CVE Catalog
CVE-2025-69131
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.50%
39th percentile — higher than 39% of all known CVEs
Summary
The WordPress & WooCommerce Scraper plugin versions <= 1.0.7 allows unauthenticated arbitrary file downloads. This issue arises from improper input validation.
Risk Assessment
An attacker could exploit this vulnerability to download sensitive files from the server, potentially leading to data exposure or system compromise.
Recommendation
It is recommended to update the plugin to the latest version to mitigate this vulnerability and conduct a security audit of the server.
Original NVD description (English source)
Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions.

