{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-9376", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-22T23:42:07.806Z", "datePublished": "2025-08-28T11:16:21.743Z", "dateUpdated": "2026-04-08T17:06:10.612Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:06:10.612Z"}, "affected": [{"vendor": "sminozzi", "product": "Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "11.58", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbots_check_wordpress_logged_in_cookie' function in all versions up to, and including, 11.58. This makes it possible for unauthenticated attackers to bypass blocklists, rate limits, and other plugin functionality."}], "title": "Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 11.58 - Insufficient Authorization to Unauthenticated Blocklist Bypass", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d6b0d86-3cb4-4723-b677-141c604f00cc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/stopbadbots/trunk/stopbadbots.php#L1958"}, {"url": "https://plugins.trac.wordpress.org/changeset/3350927/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3351023/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-863 Incorrect Authorization", "cweId": "CWE-863", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jarno Vos"}], "timeline": [{"time": "2025-08-26T16:11:31.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-27T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-28T13:35:10.304505Z", "id": "CVE-2025-9376", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T14:48:14.973Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9376", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-28T13:35:10.304505Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T13:35:12.977Z"}}], "cna": {"title": "Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 11.58 - Insufficient Authorization to Unauthenticated Blocklist Bypass", "credits": [{"lang": "en", "type": "finder", "value": "Jarno Vos"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}}], "affected": [{"vendor": "sminozzi", "product": "Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "11.58"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-26T16:11:31.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-27T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d6b0d86-3cb4-4723-b677-141c604f00cc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/stopbadbots/trunk/stopbadbots.php#L1958"}, {"url": "https://plugins.trac.wordpress.org/changeset/3350927/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3351023/"}], "descriptions": [{"lang": "en", "value": "The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbots_check_wordpress_logged_in_cookie' function in all versions up to, and including, 11.58. This makes it possible for unauthenticated attackers to bypass blocklists, rate limits, and other plugin functionality."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:06:10.612Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9376", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:06:10.612Z", "dateReserved": "2025-08-22T23:42:07.806Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-28T11:16:21.743Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbots_check_wordpress_logged_in_cookie' function in all versions up to, and including, 11.58. This makes it possible for unauthenticated attackers to bypass blocklists, rate limits, and other plugin functionality."}], "id": "CVE-2025-9376", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-28T12:15:39.280", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/stopbadbots/trunk/stopbadbots.php#L1958"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3350927/"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3351023/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d6b0d86-3cb4-4723-b677-141c604f00cc?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T06:06:09.669270+00:00", "value": {"mitigation_remediation": ["Upgrade the plugin to the patched version that corrects the capability check.", "If an upgrade is not immediately available, block unauthenticated access to the plugin\u2019s endpoint URLs using web server rules, firewall settings, or WordPress role\u2011based access controls.", "As a temporary measure, disable or reduce the blocklist and rate\u2011limit features until a permanent fix can be applied."], "summary": {"action": "Patch", "impact": "Authorization bypass allowing unauthenticated users to bypass blocklists, rate limits, and other anti\u2011spam controls"}, "threat_synthesis": {"affected_systems": "Any WordPress installation that has the Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin version 11.58 or earlier is affected. The description indicates that later releases may not yet address the issue, so administrators should verify the current plugin version against the vendor\u2019s update notes.", "description_and_impact": "The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin contains an insufficient capability check in the function 'stopbadbots_check_wordpress_logged_in_cookie'. This flaw lets unauthenticated users trigger the plugin\u2019s filtering logic, enabling them to bypass configured blocklists, rate limits, and other anti\u2011spam mechanisms. The vulnerability is an authorization bypass weakness (CWE\u2011863) and does not provide arbitrary code execution or higher privileges.", "risk_and_exploitability": "The CVSS score of 6.5 classifies the flaw as moderate severity, while the EPSS score of <\u202f1\u202f% suggests a very low likelihood of exploitation at present. The vulnerability is not listed in CISA\u2019s KEV catalog. The likely attack vector involves sending crafted HTTP requests to the plugin\u2019s endpoints that invoke the vulnerable function; no authenticated role is required. Because the flaw erodes core anti\u2011spam protections, it should be remediated promptly."}}}}, "created": "2026-04-22T06:15:10.426673+00:00", "updated": "2026-04-22T06:15:10.426684+00:00", "vendors": []}