Security issues

CVE-2023-3601 – Simple Author Box < 2.52 - Contributor+ Arbitrary User Information Disclosure via IDOR (Thief of Creds)

We have discovered a severe security vulnerability in the Simple Author Box plugin (CVE-2023-3601), which puts your WordPress accounts at high risk of being compromised. This vulnerability allows attackers with Contributor-level access or higher to steal sensitive user information, including

Security vulnerability in Anti-Spam by CleanTalk for WordPress prior 6.11

We have fixed a security vulnerability in Anti-Spam by CleanTalk for WordPress. The vulnerability in the plugin can still be exploited in versions till 6.11. You can see the changelog here. You can check the current version of the plugin

Viktor

The Real Person!

Author Viktor acts as a real person and verified as not a bot.

Passed all tests against spam bots. Anti-Spam by CleanTalk.

The Real Person!

Author Viktor acts as a real person and verified as not a bot.

Passed all tests against spam bots. Anti-Spam by CleanTalk.

on The Real Person Badge – the Anti-Spam New FeatureOctober 31, 2024
Bjorn on WPForms spam protection for WordPress in 5 minutesOctober 15, 2024
Almaz M on WPForms spam protection for WordPress in 5 minutesOctober 15, 2024
Bjorn on WPForms spam protection for WordPress in 5 minutesOctober 15, 2024
checkskin on The Real Person Badge – the Anti-Spam New FeatureOctober 12, 2024