cleantalk
Vulnerabilities and Security Researches

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce, CVE-2024-29813

CVE, Research URL

CVE-2024-29813

Home page URL

Security reports for WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Application

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Published on
Mar 27, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by CartFlows: from n/a through 2.0.1.
Affected versions
max 2.0.2.
Status
vulnerable
Previous vulnerability researches
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2026-25316) , Feb 27, 2026
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2020-36736) , Jun 07, 2024
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2021-24330) , Jun 07, 2024
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2019-25151) , Jun 07, 2024
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2024-29813) , Jun 07, 2024
New vulnerability
Printful Integration for WooCommerce (CVE-2025-12375) , Feb 27, 2026
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes (CVE-2026-25322) , Feb 27, 2026
Page Builder Gutenberg Blocks – CoBlocks (CVE-2026-27094) , Feb 27, 2026
ElementsKit Elementor addons (CVE-2026-23693) , Feb 27, 2026
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2025-14795) , Feb 27, 2026