EUVD-2026-37624

Unauthenticated Cross Site Scripting XSS in WPFunnels Pro = 2.9.4 versions...

CVE-2026-49778

Unauthenticated Cross Site Scripting XSS in WPFunnels Pro = 2.9.4 versions...

CVE-2026-49778

Summary (CVE-2026-49778) Unauthenticated Cross Site Scripting (XSS) in WordPress WPFunnels Pro plugin ≤ 2.9.4. The CVSSv3.1 base score is 7.1 (HIGH); vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L. The vulnerability affects the WPFunnels Pro plugin for WordPress (versions ≤ 2.9.4). Details provided ...

WordPress WPFunnels Pro plugin <= 2.9.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by dutafi in WordPress Plugin WPFunnels Pro versions = 2.9.4...