Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

📅 16 May 2026 at 15:20 UTC📰 The Hacker NewsView original source ↗

A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published by Sansec this week. The vulnerability currently does not have an official CVE identifier. It

Read the full article

This is a curated summary. The complete article is available at The Hacker News.

Read on The Hacker News ↗

← Back to feed