N/A
2026-04-29< 5.6.8
AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress <= 5.6.7 - Unauthenticated Stored Cross-Site Scripting
AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress
Minimum safe version
5.6.8
Update to 5.6.8 or later to address 12 fixable vulnerabilities
Latest available5.7.3 ✓
N/A
2026-04-23< 5.6.8
AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress <= 5.6.7 - Missing Authorization
Medium 5.4
2025-09-09< 5.3.8
AutomatorWP <= 5.3.7 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions
High 8.0
2025-09-09< 5.3.7
AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress <= 5.3.6 - Missing Authorization To Authenticated (Subscriber+) Remote Code Execution via Automation Creation
N/A
2025-12-23< 5.2.5
CVE-2025-68561
High 7.2
2025-06-14< 5.2.6
AutomatorWP <= 5.2.5 - Authenticated (Administrator+) SQL Injection via field_conditions
N/A
2025-05-19< 5.2.2
CVE-2025-48280
Critical 9.6
2024-12-19< 5.1.0
CVE-2024-12626
N/A
2023-02-15< 2.5.9
WordPress AutomatorWP Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)
N/A
2023-02-14< 2.5.9
AutomatorWP <= 2.5.8 - Cross Site Request Forgery via bulk_delete
Medium 5.4
2023-02-28< 2.5.1
CVE-2023-23992
High 8.8
2021-11-01< 1.7.6
CVE-2021-24717