cleantalk
Vulnerabilities and Security Researches

Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection, CVE-2025-9376

CVE, Research URL

CVE-2025-9376

Home page URL

Security reports for Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection

Application

Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection

Published on
Aug 28, 2025
Research Description
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbots_check_wordpress_logged_in_cookie' function in all versions up to, and including, 11.58. This makes it possible for unauthenticated attackers to bypass blocklists, rate limits, and other plugin functionality.
Affected versions
Min -, max 11.59.
Status
vulnerable
Previous vulnerability researches
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
New vulnerability
OSM Map Widget for Elementor (CVE-2025-8619) , Aug 30, 2025
Simple Page Access Restriction (CVE-2025-58202) , Aug 30, 2025
Chartbeat (CVE-2025-53250) , Aug 30, 2025
Table Editor (CVE-2025-48310) , Aug 30, 2025
WP Thumbtack Review Slider (CVE-2025-58216) , Aug 30, 2025