Funnelkit Funnel Builder By Funnelkit vulnerabilities
3 known vulnerabilities affecting funnelkit/funnel_builder_by_funnelkit.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2026-42381P2CRITICALCVSS 9.3≥ n/a, ≤ 3.15.0.12026-06-15
CVE-2026-42381 [CRITICAL] CWE-89 CVE-2026-42381: Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions.
Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions.
nvd
CVE-2026-56052P3HIGHCVSS 7.6≥ n/a, ≤ 3.15.0.52026-06-24
CVE-2026-56052 [HIGH] CWE-89 CVE-2026-56052: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection.
This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5.
nvd
CVE-2026-48966P4HIGHCVSS 7.1≥ n/a, ≤ 3.15.0.22026-06-15
CVE-2026-48966 [HIGH] CWE-79 CVE-2026-48966: Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions.
nvd