The Wordfence Threat Intelligence team recently reported two separate reflected XSS (Cross-Site Scripting) vulnerabilities in Spam Protection Software, AntiSpam, and Firewall by CleanTalk. CleanTalk, a popular WordPress plugin with over 100,000 installs, is designed to protect websites from spam comments and registrations. A hacker could take over a site if an attack were successful by convincing a site admin to perform an action, such as clicking on a malicious link. The hacker can use JavaScript running in their browser to take over a site. The glitch is feared to affect 1000s of merchant websites. The company has requested its customers to update to their latest version as soon as possible to tackle this snag. A patched version 5.174.1 is available to customers from March 25, 2022.
Two Separate Vulnerabilities Identified in WordPress Plugin CleanTalk
Related Platforms
Our Locations
Recent Case Studies
-
August 11, 2023Combining Content and Commerce Capabilities of Magento and WordPress for an Energy Service Provider
Everyone in the eCommerce circle has heard the slogan "content is king" at least once. Of course, even a king has his limitations without his army. In ...
Read More -
July 13, 2023Query Time Optimization With Custom Coding for a Boat Kit Company on WooCommerce
Virtina helps eCommerce store owners get the most out of their online business. It is what we do best. So, it is no wonder we were the first choice fo ...
Read More -
June 30, 2023Custom Amazon Buy With Prime Integration for a Footwear Store on Volusion
Volusion is one of the most robust eCommerce platforms for running an online business. It can support just about any eCommerce capability you want. Ho ...
Read More -
June 06, 2023Customization of WooCommerce Plugin and Marketplace Release for a Non-profit Fintech Solution Provider
Creating a custom plugin for WooCommerce stores is often more complex than you think. Many organizations need to understand the complexities of the pr ...
Read More
