CVE 7.6 HIGH

WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability_CVE-2025-49034

August 14, 2025 invoker category_cve
7.6 / 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.10.2.

Basic Information

ID CVE-2025-49034
Source Patchstack
Published Jul 16, 2025 at 11:27
Modified Jul 16, 2025 at 13:39

Affected Product

Vendor FunnelKit
Product Funnel Builder by FunnelKit
Version n/a
Affected Versions FunnelKit Funnel Builder by FunnelKit n/a

CWE Classification

CWE-89

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.