Lucene search
K

204 matches found

Nuclei
Nuclei
added yesterday44 views

Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...

8.8CVSS7.2AI score0.02474EPSS
Exploits0References4
NVD
NVD
added 3 days ago9 views

CVE-2026-12375

The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...

9.8CVSS0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-12375 Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server

The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...

0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-56148

Name of the Vulnerable Software and Affected Versions uncanny-automator-pro WordPress plugin versions prior to 7.3.0.6 Description The software was distributed with malicious code following a compromise of the vendor's update and distribution infrastructure. This supply chain compromise introduce...

9.8CVSS6AI score0.00303EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56057

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-56031

Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...

8.1CVSS0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39711

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS5.8AI score0.00426EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.35 views

CVE-2026-56057 WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.20 views

CVE-2026-56057

The CVE concerns the WordPress plugin Uncanny Automator Pro

9.8CVSS5.8AI score0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39694

Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...

8.1CVSS5.8AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.13 views

CVE-2026-56031

The CVE-2026-56031 entry covers an Unauthenticated PHP Object Injection in the WordPress plugin Uncanny Automator , affecting versions

8.1CVSS5.8AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-56031 WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...

8.1CVSS0.00317EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/23 10:2 a.m.8 views

WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by VanTastic in WordPress Plugin Uncanny Automator versions = 7.3.1.2...

8.1CVSS5.9AI score0.00317EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/18 8:22 p.m.7 views

crm-automator (>=1.9.5 <=1.11.5), ex4nicegui (=0.9.0) +3 more potentially affected by CVE-2026-45554 via nicegui (>=3.0.4 <=3.10.0)

nicegui PYPI version =3.0.4, =1.9.5, =1.0.0, =12.22.3, =12.22.5 Source cves: CVE-2026-45554 Source advisory: SNYK:PYTHON-NICEGUI-16757878...

5.3CVSS5.4AI score0.00343EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/08 9:51 p.m.10 views

accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +320 more potentially affected by CVE-2026-40087 via langchain-core (>=1.0.0a8 <=1.2.24)

langchain-core PYPI version =1.0.0a8, =0.0.2, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extractor...

5.3CVSS5.3AI score0.00262EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.6 views

CVE-2026-2269

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS6.6AI score0.00655EPSS
Exploits0References1
NVD
NVD
added 2026/03/03 2:16 a.m.8 views

CVE-2026-2269

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00655EPSS
Exploits0References2
CVE
CVE
added 2026/03/03 1:21 a.m.13 views

CVE-2026-2269

CVE-2026-2269 The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to and including 7.0.0.3, via the download_url() function. This allows an authenticated attacker with Adminis...

7.2CVSS6.6AI score0.00655EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/03 1:21 a.m.5 views

CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS6.6AI score0.00655EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/03 1:21 a.m.55 views

CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00655EPSS
Exploits0References2
Rows per page
Query Builder