Uncannyowl

Uncanny Automator

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-66056

  • EPSS 0.03%
  • Veröffentlicht 21.11.2025 12:29:54
  • Zuletzt bearbeitet 21.11.2025 15:15:57

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Retrieve Embedded Sensitive Data.This issue affects Uncanny Automator: from n/a through < 6.10.0.

4.3

CVE-2025-58193

  • EPSS 0.04%
  • Veröffentlicht 27.08.2025 17:45:39
  • Zuletzt bearbeitet 29.08.2025 16:24:09

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uncanny Automator: from n/a through 6.7.0.1.

9.8

CVE-2025-48133

  • EPSS 0.06%
  • Veröffentlicht 05.06.2025 20:49:14
  • Zuletzt bearbeitet 13.08.2025 01:28:01

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator: from n/a through 6.4.0.2.

9.1

CVE-2025-3623

  • EPSS 0.25%
  • Veröffentlicht 14.05.2025 02:23:17
  • Zuletzt bearbeitet 12.08.2025 01:51:52

The Uncanny Automator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.4.0.1 via deserialization of untrusted input in the automator_api_decode_message() function. This makes it possible for unauthent...

4.3

CVE-2025-4520

  • EPSS 0.03%
  • Veröffentlicht 14.05.2025 02:23:17
  • Zuletzt bearbeitet 12.08.2025 01:55:05

The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, ...

8.8

CVE-2025-2075

  • EPSS 20.9%
  • Veröffentlicht 04.04.2025 04:21:22
  • Zuletzt bearbeitet 08.08.2025 20:07:37

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing pr...

3.8

CVE-2024-13838

  • EPSS 0.07%
  • Veröffentlicht 12.03.2025 07:00:22
  • Zuletzt bearbeitet 02.04.2025 12:41:07

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via the 'call_webhook' method of the Automator_Send_W...

9.8

CVE-2024-37119

  • EPSS 0.32%
  • Veröffentlicht 01.11.2024 15:15:19
  • Zuletzt bearbeitet 11.08.2025 14:34:43

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0.

6.1

CVE-2024-37117

  • EPSS 0.28%
  • Veröffentlicht 22.07.2024 10:15:05
  • Zuletzt bearbeitet 21.11.2024 09:23:13

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Automator Pro allows Reflected XSS.This issue affects Uncanny Automator Pro: from n/a through 5.3.

8.8

CVE-2024-37118

  • EPSS 0.09%
  • Veröffentlicht 21.06.2024 14:15:12
  • Zuletzt bearbeitet 26.03.2025 14:15:31

Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3.