Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit 3.2.2

  • Severity: high-risk
  • Status: Fixed
  • Publication: October 24, 2024

A popular plugin for WordPress called Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit has a security vulnerability. This means that hackers can use a special code in the plugin to access private information stored in the database. The vulnerability exists in all versions of the plugin up to version 3.2.2, and it is caused by not properly protecting the user input and not preparing the SQL query properly. This could allow unauthorized users to add their own code and steal sensitive information.

Detected in:

FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce fixed vulnerable versions:
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.