Tag

Javascript-Injection

1 brief RSS

Funnel Builder for WooCommerce Checkout Missing Authorization Vulnerability (CVE-2026-47100)

Funnel Builder for WooCommerce Checkout versions prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and inject malicious JavaScript, impacting checkout page visitors.

Funnel Builder for WooCommerce Checkout < 3.15.0.3 cve woocommerce wordpress missing-authorization javascript-injection

2r 1c 1d ago