CVE-2025-4520 - Vulnerability Details

- Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update

Description

The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings.

Published: 2025-05-14

Score: 5.4 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from a missing capability check on several AJAX functions in the Uncanny Automator WordPress plugin. As a result, any authenticated user with subscriber-level permissions or higher can alter the plugin’s settings. This privilege escalation does not grant code execution but allows attackers to change configuration values, potentially redirecting automation flows, enabling unintended integrations, or creating conditions that could be leveraged in subsequent attacks. The weakness is classified as CWE-862, Missing Authorization.

Affected Systems

Vendors affected are Uncanny Owl, product Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress. All releases up to and including version 6.4.0.2 are vulnerable. Environments running any of these versions are at risk until upgraded.

Risk and Exploitability

The CVSS score of 5.4 indicates moderate severity. The EPSS score of less than 1% shows a very low probability of current exploitation. The issue is not listed in CISA’s KEV catalog, meaning no known, publicly disclosed exploits in the wild. The attack vector requires a legitimate authenticated session, presumably through normal WordPress login with subscriber or higher role.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

uncannyowl

Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin

unaffected

Version	Status	Constraints
`0`	affected	≤ 6.4.0.2

Configuration 1 [-]

cpe:2.3:a:uncannyowl:uncanny_automator:*:*:*:*:*:wordpress:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Uncanny Automator plugin to the latest version, ensuring all missing authorization checks are implemented.
If update is not immediately possible, restrict subscriber and lower roles from accessing or altering plugin settings through WordPress role management or a custom capability filter.
Enable additional logging for plugin configuration changes to detect unauthorized modifications.

Generated by OpenCVE AI on April 21, 2026 at 20:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-14636	The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00156.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/browser/uncanny-automator/tags/6.4.0.2/src/integrations/keap/helpers/keap-helpers.php#L99
https://www.wordfence.com/threat-intel/vulnerabilities/id/db5b5fa1-67b5-4103-93b0-682200199a71?source=cve

History

Tue, 12 Aug 2025 02:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Uncannyowl Uncannyowl uncanny Automator
CPEs		cpe:2.3:a:uncannyowl:uncanny_automator::::::wordpress::*
Vendors & Products		Uncannyowl Uncannyowl uncanny Automator

Wed, 14 May 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 14 May 2025 03:00:00 +0000

Type	Values Removed	Values Added
Description		The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings.
Title		Uncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update
Weaknesses		CWE-862
References		https://plugins.trac.wordpress.org/browser/uncanny-automator/tags/6.4.0.2/src/integrations/keap/helpers/keap-helpers.php#L99 https://www.wordfence.com/threat-intel/vulnerabilities/id/db5b5fa1-67b5-4103-93b0-682200199a71?source=cve
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L'}`

Subscriptions

Uncannyowl Uncanny Automator

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-05-14T02:23:17.831Z

Updated: 2026-04-08T17:27:33.921Z

Reserved: 2025-05-09T19:01:48.318Z

Link: CVE-2025-4520

Vulnrichment

Updated: 2025-05-14T13:22:55.307Z

NVD

Status : Analyzed

Published: 2025-05-14T03:15:33.390

Modified: 2025-08-12T01:55:05.740

Link: CVE-2025-4520

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-21T21:00:36Z

Weaknesses

CWE-862

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object