Signal

Critical vulnerability in WordPress Funnel Builder plugin exploited to steal payment data

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-05-15 15:52 UTCUpdated 2026-05-16 15:20 UTC

rss

cveexploitsmalwaresecurity_toolingincident_response

Trend in the last 24h

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (2)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

thehackernews · News · thehackernews.com · 2026-05-16 15:20 UTC

WordPress Funnel Builder vulnerability exploited to steal payment data

SC Media · News · scworld.com · 2026-05-15 21:38 UTC

limited source diversity in top sources

View all evidence

Overview

A severe security flaw in the Funnel Builder plugin for WordPress, used by over 40,000 websites, is actively exploited to inject malicious JavaScript into WooCommerce checkout pages.

Entities

SansecFunnel BuilderWooCommerce

Score total

1.02

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

Active exploitation reported recently, indicating immediate threat to WooCommerce users.
Security researchers have just published detailed findings, raising awareness.
Prompt action is needed to secure vulnerable WordPress sites before more data breaches occur.

Why it matters

The vulnerability affects over 40,000 websites, putting many online stores at risk of payment data theft.
Active exploitation means customer payment information is currently being compromised.
No official CVE yet, so awareness and patching are critical to prevent further damage.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

The Funnel Builder plugin vulnerability allows attackers to inject malicious JavaScript into WooCommerce checkout pages to steal payment data.
The vulnerability enables unauthenticated attackers to modify global settings via an unprotected checkout endpoint.

How sources frame it

The Hacker News: neutral

This critical vulnerability in a popular WordPress plugin is actively exploited to steal payment data, underscoring the importance of timely patching and monitoring for e-commerce sites.

All evidence

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

thehackernews · thehackernews.com · 2026-05-16 15:20 UTC

WordPress Funnel Builder vulnerability exploited to steal payment data

SC Media · scworld.com · 2026-05-15 21:38 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

thehackernews (1)
SC Media (1)

Top origin domains (this list)

thehackernews.com (1)
scworld.com (1)