Skip to main content

Oopspam Anti Spam

3 CVEs product

Monthly

CVE-2026-32544 HIGH This Week

A Stored Cross-Site Scripting (XSS) vulnerability exists in the OOPSpam Anti-Spam WordPress plugin through version 1.2.62, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of authenticated users and administrators. The vulnerability stems from improper input neutralization during web page generation (CWE-79), enabling attackers to compromise user sessions, steal credentials, or perform actions on behalf of affected users. No CVSS score, EPSS probability, or active exploitation data (KEV status) are currently available, but the Stored XSS classification and WordPress plugin distribution indicate moderate to high real-world risk given the plugin's accessibility and widespread WordPress ecosystem deployment.

XSS Oopspam Anti Spam
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-35913 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.44 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oopspam Anti Spam
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-22716 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oopspam Anti Spam
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 0% CVSS 7.1
HIGH This Week

A Stored Cross-Site Scripting (XSS) vulnerability exists in the OOPSpam Anti-Spam WordPress plugin through version 1.2.62, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of authenticated users and administrators. The vulnerability stems from improper input neutralization during web page generation (CWE-79), enabling attackers to compromise user sessions, steal credentials, or perform actions on behalf of affected users. No CVSS score, EPSS probability, or active exploitation data (KEV status) are currently available, but the Stored XSS classification and WordPress plugin distribution indicate moderate to high real-world risk given the plugin's accessibility and widespread WordPress ecosystem deployment.

XSS Oopspam Anti Spam
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.44 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oopspam Anti Spam
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oopspam Anti Spam
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy