202 matches found
WordPress plugin Catalog Importer, Scraper & Crawler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
WordPress Catalog Importer, Scraper & Crawler Plugin <= 5.1.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Catalog Importer, Scraper & Crawler versions = 5.1.3...
CVE-2024-56800
CVE-2024-56800 – Firecrawl SSRF vulnerability : Firecrawl (OSS) before v1.1.1 is affected by a server-side request forgery that can be triggered by a malicious scrape target redirecting to a local IP, enabling exfiltration of local network resources via the API. The cloud service was patched on 2...
CVE-2024-56800 Firecrawl has SSRF Vulnerability via malicious scrape target
Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...
PT-2024-37074
Name of the Vulnerable Software and Affected Versions Firecrawl versions prior to 1.1.1 Description Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. The scraping engine could be exploited by crafting a malicious site that redirects to a...
Malicious code in google-play-store (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0f8bc12f61546bde84dd1d7a64519fcdc55ce875b71f3d8d848d2d5daa2248d This is a copy of https://pypi.org/project/play-scraper/ with added a very questionable "telemetry": in scraper.py, L90 sends the user hostname, IP and the exa...
CVE-2024-37208
Server-Side Request Forgery SSRF vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7...
CVE-2024-37208
CVE-2024-37208 is an SSRF issue in the WordPress WP Scraper plugin, affecting WP Scraper versions from n/a through 5.7. Connected sources describe the vulnerability as SSRF in WP Scraper and indicate it has been patched, with remediation to upgrade to a version later than 5.7. Public references (...
CVE-2024-37208 WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7...
WordPress plugin WP Scraper code issue vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2024-27376 · WordPress · Wp Scraper
Name of the Vulnerable Software and Affected Versions: WP Scraper versions 5.7 and earlier Description: A Server-Side Request Forgery SSRF issue has been identified. This issue allows an attacker to forge requests from the server, potentially leading to unauthorized access to internal resources...
What?s That Scraping Sound? How Web Scraper Bots Erode Ecommerce Profits
...
What’s That Scraping Sound? How Web Scraper Bots Erode Ecommerce Profits
...
MAL-2024-7015 Malicious code in royal-mail_scraper (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in adwords-scraper (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6523 Malicious code in adwords-scraper (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in shadow-scraper (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5999 Malicious code in shadow-scraper (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in quickscan-scraper (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in libaryscraper (PyPI)
--- -= Per source details. Do not edit below this line.=-...