WordPress Plugin Vulnerabilities

Anti-Spam by CleanTalk < 5.22 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

cleantalk-spam-protect

Fixed in version 5.22

References

URL

http://cinu.pl/research/wp-plugins/mail_b33a49f2ed4053ac3838395f924d7a20.html

URL

http://blog.cinu.pl/2015/11/php-static-code-analysis-vs-top-1000-wordpress-plugins.html

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

WPVDB ID

982c7cef-eb17-49c4-9a92-87a5d0aca29b

Timeline

Publicly Published

2015-08-25 (about 6 years ago)

Added

2015-11-24 (about 6 years ago)

Last Updated

2020-11-20 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin