Another top WordPress plugin exploited — hackers target credit card details, here's what you need to know
Hackers are exploiting a critical vulnerability in the Funnel Builder WordPress plugin to steal credit card information from online shoppers. The flaw allows the injection of malicious JavaScript into checkout pages, affecting over 40,000 ecommerce sites. FunnelKit has released a patched version, but many sites remain vulnerable, putting customer data at risk.
- ▪The Funnel Builder plugin has a critical vulnerability that allows hackers to inject credit card skimmers into checkout pages.
- ▪Over 40,000 ecommerce websites are using the vulnerable plugin, potentially exposing customer payment information.
- ▪FunnelKit has released a patched version, but more than half of active sites have not yet upgraded.
Opening excerpt (first ~120 words) tap to expand
Pro Security Another top WordPress plugin exploited — hackers target credit card details, here's what you need to know News By Sead Fadilpašić published 18 May 2026 Funnel Builder WordPress plugin hacked to steal people's credit cards When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock/David MG) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Hackers are exploiting a critical flaw in the Funnel Builder plugin to inject credit card skimmers into checkout pagesFunnelKit released a patched version, but more than half of active sites remain on older, vulnerable…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
