WordPress Plugin Vulnerabilities

FunnelKit Checkout < 3.11.0 - Subscriber+ Arbitrary Plugin Activation

Description

The FunnelKit Checkout plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in all versions up to, and including, 3.10.3. This makes it possible for authenticated attackers, with subscriber access and above, to activate arbitrary plugins.

Affects Plugins

Plugin icon
woofunnels-aero-checkout
Fixed in 3.11.0

References

CVE
CVE-2023-51670
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/6f789ff9-5d86-4911-8b2f-2a425393c61d

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Dave Jong
Verified
No
WPVDB ID
e856a90b-a999-4e27-ac65-d35dc1573ae0

Timeline

Publicly Published
2023-12-27 (about 2 years ago)
Added
2024-01-03 (about 2 years ago)
Last Updated
2024-01-03 (about 2 years ago)

Other

Published
Title
Published
2025-01-24
Title
Gutenberg Blocks by Kadence Blocks < 3.3.2 - Missing Authorization
Published
2026-02-09
Title
PopupKit < 2.2.1 - Missing Authorization to Sensitive Information Disclosure and Data Deletion
Published
2025-04-25
Title
Custom Login and Registration <= 1.0.0 - Missing Authorization
Published
2024-02-27
Title
Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Subscriber+ Template Creation
Published
2024-07-11
Title
Titan Anti-spam & Security < 7.3.8 - Missing Authorization