25Şub
CVE-2025-26979 | FunnelKit Funnel Builder Plugin up to 3.9.0 on WordPress filename control
A vulnerability was found in FunnelKit Funnel Builder Plugin up to 3.9.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is known as CVE-2025-26979. The attack can be launched remotely. There is no exploit available.