CVE-2026-47100

HIGH EXPLOITED LAB

Funnel Builder for WooCommerce Checkout < 3.15.0.3 Missing Authorization via AJAX

Title source: cna

Exploitation Summary

CVE-2026-47100 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including rootdirective-sec.

Description

Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject malicious JavaScript through the External Scripts setting that executes in the browsers of all checkout page visitors.

Exploits (1)

github FAILED

by rootdirective-sec · pythonpoc

https://github.com/rootdirective-sec/CVE-2026-47100-Analysis-Lab

View Code ZIP pw:eip

References (3)

Core 3

Core References

Technical Description technical-description

https://sansec.io/research/funnelkit-woocommerce-vulnerability-exploited

Patch patch

https://plugins.trac.wordpress.org/changeset/3530797/funnel-builder/tags/3.15.0.3/modules/checkouts/includes/class-wfacp-ajax-controller.php

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/funnel-builder-for-woocommerce-checkout-missing-authorization-via-ajax

Scores

CVSS v3 7.5

EPSS 0.0005

EPSS Percentile 15.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Lab Environment

COMMUNITY

Community Lab

docker pull wordpress:6.8.1-php8.2-apache

https://github.com/rootdirective-sec/CVE-2026-47100-Analysis-Lab

View in Library

Details

VulnCheck KEV 2026-05-14

CWE

CWE-862

Status published

Products (1)

FunnelKit/Funnel Builder for WooCommerce Checkout < 3.15.0.3

Published May 19, 2026

Tracked Since May 19, 2026