cleantalk
Vulnerabilities and Security Researches

AutomatorWP – The #1 automator plugin for no-code automation in WordPress, CVE-2026-40785

CVE, Research URL

CVE-2026-40785

Home page URL

Security reports for AutomatorWP – The #1 automator plugin for no-code automation in WordPress

Application

AutomatorWP – The #1 automator plugin for no-code automation in WordPress

Published on
-
Research Description
AutomatorWP &#8211; Automator plugin for no-code automations, webhooks &amp; custom integrations in WordPress [automatorwp] < 5.6.8 CVE-2026-40785
Affected versions
max 5.6.8.
Status
vulnerable
Previous vulnerability researches
Paid Membership Subscriptions &#8211; Effortless Memberships, Recurring Payments &amp; Content Restriction (CVE-2025-54017) , Aug 05, 2025
Paid Membership Subscriptions &#8211; Effortless Memberships, Recurring Payments &amp; Content Restriction (CVE-2026-39514) , May 02, 2026
Paid Membership Subscriptions &#8211; Effortless Memberships, Recurring Payments &amp; Content Restriction (CVE-2025-68514) , Feb 28, 2026
Paid Membership Subscriptions &#8211; Effortless Memberships, Recurring Payments &amp; Content Restriction (CVE-2025-49870) , Jul 05, 2025
Paid Membership Subscriptions &#8211; Effortless Memberships, Recurring Payments &amp; Content Restriction (CVE-2024-11291) , Dec 19, 2024
New vulnerability
Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) (CVE-2024-13362) , May 02, 2026
Bulk Edit Posts and Products in Spreadsheet (CVE-2024-13362) , May 02, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13362) , May 02, 2026
Justified Gallery (CVE-2024-13362) , May 02, 2026
Google Analytics WordPress Plugin by GA4WP (CVE-2024-13362) , May 02, 2026