Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Uncanny Automator – Automate everything with the #1 no-code Automation tool for WordPress 4.15

  • Severity: medium-risk
  • Status: Fixed
  • Publication: May 24, 2023

The Uncanny Automator plugin for WordPress has an issue that could allow malicious people to do certain tasks on the setup wizard without being logged in. This is because the plugin doesn’t have the correct security measures in place to prevent it. If someone can find a way to get a site administrator to click on a link or do something else, they could use that to their advantage. It is important to make sure that you have the latest version of the plugin installed, as any version before 4.14 has this vulnerability.

Detected in:

Uncanny Automator – Automate everything with the #1 automation, integration & webhooks plugin fixed vulnerable versions:
Uncanny Automator – Automate everything with the #1 no-code automation and integration plugin fixed vulnerable versions:
Uncanny Automator – Automate everything with the #1 no-code Automation tool for WordPress fixed vulnerable versions: >= * < 4.15
Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.