PatchSiren

Uncanny Automator CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Review Uncanny Automator CVE published 2026-07-07

CVE-2026-12375

The Uncanny Automator Pro WordPress plugin before version 7.3.0.6 was distributed with malicious code due to a compromise of the vendor's update and distribution infrastructure. The injected backdoor allows unauthenticated attackers to gain an administrator session on affected sites and sends the site's secret keys and administrator details to attacker-controlled servers.