Vulnerabilities > Valvepress

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-21	CVE-2024-27956	Unspecified vulnerability in Valvepress Automatic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0. network low complexity valvepress critical	9.8
2023-06-07	CVE-2021-4380	Unspecified vulnerability in Valvepress Pinterest Automatic PIN 4.14.3 The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. network low complexity valvepress critical	9.8
2023-06-07	CVE-2021-4374	Missing Authorization vulnerability in Valvepress Wordpress Automatic Plugin The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. network low complexity valvepress CWE-862 critical	9.8

Vulnerabilities > Valvepress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Valvepress"}]}