CVE-2024-37118 MEDIUM

CVE-2024-37118: WordPress Uncanny Automator Pro plugin <= 5.3 - Cross Site Request Forgery (CSRF) Leading to License Settings Reset vulnerability

Vendor Uncanny Owl
Product Uncanny Automator Pro
Published June 21, 2024
Last update April 28, 2026

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3.

Key dates

02Disclosure timeline

June 21, 2024 CVE published
April 28, 2026 Record updated