CVE-2026-3213
- EPSS 0.03%
- Veröffentlicht 25.03.2026 15:22:26
- Zuletzt bearbeitet 31.03.2026 19:24:13
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Anti-Spam by CleanTalk allows Cross-Site Scripting (XSS).This issue affects Anti-Spam by CleanTalk: from 0.0.0 before 9.7.0.
CVE-2024-10542
- EPSS 40.97%
- Veröffentlicht 26.11.2024 06:15:07
- Zuletzt bearbeitet 12.07.2025 00:25:44
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, an...
CVE-2023-51696
- EPSS 0.17%
- Veröffentlicht 29.02.2024 05:15:09
- Zuletzt bearbeitet 22.04.2025 16:15:41
Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.
CVE-2021-24131
- EPSS 0.97%
- Veröffentlicht 18.03.2021 15:15:14
- Zuletzt bearbeitet 21.11.2024 05:52:25
Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user (admin+).