Known Vulnerabilities for Funnel Builder by Cartflows

Listed below are 4 of the newest known vulnerabilities associated with "Funnel Builder" by "Cartflows".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2025-66067	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Funnel Builder by ...	Not Provided	2025-11-21	2026-04-01
CVE-2025-54750	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Aman...	Not Provided	2025-08-20	2026-04-01
CVE-2025-49034	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Funnel Builder by ...	Not Provided	2025-07-16	2026-04-01
CVE-2025-26979	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Aman...	Not Provided	2025-02-25	2026-04-01
CVE-2021-24330	The Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress plugin before 1.6.13 did not sanitise ...	4.8 - MEDIUM	2021-06-01	2023-11-07
CVE-2021-4342	REJECT CVE split into individual CVE IDs for each software record.	Not Provided	2023-06-07	2023-11-07
CVE-2020-36736	The WooCommerce Checkout & Funnel Builder by CartFlows plugin for WordPress is vulnerable to Cross-Site Request Forgery in ve...	4.3 - MEDIUM	2023-07-01	2023-11-07
CVE-2019-25151	The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the activa...	4.3 - MEDIUM	2023-06-07	2023-11-07