WordPress Woes: CleanTalk Plugin Vulnerabilities Leave 100,000 Sites Open to Attack!
CleanTalk’s anti-spam plugin for WordPress had two major vulnerabilities that could let hackers remotely install sketchy plugins. These flaws, affecting over 200,000 users, were resolved with updates. If you have the “Spam protection, Anti-Spam, FireWall by CleanTalk” plugin, update to version 6.45 pronto to avoid unwanted surprises!
Hot Take:
WordPress users, time to put on your digital armor and update those plugins! CleanTalk’s anti-spam plugin is currently playing the role of the unwelcome guest, letting in all sorts of party crashers. It’s a classic case of “who watches the watchmen?” when your spam protector needs protecting. Better patch up, or your website might become a hacker’s playground!
Key Points:
- Two critical vulnerabilities identified in CleanTalk’s anti-spam plugin for WordPress.
- Vulnerabilities tracked as CVE-2024-10542 and CVE-2024-10781 with a CVSS score of 9.8.
- Flaws could allow remote attackers to install and activate arbitrary plugins, potentially leading to remote code execution (RCE).
- Over 200,000 active installations of the affected plugin, with approximately half still vulnerable.
- Users are advised to update to version 6.45 for fixes to both security issues.
Already a member? Log in here