Funnel Builder For Woocommerce Checkout
Approved changes feed: RSS · Atom
cpe:2.3:a:funnelkit:funnel_builder_for_woocommerce_checkout:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Funnelkit (25092b83-a3d8-56e8-bd8b-cc65ffeaaa8c) |
|---|---|
| Product | Funnel Builder For Woocommerce Checkout (282289cf-e4f5-5b02-9c00-35a95a2f64fe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-47100 |
vulnerable | 2026-06-08 08:05:12.174570 |
Funnel Builder for WooCommerce Checkout < 3.15.0.3 Missing Authorization via AJAX
HIGH (7.5)
Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject malicious JavaScript through the External Scripts setting that executes in the browsers of all checkout page visitors.
Published: 2026-05-19T14:00:55.318Z
Updated: 2026-05-19T14:39:08.304Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.