Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder 3.4.9

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 20, 2024

The One Click Upsell Funnel for WooCommerce is a tool for WordPress that helps increase sales and profits by creating offers for customers to purchase additional products after their initial purchase. However, it has been found to have a security vulnerability called Stored Cross-Site Scripting. This means that attackers with a certain level of access can inject harmful code into pages, which can be executed when a user visits the page.

Detected in:

One Click Upsell Funnel for WooCommerce fixed vulnerable versions:
One Click Upsell Funnel for WooCommerce – Free Funnel Builder to create WooCommerce Upsell, Post-Purchase Upsell, Cross Sell, and Order Bump. fixed vulnerable versions: >= * <= 3.4.9

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.