{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-4520", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-05-09T19:01:48.318Z", "datePublished": "2025-05-14T02:23:17.831Z", "dateUpdated": "2026-04-08T17:27:33.921Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:27:33.921Z"}, "affected": [{"vendor": "uncannyowl", "product": "Uncanny Automator \u2013 Easy Automation, Integration, Webhooks & Workflow Builder Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.4.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings."}], "title": "Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db5b5fa1-67b5-4103-93b0-682200199a71?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/uncanny-automator/tags/6.4.0.2/src/integrations/keap/helpers/keap-helpers.php#L99"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "timeline": [{"time": "2025-04-21T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-04-21T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-05-09T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-14T13:22:50.618588Z", "id": "CVE-2025-4520", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T13:22:58.671Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4520", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-14T13:22:50.618588Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T13:22:55.307Z"}}], "cna": {"title": "Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update", "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}}], "affected": [{"vendor": "uncannyowl", "product": "Uncanny Automator \u2013 Easy Automation, Integration, Webhooks & Workflow Builder Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "6.4.0.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-21T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-04-21T00:00:00.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-05-09T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db5b5fa1-67b5-4103-93b0-682200199a71?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/uncanny-automator/tags/6.4.0.2/src/integrations/keap/helpers/keap-helpers.php#L99"}], "descriptions": [{"lang": "en", "value": "The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:27:33.921Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4520", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:27:33.921Z", "dateReserved": "2025-05-09T19:01:48.318Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-05-14T02:23:17.831Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:uncannyowl:uncanny_automator:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "37924625-5159-4324-B691-C6D67CC310A8", "versionEndExcluding": "6.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings."}, {"lang": "es", "value": "El complemento Uncanny Automator para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de comprobaci\u00f3n de capacidad en varias funciones AJAX en versiones hasta la 6.4.0.2 (incluida). Esto permite que atacantes autenticados, con permisos de suscriptor o superiores, actualicen la configuraci\u00f3n del complemento."}], "id": "CVE-2025-4520", "lastModified": "2025-08-12T01:55:05.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-05-14T03:15:33.390", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/uncanny-automator/tags/6.4.0.2/src/integrations/keap/helpers/keap-helpers.php#L99"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db5b5fa1-67b5-4103-93b0-682200199a71?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T20:50:16.659365+00:00", "value": {"mitigation_remediation": ["Update the Uncanny Automator plugin to the latest version, ensuring all missing authorization checks are implemented.", "If update is not immediately possible, restrict subscriber and lower roles from accessing or altering plugin settings through WordPress role management or a custom capability filter.", "Enable additional logging for plugin configuration changes to detect unauthorized modifications."], "summary": {"action": "Apply Patch", "impact": "Unauthorized modification of plugin settings by authenticated users"}, "threat_synthesis": {"affected_systems": "Vendors affected are Uncanny Owl, product Uncanny Automator \u2013 Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress. All releases up to and including version 6.4.0.2 are vulnerable. Environments running any of these versions are at risk until upgraded.", "description_and_impact": "The vulnerability arises from a missing capability check on several AJAX functions in the Uncanny Automator WordPress plugin. As a result, any authenticated user with subscriber-level permissions or higher can alter the plugin\u2019s settings. This privilege escalation does not grant code execution but allows attackers to change configuration values, potentially redirecting automation flows, enabling unintended integrations, or creating conditions that could be leveraged in subsequent attacks. The weakness is classified as CWE-862, Missing Authorization.", "risk_and_exploitability": "The CVSS score of 5.4 indicates moderate severity. The EPSS score of less than 1% shows a very low probability of current exploitation. The issue is not listed in CISA\u2019s KEV catalog, meaning no known, publicly disclosed exploits in the wild. The attack vector requires a legitimate authenticated session, presumably through normal WordPress login with subscriber or higher role."}}}}, "created": "2026-04-21T21:00:36.000829+00:00", "updated": "2026-04-21T21:00:36.000848+00:00", "vendors": []}