cleantalk
Vulnerabilities and Security Researches

AutomatorWP – The #1 automator plugin for no-code automation in WordPress, CVE-2023-23992

CVE, Research URL

CVE-2023-23992

Home page URL

Security reports for AutomatorWP – The #1 automator plugin for no-code automation in WordPress

Application

AutomatorWP – The #1 automator plugin for no-code automation in WordPress

Published on
Feb 28, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.
Affected versions
max 2.5.9.
Status
vulnerable
Previous vulnerability researches
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2025-5487) , Jun 15, 2025
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2023-23992) , Jun 07, 2024
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2021-24717) , Jun 07, 2024
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2025-68561) , Jan 10, 2026
AutomatorWP &#8211; The #1 automator plugin for no-code automation in WordPress (CVE-2025-9539) , Apr 23, 2026
New vulnerability
JetWidgets For Elementor (CVE-2025-8195) , Apr 24, 2026
WPComplete (CVE-2025-58974) , Apr 24, 2026
ER Swiffy Insert (CVE-2026-4082) , Apr 24, 2026
Double the Donation &#8211; A matching gift plug-in to help your fundraising efforts (CVE-2025-57930) , Apr 24, 2026
Ajax Search Lite (CVE-2025-7956) , Apr 24, 2026