CVE-2025-4389 | Crawlomatic Multipage Scraper Post Generator Plugin crawlomatic_generate_featured_image unrestricted upload

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in Crawlomatic Multipage Scraper Post Generator Plugin up to 2.6.8.1 on WordPress and classified as critical. Affected by this issue is the function crawlomatic_generate_featured_image. The manipulation leads to unrestricted upload.

This vulnerability is handled as CVE-2025-4389. The attack may be launched remotely. There is no exploit available.

CVE-2025-4389 | Crawlomatic Multipage Scraper Post Generator Plugin crawlomatic_generate_featured_image unrestricted upload

Post correlati

CVE-2024-30256 | Open WebUI up to 0.1.116 server-side request forgery (GHSA-39wr-r5vm-3jxj)

CVE-2024-1074 | Beaver Builder Plugin up to 2.7.4.2 on WordPress Audio Widget cross site scripting

CVE-2024-11115 | Google Chrome up to 130.0.6723.116 on iOS Navigation Remote Code Execution

CVE-2024-48454 | SourceCodester Purchase Order Management System 1.0 /admin?page=user Privilege Escalation