Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2022-2389

The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations

Published: Aug 22, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-2389
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWEs:

CWE-352
CWE-862

Affected Software
References

Software	From	Fixed in
funnelkit / funnelkit_automations	-	2.1.2

https://wpscan.com/vulnerability/e70f00b7-6251-476e-9297-60af509e6ad9

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo