CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

CVE-2026-7011

MaxSite CMS

CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

EUVD-2026-25685

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

MaxSite CMS 跨站脚本漏洞

MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Versions of MaxSite CMS starting from 109.3 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the floggingfile parameter in the admin/pluginantispam file within the...

PT-2026-35178

Name of the Vulnerable Software and Affected Versions MaxSite CMS versions prior to 109.4 Description A weakness in the Antispam Plugin component, specifically within the '/admin/plugin antispam' file, allows for remote cross-site scripting XSS. This occurs due to a lack of filtering via the...

WordPress FV Antispam plugin <= 2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin FV Antispam versions = 2.7...

WordPress OOPSpam Anti-Spam plugin <= 1.2.53 - Unauthenticated IP Header Spoofing vulnerability

Unauthenticated IP Header Spoofing vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin OOPSpam Anti-Spam versions = 1.2.53...

WordPress plugin AntiSpam for Contact Form 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2022-28222

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php...

CVE-2022-28221

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php...

CVE-2024-8094

The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8094

The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8094

The CVE-2024-8094 entry identifies a CSRF flaw in the Ntz Antispam WordPress plugin (versions up to 2.0e) where the settings update flow lacks CSRF protection. Root cause: missing CSRF check when updating plugin settings. Impact: a CSRF attack could cause a logged-in admin to change settings. Pub...

WordPress Plugin AntiSpam for Contact Form 7 Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.20 Fixed in 6.21 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-51696 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...