Coderevolution Crawlomatic Multipage Scraper Post Generator vulnerabilities
2 known vulnerabilities affecting coderevolution/crawlomatic_multipage_scraper_post_generator.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-4389P2CRITICALCVSS 9.8≤ 2.6.8.12025-05-17
CVE-2025-4389 [CRITICAL] CWE-434 CVE-2025-4389: The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary fil
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's se
nvd
CVE-2026-9009P2HIGHCVSS 8.8≤ 2.7.22026-05-28
CVE-2026-9009 [HIGH] CWE-434 CVE-2026-9009: The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code E
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' shortcode attribute directly into call_user_func() with no sanitization or allowlist validation, relying sole
nvd