Social Signals

CleanTalk WordPress Plugin Vulnerability Threatens Up To 200K Sites

Posted on by SocialSignalCounter
CleanTalk WordPress Plugin Vulnerability Threatens Up To 200K Sites
16
Feb

An advisory was issued for a essential vulnerability rated 9.8/10 within the CleanTalk Antispam WordPress plugin, put in in over 200,000 web sites. The vulnerability allows unauthenticated attackers to put in susceptible plugins that may then be used to launch distant code execution assaults.

CleanTalk Antispam Plugin

The CleanTalk Antispam plugin is a subscription based mostly software program as a service that protects web sites from inauthentic person actions like spam subscriptions, registrations, kind emails, plus a firewall for blocking unhealthy bots.

As a result of it’s a subscription based mostly plugin it depends on a legitimate API in to achieve out to the CleanTalk servers and that is the a part of the plugin is the place the flaw that enabled the vulnerability was found.

CleanTalk Plugin Vulnerability CVE-2026-1490

The plugin accommodates a WordPress perform that checks if a legitimate API secret is getting used to contact the CleanTalk servers. A WordPress perform is PHP code that performs a selected job.

On this particular case, if the plugin can not validate a connection to CleanTalk’s servers due to an invalid API key, it depends on the checkWithoutToken perform to confirm “trusted” requests.

The issue is that the checkWithoutToken perform doesn’t correctly confirm the id of the requester. An attacker is ready to misrepresent their id as coming from the cleantalk.org area after which launch their assaults. Thus, this vulnerability solely impacts plugins that wouldn’t have a legitimate API key.

The Wordfence advisory describes the vulnerability:

“The Spam safety, Anti-Spam, FireWall by CleanTalk plugin for WordPress is susceptible to unauthorized Arbitrary Plugin Set up as a result of an authorization bypass by way of reverse DNS (PTR report) spoofing on the ‘checkWithoutToken’ perform…”

Really useful Motion

The vulnerability impacts CleanTalk plugin variations as much as an together with 6.71. Wordfence recommends customers replace their installations to the newest model on the time of writing, model 6.72.


#CleanTalk #WordPress #Plugin #Vulnerability #Threatens #200K #Websites

SocialSignalCounter

Leave a Reply

Your email address will not be published. Required fields are marked *