Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:6 a.m.12 views

CVE-2024-10781

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'apikey' value in the 'perform' function in all versions up to, and including, 6.44. This makes it possible for...

8.1CVSS8AI score0.03824EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2024/11/26 1:23 p.m.19 views

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin for WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-1054...

9.8CVSS10AI score0.15236EPSS
Exploits1
Circl
Circl
added 2024/11/26 5:36 a.m.28 views

CVE-2024-10781

creationtimestamp| type| source ---|---|--- 2024-11-26 05:36:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113547632664236916 2024-11-26 12:23:00+00:00| seen| https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html 2024-11-26 13:57:01+00:00| seen|...

8.1CVSS9AI score0.03824EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/11/26 5:33 a.m.37 views

CVE-2024-10781 Spam protection, Anti-Spam, FireWall by CleanTalk <= 6.44 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Arbitrary Plugin Installation

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'apikey' value in the 'perform' function in all versions up to, and including, 6.44. This makes it possible for...

8.1CVSS0.03824EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/11/26 5:33 a.m.26 views

CVE-2024-10781 Spam protection, Anti-Spam, FireWall by CleanTalk <= 6.44 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Arbitrary Plugin Installation

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'apikey' value in the 'perform' function in all versions up to, and including, 6.44. This makes it possible for...

8.1CVSS7.9AI score0.03824EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.27 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.44 is vulnerable to Broken Authentication

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.44 Fixed in 6.45 OWASP Top 10 A1: Broken Access Control Classification Broken Authentication CVE CVE-2024-10781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bd21f35fe5e...

8.1CVSS6.3AI score0.03824EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder