Wp Automatic Automatic vulnerabilities
2 known vulnerabilities affecting wp_automatic/automatic.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-27954P1CRITICALCVSS 9.3ExploitedPoC≥ n/a, ≤ 3.92.02024-05-17
CVE-2024-27954 [CRITICAL] CWE-22 CVE-2024-27954: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0.
nvd
CVE-2024-27955P3HIGHCVSS 8.8≥ n/a, ≤ 3.92.02024-05-17
CVE-2024-27955 [HIGH] CWE-352 CVE-2024-27955: Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalatio
Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0.
nvd