Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass - CVE-2021-24717 - Vulnerability Database
WP Plugin Automatorwp

WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass - CVE-2021-24717

Critical
Reference: CVE-2021-24717
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-24717
Title: WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Security Bypass
Overview:

WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently enumerate automations disclose title of private posts or user emails call functions or escalate their privileges via Ajax actions. WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress version 1.7.5 is vulnerable prior versions may also be affected.