CVE-2025-14169

Name of the Vulnerable Software and Affected Versions FunnelKit - Funnel Builder for WooCommerce Checkout plugin for WordPress versions through 3.13.1.5

Description The software is susceptible to a time-based blind SQL Injection issue via the opid parameter. This is due to inadequate input sanitization and insufficient query preparation. An unauthenticated attacker can inject additional SQL queries into existing database queries, potentially extracting sensitive information.

Recommendations Versions prior to 3.13.1.5 should be updated.