3 matches found
CVE-2026-15103
The CVE affects the WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell WordPress plugin. All versions up to 3.12.8 are vulnerable to privilege escalation via an insecure update_settings() REST callback that does not validate the group_id path parameter against an allowlis...
Malicious code in vulcan-rest-callback-jekyll (npm)
The package vulcan-rest-callback-jekyll was found to contain malicious code...
MAL-2025-38694 Malicious code in vulcan-rest-callback-jekyll (npm)
The package vulcan-rest-callback-jekyll was found to contain malicious code...