zCat on Nostr: Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites ...
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
Two critical vulnerabilities in CleanTalk’s anti-spam plugin for WordPress could allow attackers to execute arbitrary code remotely, without authentication, Defiant warns.
The issues, tracked as CVE-2024-10542 and CVE-2024-10781 (CVSS score of 9.8), affect the ‘Spam protection, Anti-Spam, FireWall by CleanTalk’ plugin, which has more than 200,000 active installations.
Both flaws could allow remote, unauthenticated attackers to install and activate arbitrary plugins, including vulnerable plugins that could be exploited for remote code execution (RCE).
See more:
Security Week:
https://www.securityweek.com/critical-vulnerabilities-found-in-anti-spam-plugin-used-by-200000-wordpress-sites/
The Hacker News:
https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html
#cybersecurity #wordpress #rce
Two critical vulnerabilities in CleanTalk’s anti-spam plugin for WordPress could allow attackers to execute arbitrary code remotely, without authentication, Defiant warns.
The issues, tracked as CVE-2024-10542 and CVE-2024-10781 (CVSS score of 9.8), affect the ‘Spam protection, Anti-Spam, FireWall by CleanTalk’ plugin, which has more than 200,000 active installations.
Both flaws could allow remote, unauthenticated attackers to install and activate arbitrary plugins, including vulnerable plugins that could be exploited for remote code execution (RCE).
See more:
Security Week:
https://www.securityweek.com/critical-vulnerabilities-found-in-anti-spam-plugin-used-by-200000-wordpress-sites/
The Hacker News:
https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html
#cybersecurity #wordpress #rce