The Wordfence Threat Intelligence team recently reported two separate reflected XSS (Cross-Site Scripting) vulnerabilities in Spam Protection Software, AntiSpam, and Firewall by CleanTalk. CleanTalk, a popular WordPress plugin with over 100,000 installs, is designed to protect websites from spam comments and registrations. A hacker could take over a site if an attack were successful by convincing a site admin to perform an action, such as clicking on a malicious link. The hacker can use JavaScript running in their browser to take over a site. The glitch is feared to affect 1000s of merchant websites. The company has requested its customers to update to their latest version as soon as possible to tackle this snag. A patched version 5.174.1 is available to customers from March 25, 2022.
Two Separate Vulnerabilities Identified in WordPress Plugin CleanTalk
Related Platforms
Our Locations
Recent Case Studies
-
March 15, 2023Highly-customized BigCommerce App for a Leading Fintech Company Offering POS BNPL Services
One thing that separates Virtina from the rest of the eCommerce developers is its ability to work with innovative technologies. We were only happy whe ...
Read More -
February 20, 2023Custom Magento 2 Extension to Facilitate Easy and Convenient BNPL Capability
Magento experts must consider several factors when developing an extension for BNPL (Buy Now Pay Later) payment solutions. Many Magento developers ref ...
Read More -
February 14, 2023
Customized BigCommerce App Development for Implementing Shoppable Videos for an Online Store
Virtina never backs away from a good challenge. One of the challenging projects that we undertook recently was the BigCommerce app development for Fir ...
Read More -
November 22, 2022
Data Migration from Adobe Cloud Platform to WPML Format for an International Financial Services Company Based in the U.S.
Virtina always gets the best kick out of tackling the most challenging projects typically unimaginable by standard companies. We invariably say yes to ...
Read More
