Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Funnel Builder 3.15.0.3 security update

Security Patch Release
First reported
Last updated
Happening score
H score 43
1 unique sources, 1 articles

Summary

Hide ▲

FunnelKit released Funnel Builder 3.15.0.3 to fix an actively exploited flaw affecting WordPress/WooCommerce checkout pages, closing a path that could inject malicious JavaScript. The bug affected all versions before 3.15.0.3 and was exploitable without authentication. Site owners should update from the WordPress dashboard and review External Scripts for any rogue entries.

Related Happenings

Funnel Builder security patch release (version 3.15.0.3)

Security Patch Release
First: 16.05.2026 18:20 Last: 16.05.2026 18:20 Sources 1

About this happening: **FunnelKit** released **version 3.15.0.3** to fix a **Funnel Builder** flaw that was being **actively exploited** to inject malicious JavaScript into **WooCommerce checkout pages...

Open Happening

Payment iframe defense against malicious overlays on checkout pages

Defensive Guidance
First: 24.09.2025 14:03 Last: 24.09.2025 14:03 Sources 1

About this happening: Attackers are actively abusing **payment iframes** on **checkout pages** with **malicious overlays**, making **strict CSP** and **real-time monitoring** essential to prevent card...

Open Happening

Timeline

  1. 15.05.2026 22:30 2 articles · 12d ago

    FunnelKit releases Funnel Builder 3.15.0.3

    Mitigation Patch Update

    FunnelKit releases Funnel Builder 3.15.0.3 to fix a critical unauthenticated script-injection flaw in the WordPress plugin used for WooCommerce checkout pages. The bug affects all versions before 3.15.0.3, and site owners are advised to update from the WordPress dashboard and review Settings > Checkout > External Scripts for rogue entries.

    Show sources
    Open in new tab
  2. 15.05.2026 22:30 1 articles · 12d ago

    Sansec reports active exploitation of Funnel Builder

    Initial Disclosure

    Sansec reports that the Funnel Builder WordPress plugin used by WooCommerce sites is being actively exploited to inject malicious JavaScript into checkout pages. The payload analytics-reports[.]com/wss/jquery-lib.js impersonates Google Tag Manager and Google Analytics, opens a WebSocket to wss://protect-wss[.]com/ws, and delivers a customized payment card skimmer that steals credit card numbers, CVVs, billing addresses, and other customer information.

    Show sources
    Open in new tab