Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

May 16, 2026/in General News

A critical security vulnerability impacting the
Funnel Builder
plugin for WordPress has come under active exploitation in the wild to
inject malicious JavaScript code
into WooCommerce checkout pages with the goal of stealing payment data.

Details of the activity were
published
by Sansec this week. The vulnerability currently does not have an official CVE identifier. It

The Hacker News – Read More