VYPR

CleanTalk AntiSpam

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-8071HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute…

  • CVE-2022-28222Apr 19, 2022
    risk 0.00cvss epss 0.03

    The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`

  • CVE-2022-28221Apr 19, 2022
    risk 0.00cvss epss 0.02

    The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php`