Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Patchstack
Patchstackadded 2026/06/11 8:30 a.m.9 views

WordPress Spam protection, Honeypot, Anti-Spam by CleanTalk plugin < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability

Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability discovered by Matthew Rollings in WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk versions 6.79...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/06/10 12:0 a.m.8 views

PT-2026-48387

Name of the Vulnerable Software and Affected Versions Anti-Spam by CleanTalk. Spam protection WordPress plugin versions prior to 6.79 Description Insufficient sanitization of content within a custom shortcode used in the email-encoding feature allows unauthenticated attackers to perform Stored...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References9
NVD
NVDadded 2025/12/09 4:17 p.m.3 views

CVE-2025-13604

The Login Security, FireWall, Malware removal by CleanTalk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the page URL in all versions up to, and including, 2.168 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...

7.2CVSS0.00259EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/02/29 12:0 a.m.4 views

WordPress Plugin Spam protection, Anti-Spam, FireWall by CleanTalk Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS6.5AI score0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/02/28 12:0 a.m.5 views

PT-2024-14251 · Cleantalk · Cleantalk

Name of the Vulnerable Software and Affected Versions: CleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk versions n/a through 6.20 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It affects the Spam protection, Anti-Spam, FireWall by...

8.8CVSS5.5AI score0.00241EPSS
Exploits0References6
BDU FSTEC
BDU FSTECadded 2021/06/29 12:0 a.m.4 views

The vulnerability of the update_log function (lib/Cleantalk/ApbctWP/Firewall/SFW.php) in spam protection modules, including AntiSpam and CleanTalk firewall plugins, allows attackers to execute arbitrary SQL queries.

The vulnerability of the updatelog function in modules for spam protection, AntiSpam, and CleanTalk firewall plugins is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

7.8CVSS7.6AI score0.04691EPSS
Exploits1References4Affected Software3
Rows per page
Query Builder