Browse all 18 CVE security advisories affecting Uncanny Owl. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Uncanny Owl develops security testing tools, primarily focusing on web application vulnerability assessment. Historically, their products have been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS), and privilege escalation flaws, contributing to 18 CVEs to date. These issues often stem from improper input validation and insecure default configurations. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their testing tools raises concerns about the security of the products designed to identify flaws in other systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-37119 | WordPress Uncanny Automator Pro plugin < 5.3.0.1 - Unauthenticated License Settings Reset vulnerability — Uncanny Automator ProCWE-862 | 5.3 | Medium | 2024-11-01 |
| CVE-2024-37117 | WordPress Uncanny Automator Pro plugin <= 5.3 - Reflected Cross Site Scripting (XSS) vulnerability — Uncanny Automator ProCWE-79 | 7.1 | High | 2024-07-22 |
| CVE-2024-37118 | WordPress Uncanny Automator Pro plugin <= 5.3 - Cross Site Request Forgery (CSRF) Leading to License Settings Reset vulnerability — Uncanny Automator Pro | 5.4 | Medium | 2024-06-21 |
This page lists every published CVE security advisory associated with Uncanny Owl. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.