Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One, CVE-2025-2203
- CVE, Research URL
- Published on
- May 16, 2025
- Research Description
- The FunnelKit WordPress plugin before 3.10.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
- Affected versions
-
Min -, max 3.10.2.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Weluka Lite (CVE-2025-4591) , May 16, 2025 |