CVE-2023-25706

MEDIUM

Pagup WordPress Robots.Txt optimization <= 1.4.5 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-25706. PoCs published by yaudahbanh.

AI-analyzed exploit summary The repository contains a collection of README files describing various WordPress plugin vulnerabilities, including CVE-2023-25706, which involves a CSRF vulnerability in the WordPress Robots.txt optimization plugin. The descriptions are technical but lack exploit code or detailed technical analysis.

Description

Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.

Exploits (1)

github WRITEUP
by yaudahbanh · poc
https://github.com/yaudahbanh/CVE-Archive/tree/main/CVE-2023-25706

The repository contains a collection of README files describing various WordPress plugin vulnerabilities, including CVE-2023-25706, which involves a CSRF vulnerability in the WordPress Robots.txt optimization plugin. The descriptions are technical but lack exploit code or detailed technical analysis.

Classification
Writeup 90%
Attack Type
Csrf
Complexity
Moderate
Reliability
Theoretical
Target: WordPress Robots.txt optimization Plugin <= 1.4.5
Auth required
Prerequisites: Admin user interaction · Crafted CSRF request
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 5.4
EPSS 0.0022
EPSS Percentile 12.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (2)
pagup/better_robots.txt < 1.4.5
Pagup/WordPress Robots.txt optimization < 1.4.5
Published Jul 11, 2023
Tracked Since Feb 18, 2026