Lucene search
+L

229 matches found

Cvelist
Cvelist
added 2024/12/13 2:23 p.m.32 views

CVE-2023-33996 WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <= 6.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in СleanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through 6.10...

8.8CVSS0.00685EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin Spam protection, AntiSpam, FireWall by CleanTalk 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugi...

8.8CVSS8.5AI score0.00685EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.11 views

The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems arises from improper handling of exceptional states, allowing attackers to execute arbitrary code.

The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems is related to improper handling of exceptional states. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.1CVSS8.5AI score0.03824EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.11 views

Vulnerability of spam protection modules: The Spam Protection, AntiSpam, and FireWall plugins for WordPress website content management systems are vulnerable due to deficiencies in authentication procedures, allowing attackers to execute arbitrary code.

The vulnerability of Spam protection, AntiSpam, and FireWall modules in the CleanTalk plugin for WordPress website content management systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.15236EPSS
Exploits1References4Affected Software3
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.26 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.43.2 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.43.2 Fixed in 6.44 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10542 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a624846c5f89...

9.8CVSS6.6AI score0.15236EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.27 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...

8.1CVSS6.3AI score0.03824EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/07/09 6:52 a.m.7 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.112 - IP Address Spoofing to Antispam Bypass vulnerability

IP Address Spoofing to Antispam Bypass vulnerability discovered by shaman0x01 in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.112...

5.3CVSS7AI score0.00249EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/07/09 5:15 a.m.3 views

CVE-2024-6171

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References4
NVD
NVD
added 2024/07/09 5:15 a.m.37 views

CVE-2024-6171

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

5.3CVSS0.00249EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/09 4:32 a.m.34 views

CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

5.3CVSS0.00249EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/09 4:32 a.m.18 views

CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

5.3CVSS6.9AI score0.00249EPSS
Exploits0References4
NVD
NVD
added 2024/06/04 8:15 a.m.23 views

CVE-2023-41134

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...

5.3CVSS5.3AI score0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 7:23 a.m.20 views

CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...

5.3CVSS7AI score0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 7:23 a.m.27 views

CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3...

5.3CVSS5.3AI score0.00372EPSS
Exploits0References1
NVD
NVD
added 2024/03/17 5:15 p.m.21 views

CVE-2024-27961

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...

7.1CVSS7AI score0.00334EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/17 4:33 p.m.12 views

CVE-2024-27961 WordPress AntiSpam for Contact Form 7 plugin <= 0.6.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...

7.1CVSS7AI score0.00334EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/17 4:33 p.m.18 views

CVE-2024-27961 WordPress AntiSpam for Contact Form 7 plugin <= 0.6.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0...

7.1CVSS7.1AI score0.00334EPSS
Exploits0References1
CVE
CVE
added 2024/03/17 4:33 p.m.63 views

CVE-2024-27961

CVE-2024-27961 is a reflected Cross-Site Scripting vulnerability in Codekraft AntiSpam for Contact Form 7 (CF7 AntiSpam). The issue arises from improper input neutralization during web page generation, allowing an attacker to inject script that is reflected to victims. Affected range is AntiSpam ...

7.1CVSS8.6AI score0.00334EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/17 12:0 a.m.5 views

PT-2024-22166 · Codekraft · Codekraft Antispam For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Codekraft AntiSpam for Contact Form 7 versions 0.6.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that...

7.1CVSS9.3AI score0.00334EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/17 12:0 a.m.8 views

WordPress Plugin AntiSpam for Contact Form 7 Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS6AI score0.00334EPSS
Exploits0References2
Rows per page
Query Builder