2 matches found
CVE-2024-27965
CVE-2024-27965 is a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WPFunnels (Easiest Sales Funnel Builder for WordPress & WooCommerce) affecting versions up to 3.0.6. The issue stems from improper input neutralization during web page generation, enabling injected script ...
CVE-2023-37977
CVE-2023-37977 affects the WordPress plugin “WPFunnels – Drag & Drop Sales Funnel Builder” up to version 2.7.16. It is an unauthenticated, reflected cross-site scripting (XSS) vulnerability (root cause: insufficient input escaping in reflected parameters). Impact stated by sources includes potent...