A vulnerability, which was classified as problematic, was found in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation Plugin up to 3.5.3 on WordPress. This affects the function
install_or_activate_addon_plugins of the component Plugin Installation Handler. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2025-1562. It is possible to initiate the attack remotely. There is no exploit available.
