Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-8071

The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user...

8.8CVSS5.7AI score0.00296EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 7:16 a.m.14 views

CVE-2026-8071

The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user...

8.8CVSS0.00296EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

WordPress plugin Anti-Spam by CleanTalk 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.2AI score0.00296EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48387

Name of the Vulnerable Software and Affected Versions Anti-Spam by CleanTalk. Spam protection WordPress plugin versions prior to 6.79 Description Insufficient sanitization of content within a custom shortcode used in the email-encoding feature allows unauthenticated attackers to perform Stored...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:28 a.m.10 views

CVE-2026-7556

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.7AI score0.00241EPSS
Exploits0References7
Rows per page
Query Builder