Crawlomatic Multipage Scraper Post Generator

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-4389	WordPress Crawlomatic Multipage Scraper Post Generator	Cri	0.64	9.8	0.03	May 17, 2025	The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-49294	WordPress Crawlomatic Multipage Scraper Post Generator	Med	0.34	5.3	0.00	Jun 6, 2025	Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through <= 2.6.8.2.
CVE-2025-49293	WordPress Crawlomatic Multipage Scraper Post Generator	Med	0.28	4.3	0.00	Jun 6, 2025	Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through <= 2.6.8.2.

CVE-2025-4389CriMay 17, 2025
WordPress
Crawlomatic Multipage Scraper Post Generator
risk 0.64cvss 9.8epss 0.03
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-49294MedJun 6, 2025
WordPress
Crawlomatic Multipage Scraper Post Generator
risk 0.34cvss 5.3epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through <= 2.6.8.2.
CVE-2025-49293MedJun 6, 2025
WordPress
Crawlomatic Multipage Scraper Post Generator
risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through <= 2.6.8.2.