CVE-2026-12979
MEDIUM Exploitation: PoC
5.5
CVSS 3.1
Description
The FunnelKit WordPress plugin before 3.15.0.6 does not validate a user-supplied path before deleting a file during a template-import operation, allowing users with administrator privileges to delete arbitrary .json files outside the intended directory through path traversal, which can disable other FunnelKit WordPress plugin before 3.15.0.6 or (denial of service).
Metadata
Severity & Metrics
5.5
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Unknown | FunnelKit | — | 0 < 3.15.0.6 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| — | cna | CWE-73 External Control of File Name or Path |
| CWE-73 | adp | CWE-73 External Control of File Name or Path |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.5 | MEDIUM | 3.1 | adp | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L |