Amans2k Funnelkit – Funnel Builder For Woocommerce Checkout
5 CVEs affecting Amans2k Funnelkit – Funnel Builder For Woocommerce Checkout. Latest disclosed: 2025-12-12. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-7654 | High | 8.8 | 2025-08-19 | Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode. This makes it possible for authenticated attackers… |
CVE-2025-14169 | High | 7.5 | 2025-12-12 | The FunnelKit - Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'opid' parameter in all ve… |
CVE-2025-12878 | Medium | 6.4 | 2025-11-19 | The FunnelKit – Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `wfop_phone` shortcode in all… |
CVE-2024-5192 | Medium | 6.4 | 2024-06-29 | The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPres… |
CVE-2024-6836 | Medium | 4.3 | 2024-07-24 | The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells plugin for WordPres… |