cleantalk
Vulnerabilities and Security Researches

Spam protection, Anti-Spam, FireWall by CleanTalk, CVE-2022-28221

CVE, Research URL

CVE-2022-28221

Home page URL

Security reports for Spam protection, Anti-Spam, FireWall by CleanTalk

Application

Spam protection, Anti-Spam, FireWall by CleanTalk

Published on
Apr 20, 2022
Research Description
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php`
Affected versions
max 5.174.1.
Status
vulnerable
Previous vulnerability researches
Spam protection, Anti-Spam, FireWall by CleanTalk (CVE-2024-10542) , Nov 26, 2024
Spam protection, Anti-Spam, FireWall by CleanTalk (CVE-2024-10781) , Nov 26, 2024
Spam protection, Anti-Spam, FireWall by CleanTalk , Aug 02, 2024
Spam protection, Anti-Spam, FireWall by CleanTalk (CVE-2026-8071) , Jun 11, 2026
Spam protection, Anti-Spam, FireWall by CleanTalk (CVE-2021-24295) , Jun 07, 2024
New vulnerability
Yoast Duplicate Post (CVE-2026-53740) , Jun 11, 2026
Yoast Duplicate Post (CVE-2026-53739) , Jun 11, 2026
Juicer.io: Effortlessly embed, curate, and aggregate social media feeds into your website (CVE-2026-53737) , Jun 11, 2026
UpdraftPlus: WordPress Backup & Migration Plugin (CVE-2026-10795) , Jun 11, 2026
Plugin Name: ePaperFlip Publisher (CVE-2026-7662) , Jun 11, 2026