cleantalk
Vulnerabilities and Security Researches

WP AVCL Automation Helper (formerly WPFlyLeads), CVE-2025-46531

CVE, Research URL

CVE-2025-46531

Home page URL

Security reports for WP AVCL Automation Helper (formerly WPFlyLeads)

Application

WP AVCL Automation Helper (formerly WPFlyLeads)

Published on
Apr 24, 2025
Research Description
Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side Request Forgery. This issue affects WP AVCL Automation Helper (formerly WPFlyLeads): from n/a through 3.4.
Affected versions
Min -, max 3.4.
Status
vulnerable
Previous vulnerability researches
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
New vulnerability
Database Toolset (CVE-2025-3065) , Apr 27, 2025
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025
Drop Caps (CVE-2025-46495) , Apr 26, 2025