WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WordPress Plugin Vulnerabilities
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce
2021-05-17
Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID
Fixed in version 1.6.13
2020-09-16
Multiple Plugins/Themes - Cross-Site Request Forgery (CSRF)
Fixed in version 1.5.16
2019-11-07
Funnel Builder by CartFlows < 1.3.1 - Authenticated Arbitrary Plugin Activation
Fixed in version 1.3.1
Fixed in version 1.6.13Fixed in version 1.3.1Fixed in version 1.6.13Fixed in version 1.3.1