Valvepress Pinterest Automatic Pin vulnerabilities
3 known vulnerabilities affecting valvepress/pinterest_automatic_pin.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-4380P1CRITICALCVSS 9.8ExploitedPoCfixed in 4.14.42023-06-07
CVE-2021-4380 [CRITICAL] CWE-284 CVE-2021-4380: The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing ca
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to update arbitrary options on a site that can be u
nvd
CVE-2025-39510P3HIGHCVSS 8.5≤ 4.19.02025-08-14
CVE-2025-39510 [HIGH] CWE-89 CVE-2025-39510: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through < 4.19.0.
nvd
CVE-2025-39511P4MEDIUMCVSS 4.3≤ 4.19.02025-05-16
CVE-2025-39511 [MEDIUM] CWE-862 CVE-2025-39511: Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic all
Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinterest Automatic Pin: from n/a through <= 4.19.0.
nvd