Valvepress Wordpress Automatic Plugin
4 CVEs affecting Valvepress Wordpress Automatic Plugin. Latest disclosed: 2025-08-26. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-4374 | Critical | 9.1 | 2023-06-07 | The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing author… |
CVE-2025-5395 | High | 8.8 | 2025-06-11 | The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'core.php' file in… |
CVE-2024-4849 | Medium | 6.4 | 2024-05-18 | The WordPress Automatic Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘autoplay’ parameter in all versions up to, and includ… |
CVE-2025-6247 | Medium | 4.7 | 2025-08-26 | The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to m… |