CVE-2025-13006 | SurveyFunnel Plugin up to 1.1.5 on WordPress REST API Endpoint v2 improper authentication

December 4, 2025 Yanac

A vulnerability has been found in SurveyFunnel Plugin up to 1.1.5 on WordPress and classified as critical. The affected element is an unknown function of the file /wp-json/surveyfunnel/v2/ of the component REST API Endpoint. This manipulation causes improper authentication.

This vulnerability is handled as CVE-2025-13006. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More