Medium severity6.5NVD Advisory· Published Aug 28, 2025· Updated Apr 15, 2026
CVE-2025-9376
CVE-2025-9376
Description
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbots_check_wordpress_logged_in_cookie' function in all versions up to, and including, 11.58. This makes it possible for unauthenticated attackers to bypass blocklists, rate limits, and other plugin functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Stop Bad Bots/Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protectionllm-createRange: <=11.58
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.