Vulnerabilities and security researches forwp-scraper wp-scraper

Jun 06, 2024

CVE, Research URL: CVE-2024-3663
Home page URL: Security reports for WP Scraper
Application: WP Scraper
Date: May 22, 2024
Research Description: The WP Scraper plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wp_scraper_multi_scrape_action() function in all versions up to, and including, 5.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary pages and posts.
Affected versions: max 5.8.
Status: vulnerable

Jun 24, 2024

CVE, Research URL: CVE-2024-37208
Home page URL: Security reports for WP Scraper
Application: WP Scraper
Date: Jul 06, 2024
Research Description: Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7.
Affected versions: max 5.8.1.
Status: vulnerable

Jan 11, 2026

CVE, Research URL: CVE-2025-62088
Home page URL: Security reports for WP Scraper
Application: WP Scraper
Date: Dec 31, 2025
Research Description: Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7.
Affected versions: max 1.0.7.
Status: vulnerable