{"vulnerability": "CVE-2026-14345", "sightings": [{"uuid": "ea3055ec-fb53-4b18-97cd-38c60f975b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14345", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpzztvnlvk27", "content": "\ud83d\udd34 CVE-2026-14345 - Critical (9.8)\n\nThe WPFunnels \u2013 Funnel Builder for WooCommerce with Checkout &amp; One Click Upsell plugin for Word...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-14345/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-07T07:00:55.855723Z"}, {"uuid": "461fd50f-7d71-4292-8c1c-48f0e2c0b9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14345", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpzzzjzvit2d", "content": "CVE-2026-14345\nThe WPFunnels plugin for WordPress has a security flaw that lets attackers run code on the server without needing a password. This can happen if administrators enable logging and then open a malicious log file.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-07T07:04:04.297172Z"}, {"uuid": "dadc67c0-9cad-4bdf-ada7-5b472f0a8133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14345", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq22zdkzs22d", "content": "CVE-2026-14345 - WPFunnels\nCVE ID : CVE-2026-14345\n \n Published : July 7, 2026, 6:16 a.m. | 58\u00a0minutes ago\n \n Description : The WPFunnels \u2013 Funnel Builder for WooCommerce with Checkout &amp; One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all ve...", "creation_timestamp": "2026-07-07T07:21:51.637352Z"}, {"uuid": "0ae4c2dd-485d-4a8d-9ffa-daf305eaf741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14345", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq2kl4zid224", "content": "CVE-2026-14345. CVSS 9.8. WPFunnels lets attackers write code to your server. No auth required. Your wp-config.php, database credentials, everything is exposed.\n\nUpdate to 3.12.7 now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-07T12:00:14.534435Z"}, {"uuid": "bce6d273-dcfe-4f82-bba7-ba57c446f20d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14345", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mq2vjglsly24", "content": "CVE-2026-14345 wpfunnels (CVSS Score 9.8) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-07T15:16:11.964671Z"}]}