CVE Catalog

CVE-2025-69129

CriticalCVSS 10.0
Published: Updated: Translated: NVD NIST

Summary

The WordPress & WooCommerce Scraper plugin versions <= 1.0.7 allows unauthenticated arbitrary file uploads.

Risk Assessment

An attacker could exploit this vulnerability to upload malicious files, potentially leading to full control over the website.

Recommendation

It is recommended to update the plugin to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS