Log out
Get PRO

Latest

Access violation vulnerability in Drag & Drop Sales Funnel Builder for WordPress – WPFunnels 2.7.16

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 10, 2023

The WPFunnels plugin for WordPress is not secure in its versions leading up to and including 2.7.15. This means that someone who has access to the plugin can manipulate objects they were not supposed to be able to access. This is because of a lack of validation on something that the user is in control of.

Detected in:

Drag & Drop Sales Funnel Builder for WordPress – WPFunnels fixed vulnerable versions: >= * < 2.7.16
Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels fixed vulnerable versions:
Easiest Funnel Builder For WordPress & WooCommerce, Specialized For Digital Creators – WPFunnels fixed vulnerable versions:
Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels fixed vulnerable versions:
Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels – Generate Leads & Craft A Highly-Converting Sales Journey In Minutes fixed vulnerable versions:
Leads & Sales Funnel Builder For WordPress & WooCommerce, Specialized For Digital Creators – WPFunnels fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.