CVE-2023-51696
high
CVSS v3
8.8
CVSS v2
—
VIR risk
8.8
Description
Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.
Predictions
Exploit likelihood
92%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cleantalk | anti-spam | {"endExcluding":"6.21"} | 6.21 |
References
- https://patchstack.com/database/vulnerability/cleantalk-spam-protect/wordpress-spam-protection-antispam-firewall-by-cleantalk-anti-spam-plugin-6-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/cleantalk-spam-protect/wordpress-spam-protection-antispam-firewall-by-cleantalk-anti-spam-plugin-6-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
CWEs
CWE-352
Verify integrity in audit chain (admin only). AS-IS.