Filtered by vendor Valvepress
Subscriptions
Filtered by product Pinterest Automatic Pin
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39511 | 1 Valvepress | 1 Pinterest Automatic Pin | 2025-06-24 | 4.3 Medium |
| Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pinterest Automatic Pin: from n/a through 4.18.2. | ||||
| CVE-2021-4380 | 1 Valvepress | 1 Pinterest Automatic Pin | 2024-12-28 | 9.8 Critical |
| The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to update arbitrary options on a site that can be used to create new administrative user accounts or redirect unsuspecting site visitors. | ||||
Page 1 of 1.