Vulnerabilities (CVE)

Filtered by vendor Clickfunnels Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4782 1 Clickfunnels 1 Clickfunnels 2024-02-28 N/A 5.4 MEDIUM
The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
CVE-2022-47152 1 Clickfunnels 1 Clickfunnels 2024-02-28 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Etison, LLC ClickFunnels plugin <= 3.1.1 versions.