Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 16 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-12469 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce Medium 4.3 2025-11-05 09:27:40 Deep Dive
CVE-2025-12468 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Unauthenticated Sensitive Information Exposure amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce Medium 5.3 2025-11-05 09:27:39 Deep Dive
CVE-2025-7654 Multiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce High 8.8 2025-08-19 07:26:28 Deep Dive
CVE-2025-1562 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce Critical 9.8 2025-06-18 07:22:44 Deep Dive
CVE-2025-4206 WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File Deletion trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation High 7.2 2025-05-09 11:11:19 Deep Dive
CVE-2025-1267 Groundhogg <= 3.7.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via label Parameter trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 5.5 2025-04-01 06:52:05 Deep Dive
CVE-2025-2186 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.1 - Unauthenticated SQL Injection via 'automationId' amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce High 7.5 2025-03-22 12:42:12 Deep Dive
CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation High 8.8 2025-01-14 08:23:14 Deep Dive
CVE-2023-1430 FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control techjewelFluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution Medium 6.5 2023-06-09 05:33:37 Deep Dive
CVE-2023-2717 Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All Plugins trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 5.4 2023-05-20 02:03:25 Deep Dive
CVE-2023-2736 Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Privilege Escalation trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation High 7.5 2023-05-20 02:03:24 Deep Dive
CVE-2023-2735 Groundhogg <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 4.9 2023-05-20 02:03:23 Deep Dive
CVE-2023-2716 Groundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File Upload trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 5.4 2023-05-20 02:03:22 Deep Dive
CVE-2023-2714 Groundhogg <= 2.7.9.8 - Missing Authorization to Update License trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 4.3 2023-05-20 02:03:20 Deep Dive
CVE-2023-2715 Groundhogg <= 2.7.9.8 - Missing Authorization to Admin Account and Ticket Creation trainingbusinessprosGroundhogg — CRM, Newsletters, and Marketing Automation Medium 4.3 2023-05-20 02:03:19 Deep Dive
CVE-2023-1425 Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi UnknownWordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg 高危 -2023-04-10 13:17:57 Deep Dive