VYPR

Wordpress Automatic Plugin

by Valvepress

CVEs (2)

  • CVE-2021-4374CriJun 7, 2023
    risk 0.69cvss 9.1epss 0.16

    The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing authorization and option validation in the process_form.php file. This makes it possible for unauthenticated attackers to…

  • CVE-2025-6247MedAug 26, 2025
    risk 0.31cvss 4.7epss 0.00

    The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to…