The ClickFunnels plugin for WordPress is not secure in versions up to 3.1.1. This means that someone with contributor-level or higher access can inject malicious code into pages that will run when any user views that page. This code injection is possible because the plugin does not properly check the input or output of user-supplied information.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
