Lucene search
WpvulndbWPVDB-ID:4F68D896-1CB7-430C-B187-918C9F92005DHistoryMar 30, 2022 - 12:00 a.m.
Spam protection, AntiSpam, FireWall by CleanTalk < 5.174.1 - Reflected Cross-Site Scripting
2022-03-3000:00:00
wpscan.com
11
0.001 Low
EPSS
Percentile
34.0%
The plugin does not not sanitise and escape the page parameter brief outputting it back in attributes in the /wp-admin/edit-comments.php?page=ct_check_spam and Users list dashboard, leading to Reflected Cross-Site Scripting issues
| CPE | Name | Operator | Version |
|---|---|---|---|
| cleantalk-spam-protect | lt | 5.174.1 |
Related
zdt
zdt
WordPress CleanTalk 5.173 Cross Site Scripting Vulnerability
2022-03-30 00:00:00
packetstorm
packetstorm
WordPress CleanTalk 5.173 Cross Site Scripting
2022-03-30 00:00:00
wordfence
wordfence
Reflected XSS in Spam protection, AntiSpam, FireWall by CleanTalk
2022-03-30 13:11:19
cnvd
cnvd
WordPress CleanTalk plugin cross-site scripting vulnerability
2022-04-01 00:00:00
prion
prion
Cross site scripting
2022-04-19 21:15:00
Cross site scripting
2022-04-19 21:15:00
cvelist
cvelist
CVE-2022-28221 CleanTalk AntiSpam <= 5.173 Reflected XSS
2022-04-19 20:26:34
CVE-2022-28222 CleanTalk AntiSpam <= 5.173 Reflected XSS
2022-04-19 20:26:39
patchstack
patchstack
osv
osv
CVE-2022-28221
2022-04-19 21:15:18
CVE-2022-28222
2022-04-19 21:15:18
nvd
nvd
CVE-2022-28221
2022-04-19 21:15:18
CVE-2022-28222
2022-04-19 21:15:18
cve
cve
CVE-2022-28221
2022-04-19 21:15:18
CVE-2022-28222
2022-04-19 21:15:18