cleantalk
Vulnerabilities and Security Researches

Spam protection, Anti-Spam, FireWall by CleanTalk, CVE-2026-8071

CVE, Research URL

CVE-2026-8071

Home page URL

Security reports for Spam protection, Anti-Spam, FireWall by CleanTalk

Application

Spam protection, Anti-Spam, FireWall by CleanTalk

Published on
Jun 10, 2026
Research Description
The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user (including administrators) views the post.
Affected versions
max 6.79.
Status
vulnerable
Previous vulnerability researches
Global Body Mass Index Calculator (CVE-2026-8883) , Jun 11, 2026
New vulnerability
Contact Form by WPForms – Drag & Drop Form Builder for WordPress (CVE-2026-4986) , Jun 11, 2026
Spam protection, Anti-Spam, FireWall by CleanTalk (CVE-2026-8071) , Jun 11, 2026
Recover Exit For WooCommerce (CVE-2026-9662) , Jun 11, 2026
Montonio for WooCommerce (CVE-2026-48873) , Jun 11, 2026
Background Image Cropper (CVE-2024-58348) , Jun 11, 2026