216.73.217.64

CVE-2025-30631

· Published 06/01/2026 21:15 · Modified 06/01/2026 21:15

Labels: CVE-2025-30631 2026-01-06CVE-2025-30631CWE-79[email protected]

Essential information

Published
06/01/2026 21:15
Modified
06/01/2026 21:15
Author
Creator
CVSS
7.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CVSS metrics

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team Woocommerce Sales Funnel Builder, AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows Reflected XSS.This issue affects Woocommerce Sales Funnel Builder: from n/a through 1.1; Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer): from n/a through 1.2.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
aa-team / woocommerce sales funnel builder cpe:2.3:a:aa-team:woocommerce_sales_funnel_builder:*:1.1:*:*:*:*:*:*
aa-team / amazon affiliates addon for wpbakery page builder cpe:2.3:a:aa-team:amazon_affiliates_addon_for_wpbakery_page_builder:*:1.2:*:*:*:*:*:*

References