Valvepress Automatic vulnerabilities
3 known vulnerabilities affecting valvepress/automatic.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-27956P1CRITICALCVSS 9.8ExploitedPoC≤ 3.92.0≥ n/a, ≤ 3.92.02024-03-21
CVE-2024-27956 [CRITICAL] CWE-89 CVE-2024-27956: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
nvd
CVE-2024-32693P4HIGHCVSS 7.6≥ n/a, < 3.93.02024-04-22
CVE-2024-32693 [HIGH] CWE-352 CVE-2024-32693: Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic
Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0.
nvd
CVE-2026-56045P4HIGHCVSS 7.1≥ n/a, < 3.135.12026-06-26
CVE-2026-56045 [HIGH] CWE-79 CVE-2026-56045: Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions.
Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions.
nvd