CVE-2025-30631
Reflected XSS in AA-Team WooCommerce Sales Funnel Builder
Publication date: 2026-01-06
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aa-team | woocommerce_sales_funnel_builder | From 1.0 (inc) to 1.1 (inc) |
| aa-team | amazon_affiliates_addon_for_wpbakery_page_builder | From 1.0 (inc) to 1.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30631 is a medium severity Cross Site Scripting (XSS) vulnerability affecting two WordPress plugins: WooCommerce Sales Funnel Builder (up to version 1.1) and Amazon Affiliates Addon for WPBakery Page Builder (up to version 1.2). This vulnerability allows an attacker to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, into a website. These scripts execute when visitors access the compromised pages. Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form. There is currently no official patch, but mitigation rules are available to block attacks until a fix is released. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute malicious scripts on your website, which can lead to unauthorized redirects, display of unwanted advertisements, theft of user data, or other malicious actions. Since the attack requires interaction by a privileged user, it could compromise site administrators or users with elevated permissions, potentially leading to broader site compromise or data leakage. The vulnerability has a CVSS score of 7.1, indicating moderate severity. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Users are advised to apply Patchstack's mitigation rules immediately to block attacks exploiting this vulnerability until an official patch is released. Since no official fix is currently available, applying these mitigation rules is the recommended immediate step to protect your site from reflected XSS attacks targeting the affected plugins. [1, 2]