2 matches found
WordPress Spam protection, Honeypot, Anti-Spam by CleanTalk plugin < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability
Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability discovered by Matthew Rollings in WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk versions 6.79...
CVE-2026-8071
The CVE-2026-8071 entries (NVD, CVE List, EUVD/ENISA, and VulnEnrichment) document a stored XSS vulnerability in the Anti-Spam by CleanTalk WordPress plugin. Affected: the plugin before version 6.79; Root cause: improper sanitization of content inside a custom shortcode used in the plugin’s email...