Vulnerabilities and security researches forwpfunnels wpfunnels

Jun 06, 2024

CVE, Research URL: CVE-2023-0173
Home page URL: Security reports for Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Application: Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Date: Feb 07, 2023
Research Description: The Drag & Drop Sales Funnel Builder for WordPress plugin before 2.6.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-27965
Home page URL: Security reports for Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Application: Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Date: Mar 21, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels Team WPFunnels allows Stored XSS.This issue affects WPFunnels: from n/a through 3.0.6.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-37977
Home page URL: Security reports for Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Application: Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Date: Jul 27, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFunnels Team Drag & Drop Sales Funnel Builder for WordPress – WPFunnels plugin <= 2.7.16 versions.
Affected versions: Min -, max -.
Status: vulnerable

Nov 22, 2024

CVE, Research URL: CVE-2024-10792
Home page URL: Security reports for Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Application: Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Date: -
Research Description: Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels [wpfunnels] < 3.5.6 CVE-2024-10792
Affected versions: Min -, max -.
Status: vulnerable

May 16, 2025

CVE, Research URL: CVE-2025-47530
Home page URL: Security reports for Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Application: Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels
Date: -
Research Description: Easiest Funnel Builder For WordPress & WooCommerce, Specialized For Digital Creators – WPFunnels [wpfunnels] < 3.5.19 CVE-2025-47530
Affected versions: Min -, max -.
Status: vulnerable