VYPR

FunnelKit

by Funnelkit

CVEs (1)

  • CVE-2025-10567MedNov 5, 2025
    risk 0.41cvss 6.3epss 0.00

    The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back in some of its checkout-related AJAX actions, allowing attackers to conduct reflected XSS attacks against logged-in users.