CleanTalk's blog

Collect Website Feedback Directly on Your Pages: A New Tool from the CleanTalk Team

CleanTalk, doBoard, News and Updates

April 21, 2026

Spotfix is a new lightweight on-page feedback widget from the CleanTalk team. Collect bug reports, fix requests, and page-specific comments directly on your website, and turn them into tasks with full context.
Read more

FEEDBACK LOG

Flamingo Spam Protection in 2026: Stop Contact Form 7 Spam on How to Stop Spam in Contact Form 7: Best Protection Methods in 2026
Almaz M on Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)
Paul on Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)
How to save resources and to attract more customers for hosting company. – CleanTalk's blog on How Much Server Resources Spam Bots Waste
ImaginePro on How to Stop Profanity and Obscene Words on Your Website

The Latest

CVE-2023-4798 – User Avatar – Reloaded < 1.2.2 - Contributor+ Stored XSS

Security, Security issues

·

September 26, 2023

During the plugin’s testing phase, a vulnerability was identified that enables the execution of Stored XSS by an attacker who embeds a shortcode in a new post, potentially leading to an account takeover. Main info: CVE CVE-2023-4798 Plugin User Avatar – Reloaded Critical High Publicly Published September 25, 2023 Last Updated September 25, 2023 Researcher…
CVE-2023-4933 – WP Job Openings < 3.4.3 – Sensitive Data Exposure via Directory Listing

Security, Security issues

·

September 26, 2023

During testing, a critical vulnerability was discovered in the plugin, namely a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users…
CVE-2023-4289 – WP Matterport Shortcode < 2.1.8 - Contributor+ Stored XSS via shortcode

Security, Security issues

·

September 26, 2023

In the process of testing the plugin, a vulnerability was found that allows you to implement Stored XSS on behalf of the contributor by embedding the shortcode in a new post, which entails account takeover Main info: CVE CVE-2023-4289 Plugin WP Matterport Shortcode Critical High Publicly Published September 25, 2023 Last Updated September 25, 2023…
Plugin Security Certification: “WP Reset” – Version 1.97: Fortifying WordPress Security

Security

·

September 21, 2023

In the realm of WordPress development, security is paramount. Enter the “WP Reset” plugin, specifically version 1.97, which stands as a testament to the importance of safeguarding your WordPress site against vulnerabilities. In this article, we delve into how this plugin not only empowers users to reset their website but does so with a heightened…

Collect Website Feedback Directly on Your Pages: A New Tool from the CleanTalk Team

FEEDBACK LOG

The Latest

Klaviyo Web Forms Spam Protection in 2026

HappyForms Spam Protection in 2026. How to Stop Fake Messages, Bot Submissions, and Junk Entries

Flamingo Spam Protection in 2026. How to Protect Contact Form 7 Messages and Stored Submissions

WooCommerce: How to Stop Fake Orders and Spam Signups

7 Ways to Prevent Fake Registrations on WordPress (with CleanTalk)

How to Stop Spam in Contact Form 7: Best Protection Methods in 2026

CVE-2023-4798 – User Avatar – Reloaded < 1.2.2 - Contributor+ Stored XSS

CVE-2023-4933 – WP Job Openings < 3.4.3 – Sensitive Data Exposure via Directory Listing

CVE-2023-4289 – WP Matterport Shortcode < 2.1.8 - Contributor+ Stored XSS via shortcode

Plugin Security Certification: “WP Reset” – Version 1.97: Fortifying WordPress Security

CleanTalk

Anti-Spam

Security