27 matches found
CVE-2023-45759
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Peter Keung Peter’s Custom Anti-Spam plugin = 3.2.2 versions...
EUVD-2017-11103
Malware in sbrugna...
EUVD-2023-39904
Malicious code in bioql PyPI...
EUVD-2023-50048
Malicious code in bioql PyPI...
CVE-2025-2935 Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms <= 2024.7 - Cross-Site Request Forgery to Multiple Administrative Actions
The Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.7. This is due to missing or incorrect nonce validation in the 'ssoptionmaint.php' and 'ssuserfilterlist' files. This make...
PT-2025-24020 · WordPress · Anti-Spam: Spam Protection | Block Spam Users
Name of the Vulnerable Software and Affected Versions: Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress versions up to, and including, 2024.7 Description: The issue is due to missing or incorrect nonce validation in the 'ss option maint.php' and 'ss user filter...
WordPress plugin Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. Cross-site request forgery vulnerability...
CVE-2022-2877
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers...
CVE-2021-24131
Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user admin+...
CVE-2017-20096
A vulnerability classified as problematic has been found in WP-SpamFree Anti-Spam Plugin 2.1.1.4. This affects an unknown part. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely...
WordPress CleanTalk Plugin < 6.44 Authorization Bypass Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cleantalk:cleantalk-spam-protect"; ifdescription...
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin for WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-1054...
CVE-2024-10781
creationtimestamp| type| source ---|---|--- 2024-11-26 05:36:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113547632664236916 2024-11-26 12:23:00+00:00| seen| https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html 2024-11-26 13:57:01+00:00| seen|...
CVE-2023-45759
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Peter Keung Peter’s Custom Anti-Spam plugin = 3.2.2 versions...
CVE-2023-35913
Cross-Site Request Forgery CSRF vulnerability in OOPSpam OOPSpam Anti-Spam plugin = 1.1.44 versions...
CVE-2023-35913
CVE-2023-35913 concerns the WordPress plugin OOPSpam Anti-Spam (versions
CVE-2023-35913 WordPress OOPSpam Anti-Spam Plugin <= 1.1.44 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in OOPSpam OOPSpam Anti-Spam plugin = 1.1.44 versions...
CVE-2023-22716 WordPress OOPSpam Anti-Spam Plugin <= 1.1.35 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Cross-Site Scripting vulnerability in OOPSpam OOPSpam Anti-Spam plugin = 1.1.35 versions...
Design/Logic Flaw
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers...
CVE-2017-20096
A vulnerability classified as problematic has been found in WP-SpamFree Anti-Spam Plugin 2.1.1.4. This affects an unknown part. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely...