Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

amans2k — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting amans2k. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by amans2k:FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceFunnelKit – Funnel Builder for WooCommerce CheckoutSlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels)Bonanza – WooCommerce Free Gifts Lite
CVE IDTitleCVSSSeverityPublished
CVE-2025-14169 FunnelKit – Funnel Builder for WooCommerce Checkout <= 3.13.1.5 - Unauthenticated SQL Injection — FunnelKit – Funnel Builder for WooCommerce CheckoutCWE-89 7.5 High2025-12-12
CVE-2025-12878 FunnelKit – Funnel Builder for WooCommerce Checkout <= 3.13.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via wfop_phone Shortcode — FunnelKit – Funnel Builder for WooCommerce CheckoutCWE-79 6.4 Medium2025-11-19
CVE-2025-12469 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-862 4.3 Medium2025-11-05
CVE-2025-12468 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Unauthenticated Sensitive Information Exposure — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-200 5.3 Medium2025-11-05
CVE-2025-8607 SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels)CWE-79 6.4 Medium2025-08-21
CVE-2025-7654 Multiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-200 8.8 High2025-08-19
CVE-2025-6730 Bonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success — Bonanza – WooCommerce Free Gifts LiteCWE-862 4.3 Medium2025-07-29
CVE-2025-1562 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-862 9.8 Critical2025-06-18
CVE-2025-2186 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.1 - Unauthenticated SQL Injection via 'automationId' — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-89 7.5 High2025-03-22
CVE-2024-13675 SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels)CWE-79 6.4 Medium2025-03-08
CVE-2024-6836 Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.4.6 - Missing Authorization to Authenticated (Contributor+) Settings Update — FunnelKit – Funnel Builder for WooCommerce CheckoutCWE-862 4.3 Medium2024-07-24
CVE-2024-5192 Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.3.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload — FunnelKit – Funnel Builder for WooCommerce CheckoutCWE-79 6.4 Medium2024-06-29

This page lists every published CVE security advisory associated with amans2k. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.