Skip to main content

Irobots Txt Seo

1 CVEs product

Monthly

CVE-2025-68840 HIGH This Week

Reflected cross-site scripting in the iRobots.txt SEO WordPress plugin (versions 1.1.2 and earlier) allows remote unauthenticated attackers to inject malicious JavaScript that executes in a victim's browser when they interact with a crafted link. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 7.1 driven by a scope change, though no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV. Exploitation requires user interaction, which limits mass-scale weaponization but makes it viable for targeted phishing against WordPress administrators.

XSS Irobots Txt Seo
NVD VulDB
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the iRobots.txt SEO WordPress plugin (versions 1.1.2 and earlier) allows remote unauthenticated attackers to inject malicious JavaScript that executes in a victim's browser when they interact with a crafted link. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 7.1 driven by a scope change, though no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV. Exploitation requires user interaction, which limits mass-scale weaponization but makes it viable for targeted phishing against WordPress administrators.

XSS Irobots Txt Seo
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy