Vulnerability CVE-2022-28222


Published: 2022-04-19

Description:
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`

See advisories in our WLB2 database:
Topic
Author
Date
Low
WordPress CleanTalk 5.173 Cross Site Scripting
Ramuel Gall
01.04.2022

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://www.wordfence.com/blog/2022/03/reflected-xss-in-spam-protection-antispam-firewall-by-cleantalk/

Copyright 2024, cxsecurity.com

 

Back to Top