-
GiveWP – Spam Protection guide in 2026. Stop spam donations!
CleanTalk has added spam protection for GiveWP using direct form integration. This makes it a good opportunity to explore how to protect GiveWP against spam submissions using both built-in anti-spam tools integrated into the plugin core and third-party solutions. We will start with CleanTalk and then move on to Akismet, Google reCAPTCHA, Cloudflare Turnstile, honeypot
FEEDBACK LOG
The Latest
-
Plugin Security Certification: “File Manager Pro” — Filester Version 1.8.1: Enhanced Security
·
Security is paramount in the world of WordPress plugins, and we are excited to bring you the latest on the “File Manager Pro — Filester” plugin version 1.8.1. In this article, we delve into the recent security improvements in this plugin, highlighting its enhanced safety. We’ll also touch on a previous vulnerability, CVE-2023-4827, which has…
-
Plugin Security Certification: “Simple Author Box” Version 6.3.1: Security at the Forefront
·
In the world of WordPress, there are hundreds of thousands of plugins, and security plays a crucial role in ensuring the smooth operation of your website. In this article, we present an overview of the “Simple Author Box” plugin version 6.3.1 and some exciting news: it has undergone rigorous security testing and has earned the…
-
CVE-2023-4827 – File Manager Pro < 1.8 - Remote Code Execution via CSRF
During testing of the plugin, a CSRF vulnerability was discovered in action=rename, which can lead to denial of service and theft of the password from the database, thereby allowing an attacker to get inside the web application and gain a foothold in it. Replace any data in the database and do everything that an administrator…
-
CVE-2023-3664 – FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access
During a security assessment of the FileOrganizer plugin, a medium vulnerability was uncovered in versions up to and including 1.0.2. This vulnerability allows an attacker to manipulate the plugin’s root folder, potentially compromising the security of the entire system. The plugin does not restrict functionality on multisite instances, allowing site admins to gain full control…