Automatorwp

automatorwp

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Automatorwp

automatorwp

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-23992 1Automatorwp 1Automatorwp Apr 28, 2026 Feb 28, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.
CVE-2021-24717 1Automatorwp 1Automatorwp Nov 21, 2024 Nov 1, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call functions, or perfo...Show more The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call functions, or perform privilege escalation via Ajax actions.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-23992

1Automatorwp

Apr 28, 2026

Feb 28, 2023

N/A· v4

4.3 MEDIUM· v3

N/A· v2

Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.

CVE-2021-24717

1Automatorwp

Nov 21, 2024

Nov 1, 2021

N/A· v4

8.8 HIGH· v3

6.5 MEDIUM· v2

The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call functions, or perfo...Show more