204 matches found
Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
The Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...
CVE-2026-12375
The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...
CVE-2026-12375 Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server
The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...
PT-2026-56148
Name of the Vulnerable Software and Affected Versions uncanny-automator-pro WordPress plugin versions prior to 7.3.0.6 Description The software was distributed with malicious code following a compromise of the vendor's update and distribution infrastructure. This supply chain compromise introduce...
CVE-2026-56057
Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...
CVE-2026-56031
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
EUVD-2026-39711
Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...
CVE-2026-56057 WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability
Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...
CVE-2026-56057
The CVE concerns the WordPress plugin Uncanny Automator Pro
EUVD-2026-39694
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
CVE-2026-56031
The CVE-2026-56031 entry covers an Unauthenticated PHP Object Injection in the WordPress plugin Uncanny Automator , affecting versions
CVE-2026-56031 WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by VanTastic in WordPress Plugin Uncanny Automator versions = 7.3.1.2...
crm-automator (>=1.9.5 <=1.11.5), ex4nicegui (=0.9.0) +3 more potentially affected by CVE-2026-45554 via nicegui (>=3.0.4 <=3.10.0)
nicegui PYPI version =3.0.4, =1.9.5, =1.0.0, =12.22.3, =12.22.5 Source cves: CVE-2026-45554 Source advisory: SNYK:PYTHON-NICEGUI-16757878...
accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +320 more potentially affected by CVE-2026-40087 via langchain-core (>=1.0.0a8 <=1.2.24)
langchain-core PYPI version =1.0.0a8, =0.0.2, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extractor...
CVE-2026-2269
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...
CVE-2026-2269
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...
CVE-2026-2269
CVE-2026-2269 The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to and including 7.0.0.3, via the download_url() function. This allows an authenticated attacker with Adminis...
CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...
CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...