Skip to main content

Security Malware Scan

3 CVEs product

Monthly

CVE-2024-13365 CRITICAL PATCH Act Now

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file uploads due to the plugin uploading and extracting .zip archives when scanning them for malware through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress RCE File Upload Security Malware Scan
NVD
CVSS 3.1
9.8
EPSS
4.2%
CVE-2023-5239 HIGH POC This Week

The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Security Malware Scan
NVD WPScan
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-36698 HIGH POC This Week

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Security Malware Scan
NVD WPScan VulDB
CVSS 3.1
8.8
EPSS
0.3%
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file uploads due to the plugin uploading and extracting .zip archives when scanning them for malware through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress RCE File Upload +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Security Malware Scan
NVD WPScan
EPSS 0% CVSS 8.8
HIGH POC This Week

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Security Malware Scan
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy