CVE-2026-9009

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

WordPress Crawlomatic Multipage Scraper Post Generator plugin <= 2.7.2 - Authenticated (Author+) Remote Code Execution vulnerability

Authenticated Author+ Remote Code Execution vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Crawlomatic Multisite Scraper Post Generator versions = 2.7.2...

CVE-2026-9009 Crawlomatic Multipage Scraper Post Generator <= 2.7.2 - Authenticated (Author+) Remote Code Execution via 'callback_raw' Shortcode Attribute

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

EUVD-2024-17575

Malicious code in bioql PyPI...

EUVD-2024-34162

Malicious code in bioql PyPI...

EUVD-2024-30500

Malicious code in bioql PyPI...

EUVD-2025-15566

Malicious code in bioql PyPI...

CVE-2025-49312

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...

CVE-2025-49312

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...

WordPress plugin Crawlomatic Multisite Scraper Post Generator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

WordPress plugin Crawlomatic Multisite Scraper Post Generator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2024-32713

Missing Authorization vulnerability in AutoWriter AI Post Generator | AutoWriter.This issue affects AI Post Generator | AutoWriter: from n/a through 3.3...

CVE-2024-11709

The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aipostgeneratordeletePost AJAX action in all versions up to, and including, 3.5. This makes it possible for authenticated attackers, with...

CVE-2025-4391

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...

WordPress plugin Crawlomatic Multipage Scraper Post Generator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

WordPress plugin Echo RSS Feed Post Generator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2024-11709

CVE-2024-11709 concerns the WordPress plugin AI Post Generator | AutoWriter. The vulnerability stems from a missing capability check on the ai_post_generator_delete_Post AJAX action, affecting all versions up to 3.5. The flaw enables authenticated attackers with Contributor-level access or higher...

CVE-2024-11709 AI Post Generator | AutoWriter <= 3.5 - Missing Authorization to Authenticated (Contributor+) Post/Page Deletion

The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aipostgeneratordeletePost AJAX action in all versions up to, and including, 3.5. This makes it possible for authenticated attackers, with...

CVE-2024-11709 AI Post Generator | AutoWriter <= 3.5 - Missing Authorization to Authenticated (Contributor+) Post/Page Deletion

The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aipostgeneratordeletePost AJAX action in all versions up to, and including, 3.5. This makes it possible for authenticated attackers, with...

WordPress AI Post Generator | AutoWriter plugin <= 3.5 - Missing Authorization to Authenticated (Contributor+) Post/Page Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Post/Page Deletion vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin AI Post Generator | AutoWriter versions = 3.5...