Lucene search
K

68 matches found

Vulnrichment
Vulnrichment
added 2022/10/25 12:0 a.m.8 views

CVE-2022-3302 Anti-Spam by CleanTalk < 5.185.1 - Admin+ SQLi

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin...

7.1AI score0.01015EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.10 views

PT-2022-21649 · WordPress · Cleantalk

Name of the Vulnerable Software and Affected Versions: Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin versions prior to 5.185.1 Description: The issue concerns a lack of validation for ids used in SQL statements, potentially leading to SQL injection. This could be exploited by...

7.2CVSS7.3AI score0.01015EPSS
Exploits2References5
CNVD
CNVD
added 2022/04/01 12:0 a.m.28 views

WordPress CleanTalk plugin cross-site scripting vulnerability (CNVD-2022-67605)

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. WordPress CleanTalk plugin 5.173 and earlier versions have a cross-sit...

6.1CVSS2AI score0.02303EPSS
Exploits2References1
EUVD
EUVD
added 2021/05/17 4:48 p.m.6 views

EUVD-2021-11209

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

7.5CVSS7.7AI score0.04691EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2021/05/05 8:58 p.m.72 views

Anti-Spam WordPress Plugin Could Expose Website User Data

An SQL-injection vulnerability discovered in a WordPress plugin called “Spam protection, AntiSpam, FireWall by CleanTalk” could expose user emails, passwords, credit-card data and other sensitive information to an unauthenticated attacker. Spam protection, AntiSpam, FireWall by CleanTalk is...

7.5CVSS7.2AI score0.04691EPSS
Exploits1References8
OSV
OSV
added 2021/03/18 3:15 p.m.4 views

CVE-2021-24131

Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user admin+...

7.2CVSS7.1AI score0.01444EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2019/11/15 12:0 a.m.18 views

WordPress CleanTalk Plugin < 5.127.4 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113568";...

6.1CVSS6.3AI score0.01307EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/11/13 8:8 p.m.17 views

CVE-2019-17515

The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting XSS. The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter. The component is: inc/cleantalk-users.php and...

6.2AI score0.01307EPSS
Exploits0References3
Rows per page
Query Builder