Browse all 3 CVE security advisories affecting СleanTalk - Anti-Spam Protection. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CleanTalk provides anti-spam protection for websites and applications, focusing on comment and form spam prevention. Historically, the service has been associated with multiple cross-site scripting (XSS) vulnerabilities, which allowed attackers to inject malicious scripts into web pages. One critical remote code execution (RCE) vulnerability was also identified, enabling unauthorized system access. These vulnerabilities primarily stemmed from improper input validation and insufficient sanitization of user-supplied data. While no major public security incidents have been widely reported, the presence of three CVEs indicates ongoing security challenges that require regular updates and careful implementation to maintain effective protection against evolving threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-33996 | WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <= 6.10 - Broken Access Control vulnerability — Spam protection, AntiSpam, FireWall by CleanTalkCWE-862 | 8.8 | High | 2024-12-13 |
| CVE-2023-51696 | WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF) — Spam protection, Anti-Spam, FireWall by CleanTalkCWE-352 | 4.3 | Medium | 2024-02-29 |
| CVE-2023-51535 | WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF) — Spam protection, Anti-Spam, FireWall by CleanTalkCWE-352 | 4.3 | Medium | 2024-01-05 |
This page lists every published CVE security advisory associated with СleanTalk - Anti-Spam Protection. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.