Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

An unauthenticated remote code injection vulnerability in the FunnelKit Funnel Builder for WooCommerce Checkout plugin (all versions before 3.15.0.3) is being actively exploited to inject JavaScript card skimmers into checkout pages across an estimated 40,000+ installations, capturing payment card numbers, CVVs, and billing data and exfiltrating via WebSocket connections. A patch was released May 14, 2026; sites not yet patched are actively exposing customer payment data.

Author

Tech Jacks Solutions