VYPR

Automate Hub Free By Sperse Io

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-11377MedJan 7, 2025
    risk 0.40cvss 6.1epss 0.00

    The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated…

  • CVE-2024-13683MedJan 24, 2025
    risk 0.28cvss 4.3epss 0.00

    The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.0. This is due to missing or incorrect nonce validation on the 'automate_hub' page. This makes it possible for unauthenticated attackers…