Known Vulnerabilities for FunnelKit by Unknown
Listed below are 10 of the newest known vulnerabilities associated with "FunnelKit" by "Unknown".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57816 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Funnel Builde... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-57635 json | Unauthenticated Cross Site Request Forgery (CSRF) in FunnelKit Payment Gateway for Stripe WooCommerce <= 1.14.0.3 versions. | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-56052 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builde... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-48966 json | Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-42381 json | Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-39450 json | Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-12979 json | The FunnelKit WordPress plugin before 3.15.0.6 does not validate a user-supplied path before deleting a file during a templa... | Not Provided | 2026-07-16 | 2026-07-16 |
| CVE-2026-12978 json | The FunnelKit WordPress plugin before 3.15.0.6 does not escape a user-supplied parameter before reflecting it into the HTML ... | Not Provided | 2026-07-16 | 2026-07-16 |
| CVE-2025-66067 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Funnel Builder by ... | Not Provided | 2025-11-21 | 2026-04-27 |
| CVE-2025-54750 json | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Aman... | Not Provided | 2025-08-20 | 2026-04-23 |