Critical 9.8
2026-02-15< 6.72
Spam protection, Honeypot, Anti-Spam by CleanTalk <= 6.71 - Authorization Bypass via Reverse DNS (PTR record) Spoofing to Unauthenticated Arbitrary Plugin Installation
Anti Spam for Contact Forms, Comments & Online Stores – CleanTalk
Minimum safe version
6.72
Update to 6.72 or later to address 16 fixable vulnerabilities
Latest available6.78 ✓
High 8.1
2024-11-26< 6.45
CVE-2024-10781
Critical 9.8
2024-11-26< 6.44
CVE-2024-10542
Medium 4.3
2024-12-27< 6.21
WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)
Medium 4.3
2024-12-27< 6.21
WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)
High 8.8
2024-12-13< 6.11
CVE-2023-33996
N/A
2015-08-25< 5.22
Spam protection, AntiSpam, FireWall by CleanTalk < 5.22 - Reflected Cross-Site Scripting
N/A
< 5.22
Anti-Spam by CleanTalk < 5.22 - Unauthenticated Reflected Cross-Site Scripting (XSS)
High 7.2
2022-10-25< 5.185.1
CVE-2022-3302
N/A
2015-08-25< 5.22
WordPress Spam Protection Plugin <= 5.21 - Cross Site Scripting
N/A
2020-11-20< 5.149
WordPress Anti-Spam by CleanTalk plugin <= 5.148 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities
Medium 6.1
2022-04-19< 5.174.1
CVE-2022-28221
Medium 6.1
2022-04-19< 5.174.1
CVE-2022-28222
Medium 6.1
2019-11-14< 5.127.4
WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <=5.127.3 - Cross-Site Scripting (XSS) vulnerability
High 7.2
2021-03-18< 5.149
CVE-2021-24131
High 7.5
2021-05-17< 5.153.4
CVE-2021-24295