cleantalk
Vulnerabilities and Security Researches

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce, CVE-2026-25316

CVE, Research URL

CVE-2026-25316

Home page URL

Security reports for WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Application

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce

Published on
Feb 19, 2026
Research Description
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Object Injection.This issue affects CartFlows: from n/a through <= 2.1.19.
Affected versions
max 2.1.19.
Status
vulnerable
Previous vulnerability researches
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-39649) , Aug 07, 2024
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-7092) , Aug 13, 2024
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2026-23543) , Feb 27, 2026
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-9993) , Jun 15, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2022-0683) , Jun 07, 2024
New vulnerability
WP Wizard Cloak (CVE-2025-53237) , Feb 27, 2026
YITH WooCommerce Compare (CVE-2026-22333) , Feb 27, 2026
Kenta Companion (CVE-2026-27090) , Feb 27, 2026
WP-Lister Lite for eBay (CVE-2026-25384) , Feb 27, 2026
Email Marketing, Email Automation &amp; Newsletter for WordPress &amp; WooCommerce – Mail Mint (CVE-2026-23541) , Feb 27, 2026