PT-2025-36579 · WordPress · Automatorwp
Matthew Rollings
·
Published
2025-09-09
·
Updated
2025-09-09
·
CVE-2025-9542
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
AutomatorWP – Automator plugin for WordPress versions through 5.3.7
Description:
The AutomatorWP – Automator plugin for WordPress is susceptible to unauthorized access and modification of data. This is due to a missing capability check on multiple functions within the plugin. Authenticated attackers with Subscriber-level access or higher can modify integration settings or view existing automations.
Recommendations:
Update AutomatorWP – Automator plugin for WordPress to a version beyond 5.3.7.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Automatorwp