Vulnerabilities > CVE-2022-3302 - Unspecified vulnerability in Cleantalk Spam Protection, Antispam, Firewall

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
cleantalk

Summary

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin

Vulnerable Configurations

Part Description Count
Application
Cleantalk
319