WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. An SQL injection vulnerability exists in CleanTalk WordPress Plugin versions prior to 5.153.4, which originates from an update log function in lib/Cleantalk/ApbctWP/Firewall/SFW.php that contains a vulnerable query. An attacker...

PT-2021-3413

Name of the Vulnerable Software and Affected Versions Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin versions prior to 5.153.4 Description The issue is related to the update log function in the lib/Cleantalk/ApbctWP/Firewall/SFW.php module, which does not properly protect the S...