Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-14169 3 Funnelkit, Woocommerce, Wordpress 4 Funnel Builder, Funnelkit Checkout, Woocommerce and 1 more 2025-12-14 7.5 High
The FunnelKit - Funnel Builder for WooCommerce Checkout plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'opid' parameter in all versions up to, and including, 3.13.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2023-51672 1 Funnelkit 1 Funnelkit Checkout 2025-07-13 7.5 High
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51671 1 Funnelkit 1 Funnelkit Checkout 2024-11-21 5.4 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51670 1 Funnelkit 1 Funnelkit Checkout 2024-11-21 4.3 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.