← Back

Valvepress

valvepress

4 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Wordpress Automatic Plugin
wordpress_automatic_plugin
1 CVE
Pinterest Automatic Pin
pinterest_automatic_pin
1 CVE
Automatic
automatic
1 CVE
Rankie
rankie
1 CVE

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-39493
1Valvepress
1Rankie
Apr 23, 2026
May 16, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Missing Authorization vulnerability in ValvePress Rankie valvepress-rankie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rankie: from n/a through < 1.8.2.
CVE-2024-27956
1Valvepress
1Automatic
Apr 28, 2026
Mar 21, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
CVE-2021-4380
1Valvepress
1Pinterest Automatic Pin
Apr 8, 2026
Jun 7, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up...Show more
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to update arbitrary options on a site that can be used to create new administrative user accounts or redirect unsuspecting site visitors.Show less
CVE-2021-4374
1Valvepress
1Wordpress Automatic Plugin
Apr 8, 2026
Jun 7, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing authorization and option validation in the process_form.php file. T...Show more
The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing authorization and option validation in the process_form.php file. This makes it possible for unauthenticated attackers to arbitrarily update the settings of a vulnerable site and ultimately compromise the entire site.Show less