229 matches found
CVE-2023-33996 WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <= 6.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in СleanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through 6.10...
WordPress plugin Spam protection, AntiSpam, FireWall by CleanTalk 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugi...
The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems arises from improper handling of exceptional states, allowing attackers to execute arbitrary code.
The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems is related to improper handling of exceptional states. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Vulnerability of spam protection modules: The Spam Protection, AntiSpam, and FireWall plugins for WordPress website content management systems are vulnerable due to deficiencies in authentication procedures, allowing attackers to execute arbitrary code.
The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.43.2 is vulnerable to Broken Authentication
Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.43.2 Fixed in 6.44 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10542 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a624846c5f89...
WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication
Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.112 - IP Address Spoofing to Antispam Bypass vulnerability
IP Address Spoofing to Antispam Bypass vulnerability discovered by shaman0x01 in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.112...
CVE-2024-6171
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...
CVE-2024-6171
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...
CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...
CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...
CVE-2023-41134
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...
CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...
CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...
CVE-2024-27961
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...
CVE-2024-27961 WordPress AntiSpam for Contact Form 7 plugin <= 0.6.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...
CVE-2024-27961 WordPress AntiSpam for Contact Form 7 plugin <= 0.6.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...
CVE-2024-27961
CVE-2024-27961 is a reflected Cross-Site Scripting vulnerability in Codekraft AntiSpam for Contact Form 7 (CF7 AntiSpam). The issue arises from improper input neutralization during web page generation, allowing an attacker to inject script that is reflected to victims. Affected range is AntiSpam ...
PT-2024-22166 · Codekraft · Codekraft Antispam For Contact Form 7
Name of the Vulnerable Software and Affected Versions: Codekraft AntiSpam for Contact Form 7 versions 0.6.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that...
WordPress Plugin AntiSpam for Contact Form 7 Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...