457EPSS
Exploits1References3
CVE
CVE
added 2026/05/19 2:0 p.m.33 views

CVE-2026-47100

CVE-2026-47100 affects Funnel Builder for WooCommerce Checkout (FunnelKit) prior to version 3.15.0.3. The vulnerability is a missing authorization flaw in the public checkout AJAX flow (update_order_review) that allows an unauthenticated attacker to invoke internal methods and write to the plugin...

8.7CVSS5.9AI score0.00457EPSS
In wildExploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.23 views

VulnCheck KEV: CVE-2026-47100

Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject...

8.7CVSS5.9AI score0.00457EPSS
In wildExploits1References3
Rows per page
Query Builder