cleantalk
Vulnerabilities and Security Researches

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce, CVE-2026-25316

CVE, Research URL

CVE-2026-25316

Home page URL

Security reports for WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Application

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Published on
Feb 19, 2026
Research Description
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Object Injection.This issue affects CartFlows: from n/a through <= 2.1.19.
Affected versions
max 2.1.19.
Status
vulnerable
Previous vulnerability researches
WooCommerce Checkout &amp; Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2026-25316) , Feb 27, 2026
WooCommerce Checkout &amp; Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2020-36736) , Jun 07, 2024
WooCommerce Checkout &amp; Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2021-24330) , Jun 07, 2024
WooCommerce Checkout &amp; Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2019-25151) , Jun 07, 2024
WooCommerce Checkout &amp; Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2024-29813) , Jun 07, 2024
New vulnerability
Printful Integration for WooCommerce (CVE-2025-12375) , Feb 27, 2026
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes (CVE-2026-25322) , Feb 27, 2026
Page Builder Gutenberg Blocks – CoBlocks (CVE-2026-27094) , Feb 27, 2026
ElementsKit Elementor addons (CVE-2026-23693) , Feb 27, 2026
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2025-14795) , Feb 27, 2026