Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5.
Severity (CVSS)
| Base score | 7.6 |
|---|---|
| Severity | High |
| Version | CVSS 3.1 |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L |
| Provided by | CNA |
Weaknesses
- CWE-89 — CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Affected products
| Vendor | Product | Versions |
|---|---|---|
| FunnelKit | Funnel Builder by FunnelKit | n/a to <=3.15.0.5 |
References
Generated from the official CVE List on 24 Jun 2026 09:35 UTC.