Log out
Get PRO

Latest

Input validation vulnerability in Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels 3.5.5

  • Severity: medium-risk
  • Status: Fixed
  • Publication: November 20, 2024

The WPFunnels plugin for WordPress, which helps build funnels for websites, has a security issue called Reflected Cross-Site Scripting. This means that the plugin is not properly checking the information it receives and is not protecting against harmful code being included in a webpage. This could allow attackers to insert their own code and potentially harm users who click on certain links. The issue was partially fixed in version 3.5.4 and completely fixed in version 3.5.5.

Detected in:

Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels fixed vulnerable versions:
Easiest Funnel Builder For WordPress & WooCommerce, Specialized For Digital Creators – WPFunnels fixed vulnerable versions:
Leads & Sales Funnel Builder For WordPress & WooCommerce, Specialized For Digital Creators – WPFunnels fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.