9.8

CVE-2025-1562

EPSS 16.07%
Veröffentlicht 18.06.2025 07:22:43
Zuletzt bearbeitet 09.07.2025 18:55:22
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_or_activate_addon_plugins() function and a weak nonce hash in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to install arbitrary plugins on the site that can be leveraged to further infect a vulnerable site.

Mögliche Gegenmaßnahme

FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce: Update to version 3.6.0, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce

Version *-3.5.3

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Funnelkit ≫ Funnelkit Automations SwPlatformwordpress Version < 3.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.07%	0.946

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@wordfence.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://www.wordfence.com/threat-intel/vulnerabilities/id/094972e6-7e02-4060-b069-e39c8cde9331?source=cve

Third Party Advisory

https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/admin/class-bwfan-admin.php

Patch

https://plugins.trac.wordpress.org/browser/wp-marketing-automations/tags/2.5.0/includes/api/plugin_status/class-bwfan-api-install-and-activate-plugin.php

Product

https://plugins.trac.wordpress.org/browser/wp-marketing-automations/tags/2.5.0/includes/class-bwfan-db.php#L153

Product

https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/includes/class-bwfan-api-loader.php

Patch

https://plugins.trac.wordpress.org/changeset/3305437/wp-marketing-automations/trunk/includes/abstracts/class-bwfan-api-base.php

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/094972e6-7e02-4060-b069-e39c8cde9331

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-1562

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1562

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1562

EUVD