VYPR

Security \& Malware Scan

by Cleantalk

Source repositories

CVEs (3)

  • CVE-2020-36698HigOct 20, 2023
    risk 0.57cvss 8.8epss 0.01

    The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative…

  • CVE-2024-10570HigNov 26, 2024
    risk 0.49cvss 7.5epss 0.01

    The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized SQL Injection due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 2.145, as well as insufficient input…

  • CVE-2024-13365Feb 12, 2025
    risk 0.00cvss epss 0.02

    The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file uploads due to the plugin uploading and extracting .zip archives when scanning them for malware through the checkUploadedArchive() function in all versions up to, and including, 2.149.…