Export limit exceeded: 361936 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2203 | 1 Funnelkit | 1 Funnel Builder | 2025-06-12 | 6.1 Medium |
| The FunnelKit WordPress plugin before 3.10.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks | ||||
| CVE-2024-9186 | 1 Funnelkit | 1 Funnelkit Automations | 2025-05-15 | 8.6 High |
| The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks | ||||
| CVE-2024-6836 | 1 Funnelkit | 1 Funnel Builder | 2024-11-21 | 4.3 Medium |
| The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple functions in all versions up to, and including, 3.4.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to update multiple settings, including templates, designs, checkouts, and other plugin settings. | ||||
| CVE-2023-51671 | 1 Funnelkit | 1 Funnelkit Checkout | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | ||||
| CVE-2023-51670 | 1 Funnelkit | 1 Funnelkit Checkout | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | ||||
| CVE-2022-2389 | 1 Funnelkit | 1 Funnelkit Automations | 2024-11-21 | 4.3 Medium |
| The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations | ||||