High severity8.8NVD Advisory· Published Nov 1, 2021· Updated Jun 17, 2026
CVE-2021-24717
CVE-2021-24717
Description
The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call functions, or perform privilege escalation via Ajax actions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/AutomatorWPdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5916ea42-eb33-463d-8528-2a142805c91fnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.