Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

An actively exploited unauthenticated settings injection vulnerability in the FunnelKit Funnel Builder for WooCommerce Checkout plugin allows attackers to inject payment card skimming JavaScript into checkout pages with no credentials or user interaction required. Tens of thousands of WooCommerce stores running plugin versions 3.15.0.1 and earlier are exposed to real-time customer payment card theft. An emergency patch (version 3.15.0.3) is available and should be treated as an active incident response item, not routine maintenance.

Author

Tech Jacks Solutions