Lucene search
K

6 matches found

Cvelist
Cvelist
added 2025/11/05 9:27 a.m.8 views

CVE-2025-12468 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Unauthenticated Sensitive Information Exposure

The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.4.1 via the '/wc-coupons/' REST API endpoint. This is due to the endpoint being marked as a...

5.3CVSS0.00321EPSS
Exploits0References3
CVE
CVE
added 2025/11/05 9:27 a.m.23 views

CVE-2025-12468

The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin (up to version 3.6.4.1) is exposed to unauthenticated sensitive information exposure via the /wc-coupons/ REST API endpoint. The endpoint is registered as a public API (public_api = true) and uses pe...

5.3CVSS5.6AI score0.00321EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.5 views

PT-2025-45101

Name of the Vulnerable Software and Affected Versions FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce versions up to and including 3.6.4.1 Description The FunnelKit Automations plugin for WordPress is affected by a missing authorization issue. The plugin doe...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References10
NVD
NVD
added 2025/04/15 10:15 p.m.4 views

CVE-2025-26870

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows DOM-Based XSS.This issue affects JetEngine: from n/a through = 3.6.4.1...

6.5CVSS0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.3 views

WordPress plugin JetEngine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.5CVSS6.7AI score0.00215EPSS
Exploits0References2
OSV
OSV
added 2023/05/26 12:15 p.m.2 views

CVE-2023-23714

Cross-Site Request Forgery CSRF vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin = 3.6.4.1 versions...

8.8CVSS7.3AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder