CRITICAL🇵🇱 Wersja polska

CVE-2024-10542

CVSS 9.8v3.1pub. 2024-11-26upd. 2025-07-12

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.

🤖 AI Analysis
How it works

The vulnerability results from an error in the checkWithoutToken function, where the authorization mechanism can be bypassed through reverse DNS spoofing. The attacker manipulates the DNS response to falsely authenticate the request as coming from a trusted source. As a result, it is possible to install and activate any plugin without having any permissions on the WordPress site. If a plugin installed this way contains its own vulnerabilities, the attacker can escalate the attack to RCE level.

Impact

An unauthenticated attacker can install and activate arbitrary WordPress plugins, which when a vulnerable plugin is installed, enables remote code execution (RCE) capability and complete server takeover.

Mitigation & patch

The plugin must be updated immediately to a version higher than 6.43.2. A patch is available in the WordPress repository under changeset 3179819. Until the update is applied, it is recommended to monitor the list of installed plugins for unauthorized changes.

Who is affected

The plugin 'Spam protection, Anti-Spam, FireWall by CleanTalk' for WordPress — all versions up to and including 6.43.2.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cleantalk Anti Spam

    APP
    Cleantalk
    < 6.44
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEAuth BypassFirewall
CWE
References

Related vulnerabilities

CVE-2021-24131HIGH7.2ten sam produkt

Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple auth...

CVE-2026-3213MEDIUM4.7ten sam produkt

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal A...

CVE-2023-51696MEDIUM4.3ten sam produkt

Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam...

CVE-2024-13365CRITICAL9.8PL ✓ten sam vendor

Nieuwierzytelniony upload plików w pluginie CleanTalk Security & Malware Scan dla WordPress

CVE-2024-10781HIGH8.1ten sam vendor

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbit...