Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cleantalk antispam vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-28222
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`
Cleantalk Antispam
6.1
CVSSv3
CVE-2022-28221
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php`
Cleantalk Antispam
6.1
CVSSv3
CVE-2019-17515
The CleanTalk cleantalk-spam-protect plugin prior to 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an malicious user to execute arbitrary HTML and JavaScript code via the from or till parameter. The component is: inc/cleantalk-users.php a...
Cleantalk Spam Protection\\, Antispam\\, Firewall
7.5
CVSSv3
CVE-2021-24295
It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin prior to 5.153.4. The update_log function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that...
Cleantalk Spam Protection\\, Antispam\\, Firewall
8.8
CVSSv3
CVE-2023-51535
Cross-Site Request Forgery (CSRF) vulnerability in ?leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a up to and including 6.20.
Cleantalk Spam Protection\\, Antispam\\, Firewall
7.2
CVSSv3
CVE-2022-3302
The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin prior to 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin
Cleantalk Spam Protection\\, Antispam\\, Firewall
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started