cleantalk
Vulnerabilities and Security Researches

Stop Spammers Security | Block Spam Users, Comments, Forms, CVE-2022-4120

CVE, Research URL

CVE-2022-4120

Home page URL

Security reports for Stop Spammers Security | Block Spam Users, Comments, Forms

Application

Stop Spammers Security | Block Spam Users, Comments, Forms

Published on
Dec 26, 2022
Research Description
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6 passes base64 encoded user input to the unserialize() PHP function when CAPTCHA are used as second challenge, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain
Affected versions
max 2022.6.
Status
vulnerable
Previous vulnerability researches
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2023-2488) , Jun 07, 2024
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2021-24517) , Jun 07, 2024
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2021-24245) , Jun 07, 2024
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2023-2489) , Jun 07, 2024
Stop Spammers Security | Block Spam Users, Comments, Forms (CVE-2023-7065) , Jun 07, 2024
New vulnerability
Aruba HiSpeed Cache (CVE-2025-11706) , Feb 27, 2026
Aruba HiSpeed Cache (CVE-2025-11725) , Feb 27, 2026
Aruba HiSpeed Cache (CVE-2026-23694) , Feb 27, 2026
Aruba HiSpeed Cache (CVE-2026-23545) , Feb 27, 2026
Popularis Extra (CVE-2026-25422) , Feb 27, 2026