Vulnerabilities > Cleantalk

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-05	CVE-2023-51535	Cross-Site Request Forgery (CSRF) vulnerability in Cleantalk Spam Protection, Antispam, Firewall Cross-Site Request Forgery (CSRF) vulnerability in ?leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20. network low complexity cleantalk CWE-352	8.8
2023-11-27	CVE-2023-5239	Unspecified vulnerability in Cleantalk Security & Malware Scan The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. network low complexity cleantalk	7.5
2023-10-20	CVE-2020-36698	Missing Authorization vulnerability in Cleantalk Security & Malware Scan The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. network low complexity cleantalk CWE-862	8.8
2022-10-25	CVE-2022-3302	SQL Injection vulnerability in Cleantalk Spam Protection, Antispam, Firewall The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin network low complexity cleantalk CWE-89	7.2
2022-04-19	CVE-2022-28221	Cross-site Scripting vulnerability in Cleantalk Antispam The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php` network low complexity cleantalk CWE-79	6.1
2022-04-19	CVE-2022-28222	Cross-site Scripting vulnerability in Cleantalk Antispam The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php` network low complexity cleantalk CWE-79	6.1
2021-05-17	CVE-2021-24295	SQL Injection vulnerability in Cleantalk Spam Protection, Antispam, Firewall It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. network low complexity cleantalk CWE-89	7.5
2021-03-18	CVE-2021-24131	SQL Injection vulnerability in Cleantalk Anti-Spam Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user (admin+). network low complexity cleantalk CWE-89	7.2
2019-11-13	CVE-2019-17515	Cross-site Scripting vulnerability in Cleantalk Spam Protection, Antispam, Firewall The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). network low complexity cleantalk CWE-79	6.1

Vulnerabilities > Cleantalk {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cleantalk"}]}

Vulnerabilities > Cleantalk