CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

520 matches found

Positive Technologies•added 3 days ago•7 views

PT-2026-46082

This module provides spam protection using the CleanTalk cloud service. The module doesn't sufficiently sanitize API response messages before rendering them in HTML output. The cleantalk die and ct die functions output the CleanTalk API response message directly into HTML without proper...

5.9AI score

Exploits0References2

Vulnrichment•added 2026/04/02 6:0 a.m.•0 views

CVE-2026-1540 Spam Protect for Contact Form 7 < 1.2.10 - Editor+ Remote Code Execution

The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted header...

6AI score0.00114EPSS

Exploits0References1

CNNVD•added 2026/04/02 12:0 a.m.•3 views

WordPress plugin Spam Protect for Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS6.2AI score0.00114EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:9 p.m.•1 views

CVE-2026-33393

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the allowedspamhostdomains check used Stringendwith? without domain boundary validation, allowing domains like attacker-example.com to bypass spam protection when example.com was...

4.3CVSS5.8AI score0.00048EPSS

Exploits0References1

NVD•added 2026/03/25 5:17 p.m.•0 views

CVE-2026-32496

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue affects Spam Protect for Contact Form 7: from n/a through = 1.2.9...

6.8CVSS0.0007EPSS

Exploits0References1

NVD•added 2026/03/19 10:16 p.m.•0 views

CVE-2026-33393

4.3CVSS0.00048EPSS

Exploits0References4

CVE•added 2026/03/19 10:4 p.m.•3 views

CVE-2026-33393

Discourse contains a vulnerability in the spam protection check for allowed_spam_host_domains. Before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the check used String#end_with? without domain boundary validation, permitting a suffix-bypass such as attacker-example.com when example.com wa...

4.3CVSS5.8AI score0.00048EPSS

Exploits0References4Affected Software1

EUVD•added 2026/03/19 10:4 p.m.•0 views

EUVD-2026-13338

4.3CVSS5.8AI score0.00048EPSS

Exploits0References4

OSV•added 2026/03/19 10:4 p.m.•2 views

CVE-2026-33393 Discourse fixes loose hostname matching in spam host allowlist

4.3CVSS5.9AI score0.00048EPSS

Exploits0References6

NVD•added 2026/02/15 4:15 a.m.•6 views

CVE-2026-1490

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS PTR record spoofing on the 'checkWithoutToken' function in all versions up to, and including, 6.71. This makes it...

9.8CVSS0.00048EPSS

Exploits0References4

CNNVD•added 2026/02/15 12:0 a.m.•4 views

WordPress plugin Spam protection, Anti-Spam, FireWall by CleanTalk 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS6.1AI score0.00048EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-0216

Malware in sbrugna...

4.3CVSS6.4AI score0.00223EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-6650

Malware in sbrugna...

7.5CVSS6.4AI score0.00585EPSS

Exploits0References5