Multiple Plugins By FunnelKit <= (Various Versions) – Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library | CVE 2025-7654 | Plugin Vulnerabilities

Description

Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make privilege escalation possible.

Please note both FunnelKit – Funnel Builder for WooCommerce Checkout AND FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce are affected by this.

Affects Plugins

wp-marketing-automations

Fixed in 3.6.4

Fixed in 3.11.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/bc0983d7-6c7e-41cb-8997-578d362d9c9f

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CVSS

Miscellaneous

Original Researcher

wesley (wcraft)

Verified

No

WPVDB ID

7b642b6b-58eb-4b17-9d9a-8d58ae74ddcc

Timeline

Publicly Published

2025-08-18 (about 8 months ago)

Added

2025-08-18 (about 8 months ago)

Last Updated

2025-08-19 (about 8 months ago)

Other

Published

Title

Published

2026-04-06

Title

IDPay Payment Gateway for Woocommerce <= 2.2.5 - Unauthenticated Information Exposure

Published

2025-09-29

Title

Upload.am < 1.0.1 - Contributor+ Arbitrary Option Update

Published

2024-04-29

Title

Media Cleaner: Clean your WordPress! < 6.7.3 - Unauthenticated Information Exposure

Published

2026-01-08

Title

BetterDocs < 4.3.4 - Authenticated (Contributor+) Sensitive Information Exposure

Published

2025-08-11

Title

WP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information Exposure