Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

35 matches found

Patchstack
Patchstackadded 4 days ago9 views

WordPress Crawlomatic Multipage Scraper Post Generator plugin <= 2.7.2 - Authenticated (Author+) Remote Code Execution vulnerability

Authenticated Author+ Remote Code Execution vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Crawlomatic Multisite Scraper Post Generator versions = 2.7.2...

8.8CVSS5.8AI score0.00264EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2026/05/28 6:16 a.m.9 views

CVE-2026-9009

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS0.00264EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/28 5:30 a.m.5 views

CVE-2026-9009 Crawlomatic Multipage Scraper Post Generator <= 2.7.2 - Authenticated (Author+) Remote Code Execution via 'callback_raw' Shortcode Attribute

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS6.1AI score0.00264EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/28 5:30 a.m.5 views

EUVD-2026-32723

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS6.1AI score0.00264EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/28 5:30 a.m.8 views

CVE-2026-9009

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS6.1AI score0.00264EPSS
Exploits0References3
CVE
CVEadded 2026/05/28 5:30 a.m.11 views

CVE-2026-9009

CVE-2026-9009 affects the Crawlomatic Multipage Scraper Post Generator plugin for WordPress (versions up to 2.7.2). The root cause is insecure handling of the attacker-supplied shortcode attributes callback_raw and callback, which are passed directly into call_user_func() after only an is_callabl...

8.8CVSS6.1AI score0.00264EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/28 5:30 a.m.29 views

CVE-2026-9009 Crawlomatic Multipage Scraper Post Generator <= 2.7.2 - Authenticated (Author+) Remote Code Execution via 'callback_raw' Shortcode Attribute

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.5 views

PT-2026-44190

Name of the Vulnerable Software and Affected Versions Crawlomatic Multipage Scraper Post Generator versions prior to 2.7.3 Description The plugin allows authenticated attackers with author-level access and above to execute arbitrary code on the server. This occurs within the filter content functi...

8.8CVSS6.2AI score0.00264EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-17268

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.0026EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-15567

Malicious code in bioql PyPI...

9.8CVSS9AI score0.02565EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-17269

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00168EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/06/08 1:19 p.m.3 views

CVE-2025-49294

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through =...

5.3CVSS5.9AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/06/08 1:19 p.m.4 views

CVE-2025-49293

Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through...

4.3CVSS5.9AI score0.00168EPSS
Exploits0References1
NVD
NVDadded 2025/06/06 1:15 p.m.4 views

CVE-2025-49294

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through =...

5.3CVSS0.0026EPSS
Exploits0References1
NVD
NVDadded 2025/06/06 1:15 p.m.3 views

CVE-2025-49293

Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through...

4.3CVSS0.00168EPSS
Exploits0References1
CVE
CVEadded 2025/06/06 12:53 p.m.32 views

CVE-2025-49294

CVE-2025-49294 concerns “Insertion of Sensitive Information Into Sent Data” in Crawlomatic Multisite Scraper Post Generator. Affects Crawlomatic Multisite Scraper Post Generator versions up to 2.6.8.2 (per EUVD/Red Hat context). Public details in connected documents describe the issue and affecte...

5.3CVSS5.9AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/06/06 12:53 p.m.10 views

CVE-2025-49294 WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Sensitive Data Exposure via Log Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through =...

5.3CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/06/06 12:53 p.m.4 views

CVE-2025-49294 WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Sensitive Data Exposure via Log Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator crawlomatic-multipage-scraper-post-generator allows Retrieve Embedded Sensitive Data.This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through =...

5.3CVSS5.9AI score0.0026EPSS
Exploits0References1
CVE
CVEadded 2025/06/06 12:53 p.m.35 views

CVE-2025-49293

CVE-2025-49293 is a Missing Authorization vulnerability in the WordPress plugin Crawlomatic Multisite Scraper Post Generator. Exploitation could allow unauthorized access due to misconfigured access control. Affected versions are Crawlomatic Multisite Scraper Post Generator

4.3CVSS5.9AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/06/06 12:53 p.m.3 views

CVE-2025-49293 WordPress Crawlomatic Multisite Scraper Post Generator <= 2.6.8.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through 2.6.8.2...

4.3CVSS7.1AI score0.00168EPSS
Exploits0References1
Rows per page
Query Builder