PatchSiren cyber security CVE debrief
CVE-2025-68840 markbeljaars CVE debrief
CVE-2025-68840 is a HIGH severity Unauthenticated Cross Site Scripting (XSS) vulnerability in the iRobots.txt SEO plugin, affecting versions up to and including 1.1.2. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-68840).
- Vendor
- markbeljaars
- Product
- iRobots.txt SEO
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of iRobots.txt SEO plugin version 1.1.2 or earlier should apply patches or mitigations as available.
Technical summary
The vulnerability is characterized as CWE-79, with a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates for iRobots.txt SEO plugin as available.
- Review and follow security best practices for WordPress plugins.
Evidence notes
Evidence suggests the vulnerability was reported by [email protected].
Official resources
-
CVE-2025-68840 CVE record
CVE.org
-
CVE-2025-68840 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2025-68840 was published on 2026-06-15T21:16:38.313Z and modified on 2026-06-15T21:24:32.790Z.