The Wordfence Threat Intelligence team has reported on two separate vulnerabilities in Spam protection, AntiSpam, FireWall by CleanTalk, a WordPress plugin with over 100,000 installations. These were both reflected Cross-Site scripting vulnerabilities which could be used for site takeover if an attacker could successfully trick a site administrator into performing an action, such as clicking a link.

We strongly recommend updating to the latest version available, 5.174.1, as soon as possible.

For more information, please check the official public release.

If you have questions, don’t hesitate to contact our support team.

People that read this article also liked

Critical Vulnerabilities Found on PageLayer Page Builder Plugin Critical Security Flaw in outdated WooCommerce NAB Transact Plugin WordPress Websites Security Breach – Outbreak of Malicious File Attacks WooCommerce 5.0 Has Landed