Uncannyowl

Uncanny Automator

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2026-2269

  • EPSS 0.21%
  • Veröffentlicht 03.03.2026 02:16:10
  • Zuletzt bearbeitet 03.03.2026 21:52:29

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the download_url() function. This makes it po...

6.4

CVE-2025-15522

  • EPSS 0.01%
  • Veröffentlicht 23.01.2026 04:34:58
  • Zuletzt bearbeitet 26.01.2026 15:03:51

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automator_discord_user_mapping shortcode in all versions up to, and including, 6.10.0.2...

4.3

CVE-2025-66056

  • EPSS 0.04%
  • Veröffentlicht 21.11.2025 12:29:54
  • Zuletzt bearbeitet 20.01.2026 15:19:00

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Retrieve Embedded Sensitive Data.This issue affects Uncanny Automator: from n/a through < 6.10.0.

4.3

CVE-2025-58193

  • EPSS 0.04%
  • Veröffentlicht 27.08.2025 17:45:39
  • Zuletzt bearbeitet 29.08.2025 16:24:09

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uncanny Automator: from n/a through 6.7.0.1.

9.8

CVE-2025-48133

  • EPSS 0.09%
  • Veröffentlicht 05.06.2025 20:49:14
  • Zuletzt bearbeitet 13.08.2025 01:28:01

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator: from n/a through 6.4.0.2.

9.1

CVE-2025-3623

  • EPSS 0.45%
  • Veröffentlicht 14.05.2025 02:23:17
  • Zuletzt bearbeitet 12.08.2025 01:51:52

The Uncanny Automator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.4.0.1 via deserialization of untrusted input in the automator_api_decode_message() function. This makes it possible for unauthent...

4.3

CVE-2025-4520

  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 02:23:17
  • Zuletzt bearbeitet 12.08.2025 01:55:05

The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, ...

8.8

CVE-2025-2075

  • EPSS 24.96%
  • Veröffentlicht 04.04.2025 04:21:22
  • Zuletzt bearbeitet 08.08.2025 20:07:37

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing pr...

3.8

CVE-2024-13838

  • EPSS 0.09%
  • Veröffentlicht 12.03.2025 07:00:22
  • Zuletzt bearbeitet 02.04.2025 12:41:07

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via the 'call_webhook' method of the Automator_Send_W...

9.8

CVE-2024-37119

  • EPSS 0.32%
  • Veröffentlicht 01.11.2024 15:15:19
  • Zuletzt bearbeitet 11.08.2025 14:34:43

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0.