Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation CVE-2025-2075

Name: Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation (CVE-2025-2075)
Published: 2025-04-11T00:00:00.000Z

Severity

Vulnerability description: Not available
Risk description: Not available
Recommendation: Not available
References: https://www.wordfence.com/blog/2025/04/50000-wordpress-sites-affected-by-privilege-escalation-vulnerability-in-uncanny-automator-wordpress-plugin/https://plugins.trac.wordpress.org/changeset/3257300/uncanny-automator/trunk/src/core/classes/class-background-actions.php https://plugins.trac.wordpress.org/changeset/3265280/uncanny-automator/trunk/src/core/classes/class-background-actions.php https://nvd.nist.gov/vuln/detail/CVE-2025-2075
Codename: Not available

Detectable with: Network Scanner
Scan engine: Nuclei
Exploitable with Sniper: No
CVE Published: Not available
Detection added at: Apr 11, 2025
Software Type: Not available
Vendor: Not available
Product: Not available

Detect this vulnerability now!

Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.

Compare paid plans Free access