4 matches found
CVE-2025-4520
creationtimestamp| type| source ---|---|--- 2025-05-14 05:56:06+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4ctsa27uc2 2025-05-14 06:07:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp4dip5uvv2h...
CVE-2025-4520 Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update
The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to...
CVE-2025-4520 Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update
The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to...
WordPress Uncanny Automator plugin <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Plugin Settings Update vulnerability discovered by mikemyers in WordPress Plugin Uncanny Automator versions = 6.4.0.2...