CVE-2025-12469 | FunnelKit Automations Plugin up to 3.6.4.1 on WordPress AJAX check_nonce authorization

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability classified as critical was found in FunnelKit Automations Plugin up to 3.6.4.1 on WordPress. Impacted is the function check_nonce of the component AJAX Handler. Such manipulation leads to missing authorization.

This vulnerability is documented as CVE-2025-12469. The attack can be executed remotely. There is not any exploit available.

CVE-2025-12469 | FunnelKit Automations Plugin up to 3.6.4.1 on WordPress AJAX check_nonce authorization

Post correlati

CVE-2024-11577 | Luxion KeyShot SKP File Parser out-of-bounds write (ZDI-24-1608)

CVE-2024-20326 | Cisco ConfD CLI os command injection (cisco-sa-cnfd-rwpesc-ZAOufyx8)

CVE-2025-8071 | CloudVod Plugin up to 2.1.10 on WordPress audio cross site scripting

CVE-2024-49803 | IBM Security Verify Access up to 10.0.8 Request os command injection