4 matches found
CVE-2025-48133
CVE-2025-48133 — Uncanny Automator (WordPress plugin) has a Missing Authorization flaw due to incorrectly configured access control. Impact is reported as CRITICAL (CVSSv3.1: 9.8) with potential unauthorized access across versions from unspecified through 6.4.0.2. A fix is available in version 6....
CVE-2025-48133 WordPress Uncanny Automator plugin <= 6.4.0.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator: from n/a through = 6.4.0.2...
WordPress Uncanny Automator Pro Plugin <= 5.3 is vulnerable to Cross Site Scripting (XSS)
Software Uncanny Automator Pro Type Plugin Vulnerable versions = 5.3 Fixed in 5.3.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37117 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9c1cb610bb3a Credits Dave Jong Patchstack...
WordPress Uncanny Automator Plugin < 4.15 is vulnerable to Cross Site Request Forgery (CSRF)
Software Uncanny Automator Type Plugin Vulnerable versions 4.15 Fixed in 4.15 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 52619215aad2 Credits WordFence Required privilege...