N/A
2026-03-02< 7.1.0
Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload
Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin
Minimum safe version
7.1.0
Update to 7.1.0 or later to address 12 fixable vulnerabilities
Latest available7.2.5 ✓
Medium 6.4
2026-01-23< 7.0.0
CVE-2025-15522
Medium 4.3
2025-11-21< 6.10.0
CVE-2025-66056
Medium 4.3
2025-08-27< 6.8.0
CVE-2025-58193
Critical 9.8
2025-06-05< 6.5.0
CVE-2025-48133
Critical 9.1
2025-05-14< 6.4.0.2
Uncanny Automator <= 6.4.0.1 - Unauthenticated PHP Object Injection in automator_api_decode_message Function
Medium 5.4
2025-05-14< 6.5.0
Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update
High 8.8
2025-04-04< 6.4.0
Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
Medium 5.5
2025-03-12< 6.3
CVE-2024-13838
Medium 5.3
2024-12-28< 5.1.0.3
WordPress Uncanny Automator Plugin <= 5.1.0.2 is vulnerable to Sensitive Data Exposure
N/A
2023-05-24< 4.15
Uncanny Automator <= 4.14 - Cross-Site Request Forgery via update_automator_connect
N/A
2023-05-25< 4.15
WordPress Uncanny Automator Plugin < 4.15 is vulnerable to Cross Site Request Forgery (CSRF)