7 matches found
WordPress Maspik plugin authorization issue vulnerability
WordPress Maspik plugin is an anti-spam plugin for WordPress that is mainly used to protect website contact forms, comment areas and signup forms from spam. WordPress Maspik plugin suffers from an authorization issue vulnerability that stems from a lack of capability check in the function...
WordPress Maspik - Ultimate Spam Protection plugin Cross-Site Request Forgery Vulnerability
WordPress Heateor Maspik - Ultimate Spam Protection plugin is an anti-spam plugin designed specifically for WordPress that protects contact forms, comment areas and signup forms from spam through a variety of technical means. The WordPress Maspik - Ultimate Spam Protection plugin suffers from a...
CVE-2025-9979
CVE-2025-9979 concerns the Maspik WordPress plugin (versions up to 2.5.6). The root cause is missing capability checks in the Maspik_spamlog_download_csv function, enabling authenticated users with subscriber-level access and above to export the spam log database, which may contain misclassified ...
WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability
CSRF to Settings Change vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Maspik – Spam blacklist versions = 2.2.7...
CVE-2023-48271 WordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through 0.10.3...
WordPress Maspik – Spam blacklist Plugin <= 0.10.6 is vulnerable to Cross Site Scripting (XSS)
Software Maspik – Spam blacklist Type Plugin Vulnerable versions = 0.10.6 Fixed in 0.10.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25101 Patch priority Low CVSS severity Low 5.9 Developer Yonifre PSID 8543ae1db053 Credits Dhabaleshwar Das Required privilege...
WordPress Maspik – Spam blacklist Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS)
Software Maspik – Spam blacklist Type Plugin Vulnerable versions = 0.9.2 Fixed in 0.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-48272 Patch priority High CVSS severity High 7.1 Developer Yonifre PSID 51f68067a7ba Credits Mika Required privile...