40 matches found
EUVD-2025-8387
Malicious code in bioql PyPI...
EUVD-2025-28325
Malicious code in bioql PyPI...
EUVD-2024-42364
Malicious code in bioql PyPI...
WordPress FunnelKit Automations plugin <= 3.6.3 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by wesley wcraft in WordPress Plugin FunnelKit Automations versions = 3.6.3...
WordPress Automation By Autonami plugin Input Validation Error Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An input validation error vulnerability exists in the WordPress Automation By Autonami plugin, which stems from an improper URL redirection, leading to a phishing attack. No...
CVE-2025-49868
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through = 3.6.0...
WordPress FunnelKit Automations plugin <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation vulnerability
Missing Authorization to Unauthenticated Arbitrary Plugin Installation vulnerability discovered by mikemyers in WordPress Plugin FunnelKit Automations versions = 3.5.3...
CVE-2025-49868 WordPress Automation By Autonami plugin <= 3.6.0 - Open Redirection Vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through = 3.6.0...
WordPress plugin Automation By Autonami 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An input validation error vulnerability exists in the WordPress Automation By Autonami plugin, which stems from an improper URL redirection, leading to a phishing attack. No...
CVE-2022-2389
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations...
CVE-2025-30795 WordPress Automation By Autonami plugin <= 3.5.1 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through = 3.5.1...
CVE-2025-30795 WordPress Automation By Autonami plugin <= 3.5.1 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through = 3.5.1...
WordPress Automation By Autonami plugin <= 3.5.1 - Open Redirection vulnerability
Open Redirection vulnerability discovered by Le Ngoc Anh in WordPress Plugin FunnelKit Automations versions = 3.5.1...
WordPress plugin Automation By Autonami 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An input validation error...
WordPress Automation By Autonami plugin <= 3.5.1 - Unauthenticated SQL Injection via 'automationId' vulnerability
Unauthenticated SQL Injection via 'automationId' vulnerability discovered by mikemyers in WordPress Plugin FunnelKit Automations versions = 3.5.1...
CVE-2024-47328
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman FunnelKit Automations wp-marketing-automations allows SQL Injection.This issue affects FunnelKit Automations: from n/a through = 3.1.2...
WordPress Automation By Autonami plugin < 3.3.0 - Unauthenticated SQLi vulnerability
Unauthenticated SQLi vulnerability discovered by y4ng0615 in WordPress Plugin FunnelKit Automations versions 3.3.0...
CVE-2024-9186 Automation By Autonami < 3.3.0 - Unauthenticated SQLi
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
WordPress Automation By Autonami Plugin < 3.3.0 is vulnerable to SQL Injection
Software Automation By Autonami Type Plugin Vulnerable versions 3.3.0 Fixed in 3.3.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9186 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 0bc9c96e6168 Credits y4ng0615 Required privilege Unauthenticated...
WordPress plugin Automation By Autonami 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...