The FunnelKit plugin for WordPress, which is used to build funnels for online stores, has a security issue that allows hackers to access sensitive information from the website’s database. This is due to a lack of proper preparation and escaping of user input. Users with high level access can add their own SQL queries to existing ones, making it possible to steal data.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
