What the vulnerability does
01Description
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
What the vulnerability does
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.
Explanation of Vulnerability in Simple Terms
AutomatorWP versions up to 5.6.7 contain a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts into the site. The vulnerability affects multiple users across the site due to its changed scope. Upgrade to version 5.7.9.2 or later to remediate.
What an attacker can do
Inject malicious JavaScript that executes in visitors' browsers and affects other users on the site.
Potential impact on your site
Visitors and other users may have their sessions hijacked, credentials stolen, or be redirected to malicious sites.
Conditions required to exploit
No authentication or user interaction required; attacker can exploit this remotely over the network.
Key dates
External resources
Related vulnerabilities