Vulnerabilities and security researches forbetter-robots-txt better-robots-txt
Direction: descendingJun 16, 2026
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # 6d8910c719b2a132ec93828cd37e418b19cac960
- CVE, Research URL
- Home page URL
- Date
- Mar 04, 2022
- Research Description
- Better Robots.txt – AI-Ready Crawl Control & Bot Governance [better-robots-txt] < 1.4.4 Freemius SDK <= 2.4.2 - Missing Authorization Checks The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
- Affected versions
-
max 1.4.4.
- Status
-
vulnerable
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # 5fd819e2958169cd193de7464b37db70634ff4d7
- CVE, Research URL
- Home page URL
- Date
- Feb 28, 2022
- Research Description
- Better Robots.txt – AI-Ready Crawl Control & Bot Governance [better-robots-txt] < 1.4.4 WordPress "WordPress Robots.txt optimization (+ XML Sitemap) – Website traffic, SEO & ranking Booster" plugin < 1.4.4 - Sensitive Information Disclosure vulnerability Sensitive Information Disclosure vulnerability discovered in WordPress "WordPress Robots.txt optimization (+ XML Sitemap) – Website traffic, SEO & ranking Booster" plugin (versions < 1.4.4).
- Affected versions
-
max 1.4.4.
- Status
-
vulnerable
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # 6ff37c2e-e21d-4abc-bafe-8ca6a2c1ed76
- CVE, Research URL
- Home page URL
- Date
- -
- Research Description
- Better Robots.txt – AI-Ready Crawl Control & Bot Governance [better-robots-txt] < 1.2.6 Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update The library, used in numerous plugins, does not have proper authorisation when updating blog options, allowing any authenticated users, such as subscriber to update arbitrary options
- Affected versions
-
max 1.2.6.
- Status
-
vulnerable
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # 7e57cd4f4859826de00a8e2b09ee24fb7f2d824b
- CVE, Research URL
- Home page URL
- Date
- Feb 25, 2019
- Research Description
- Better Robots.txt – AI-Ready Crawl Control & Bot Governance [better-robots-txt] < 1.2.6 Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update The Freemius SDK for WordPress is vulnerable to authorization bypass due to a missing capability check on the _get_db_option and _set_db_option functions in versions up to, and including, 2.2.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change site settings and potentially take over the site.
- Affected versions
-
max 1.2.6.
- Status
-
vulnerable
Jun 14, 2026
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # CVE-2023-33999
- CVE, Research URL
- Home page URL
- Date
- Jun 11, 2026
- Research Description
- Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
- Affected versions
-
max 1.4.7.
- Status
-
vulnerable
Nov 14, 2024
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # CVE-2022-4974
- CVE, Research URL
- Home page URL
- Date
- Oct 16, 2024
- Research Description
- The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
- Affected versions
-
max 1.4.4.
- Status
-
vulnerable
Jun 07, 2024
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # db3d3a5e56a80feb8721a3172bb9a2ed1c03a908
- CVE, Research URL
- Home page URL
- Date
- Feb 28, 2022
- Research Description
- Better Robots.txt – AI-Ready Crawl Control & Bot Governance [better-robots-txt] < 1.4.4 WordPress "WordPress Robots.txt optimization (+ XML Sitemap) – Website traffic, SEO & ranking Booster" plugin < 1.4.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress "WordPress Robots.txt optimization (+ XML Sitemap) – Website traffic, SEO & ranking Booster" plugin (versions < 1.4.4).
- Affected versions
-
max 1.4.4.
- Status
-
vulnerable
WordPress Robots.txt optimizer (+ XML Sitemap) – Boost SEO, Traffic & Rankings # CVE-2023-25706
- CVE, Research URL
- Home page URL
- Date
- Jul 11, 2023
- Research Description
- Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.
- Affected versions
-
max 1.4.6.
- Status
-
vulnerable