Vulnerabilities and security researches forpeters-custom-anti-spam-image peters-custom-anti-spam-image
Direction: ascendingJun 07, 2024
Peter’s Custom Anti-Spam # CVE-2023-45759
- CVE, Research URL
- Home page URL
- Application
- Date
- Oct 25, 2023
- Research Description
- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Peter Keung Peter’s Custom Anti-Spam plugin <= 3.2.2 versions.
- Affected versions
-
max 3.2.3.
- Status
-
vulnerable
Peter’s Custom Anti-Spam # CVE-2007-6677
- CVE, Research URL
- Home page URL
- Application
- Date
- Jan 10, 2008
- Research Description
- Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form.
- Affected versions
-
max 1.0.6.
- Status
-
vulnerable
Dec 19, 2024
Peter’s Custom Anti-Spam # CVE-2024-12554
- CVE, Research URL
- Home page URL
- Application
- Date
- Dec 18, 2024
- Research Description
- The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the cas_register_post() function. This makes it possible for unauthenticated attackers to blacklist emails via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
- Affected versions
-
max 3.2.4.
- Status
-
vulnerable
Jun 14, 2026
Peter’s Custom Anti-Spam # e063d400e6d9a909c54fc44fc6cbfa4e677363b8
- CVE, Research URL
- Home page URL
- Application
- Date
- Jan 09, 2008
- Research Description
- Peter’s Custom Anti-Spam [peters-custom-anti-spam-image] <= 1.0.6 (unfixed) WordPress Peter's Random Anti-Spam Image Plugin <= 0.2.4 - XSS Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the comment field in the comment form.
- Affected versions
-
max 1.0.6.
- Status
-
vulnerable