Vulnerabilidades em amans2k
12 resultadosCVE-2025-1562CRITICALRecover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin InstallationEPSS 2.9%CVE-2025-7654HIGHMultiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel LibraryEPSS 0.6%CVE-2025-2186HIGHRecover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.1 - Unauthenticated SQL Injection via 'automationId'EPSS 0.4%CVE-2024-5192MEDIUMFunnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.3.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG UploadEPSS 0.3%CVE-2024-6836MEDIUMFunnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.4.6 - Missing Authorization to Authenticated (Contributor+) Settings UpdateEPSS 0.3%CVE-2025-12468MEDIUMFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-14169HIGHFunnelKit – Funnel Builder for WooCommerce Checkout <= 3.13.1.5 - Unauthenticated SQL InjectionEPSS 0.3%CVE-2025-12469MEDIUMFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.2%CVE-2025-12878MEDIUMFunnelKit – Funnel Builder for WooCommerce Checkout <= 3.13.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via wfop_phone ShortcodeEPSS 0.2%CVE-2024-13675MEDIUMSlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-8607MEDIUMSlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-6730MEDIUMBonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In SuccessEPSS 0.2%