WordPress Plugin Vulnerabilities

Zero Spam < 5.5.7 - Spam Protection Bypass

Description

The plugin is vulnerable to bypass, allowing unauthenticated attackers to bypass spam protections in place.

Affects Plugins

Plugin icon
zero-spam
Fixed in 5.5.7

References

CVE
CVE-2024-32521
URL
https://patchstack.com/database/vulnerability/zero-spam/wordpress-zero-spam-for-wordpress-plugin-5-5-5-bypass-spam-protection-vulnerability

Miscellaneous

Original Researcher
Brandon James Roldan (tomorrowisnew)
Verified
No
WPVDB ID
e8f53e21-dcba-4a99-8e95-8b9d28512304

Timeline

Publicly Published
2024-04-15 (about 2 years ago)
Added
2024-04-23 (about 2 years ago)
Last Updated
2024-05-08 (about 2 years ago)

Other

Published
Title
Published
2023-10-03
Title
Captcha/Honeypot for Contact Form 7 < 1.11.4 - Captcha Bypass
Published
2016-04-25
Title
iThemes Security <= 5.3.5 - Lack of Capability Check
Published
2012-06-01
Title
Limit Login Attempts < 1.7.1 - Auth Cookies Brute Force Bypass
Published
2022-01-06
Title
IP2Location Country Blocker < 2.26.5 - Ban Bypass
Published
2018-03-02
Title
NextGEN Gallery < 2.2.50 - Galley Paths Not Secured