CVE-2026-9009 Crawlomatic Multipage Scraper Post Generator <= 2.7.2 - Authenticated (Author+) Remote Code Execution via 'callback_raw' Shortcode Attribute

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

WordPress plugin Crawlomatic Multipage Scraper Post Generator 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2025-4389 Crawlomatic Multipage Scraper Post Generator <= 2.6.8.1 - Unauthenticated Arbitrary File Upload

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomaticgeneratefeaturedimage function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to...

WordPress plugin Crawlomatic Multipage Scraper Post Generator 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...