Description
WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress version 2.5.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.5.1 or latest
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2003-0083)
WordPress Plugin File Manager Unspecified Vulnerability (5.1.5)
Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)
WordPress Plugin WP-PostRatings SQL Injection (1.83.1)
WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)