WordPress plugin CleanTalk 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. WordPress CleanTalk plugin 5.173 and earlier versions have a cross-sit...

WordPress plugin CleanTalk 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. WordPress CleanTalk plugin 5.173 and earlier versions have a cross-sit...

Anti-Spam by CleanTalk - Moderately critical - SQL Injection - SA-CONTRIB-2022-032

This module provides integration with the CleanTalk spam protection service. The module does not properly filter data in certain circumstances. Update: 2022-03-31 - fix release node links...

WordPress Security & Malware scan by CleanTalk plugin <= 2.80 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered in WordPress Security & Malware scan by CleanTalk plugin versions = 2.80. Solution Update the WordPress Security & Malware scan by CleanTalk plugin to the latest available version at least 2.80.1...

CVE-2021-24295

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

CVE-2021-24295

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

Sql injection

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

CVE-2021-24295

Summary: CVE-2021-24295 affects the WordPress plugin “Spam protection, AntiSpam, FireWall by CleanTalk” (versions before 5.153.4). The vulnerability arises from an unsafe query in the update_log function of lib/Cleantalk/ApbctWP/Firewall/SFW.php, which could be injected via the User-Agent header ...

EUVD-2021-11209

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

PT-2021-3413

Name of the Vulnerable Software and Affected Versions Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin versions prior to 5.153.4 Description The issue is related to the update log function in the lib/Cleantalk/ApbctWP/Firewall/SFW.php module, which does not properly protect the S...

WordPress Plugin SQL Injection Vulnerability

WordPress Plugin is an open source application plugin for WordPress. An SQL injection vulnerability exists in CleanTalk WordPress Plugin versions prior to 5.153.4, which originates from an update log function in lib/Cleantalk/ApbctWP/Firewall/SFW.php that contains a vulnerable query. An attacker...

WordPress CleanTalk Plugin < 5.153.4 SQLi Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

Anti-Spam WordPress Plugin Could Expose Website User Data

An SQL-injection vulnerability discovered in a WordPress plugin called “Spam protection, AntiSpam, FireWall by CleanTalk” could expose user emails, passwords, credit-card data and other sensitive information to an unauthenticated attacker. Spam protection, AntiSpam, FireWall by CleanTalk is...

WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <= 5.153.3 - Unauthenticated Time-Based Blind SQL Injection (SQLi) vulnerability

Unauthenticated Time-Based Blind SQL Injection SQLi vulnerability discovered by WordFence in WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin versions = 5.153.3. Solution Update the WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin to the latest available version ...

VulnCheck KEV: CVE-2021-24295

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be...

Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

WordPress CleanTalk Plugin < 5.149 SQLi Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

Wordpress CleanTalk SQL Injection Vulnerability

Wordpress CleanTalk is an application plugin for Wordpress. Provides a free anti-spam plugin that works with the premium Cloud AntiSpam service cleantalk.org. Anti-Spam by CleanTalk WordPress plugin before 5.149 suffers from a SQL injection vulnerability that stems from entering unverified...

CVE-2021-24131

Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user admin+...

CVE-2021-24131

Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user admin+...