CleanTalk's blog

Events Manager Spam Protection in 2026

CleanTalk

March 26, 2026

If you use Events Manager to run event listings, bookings, registrations, and attendee management on WordPress, you will eventually face spam: fake bookings, bot registrations, junk attendee submissions, and abusive messages sent through public event-related forms. This guide explains how to set up Events Manager spam protection using: For Events Manager websites, spam is not
Read more

FEEDBACK LOG

Almaz M on Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)
Paul on Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)
How to save resources and to attract more customers for hosting company. – CleanTalk's blog on How Much Server Resources Spam Bots Waste
ImaginePro on How to Stop Profanity and Obscene Words on Your Website
Best reCAPTCHA Alternatives WordPress on reCAPTCHA v3 always returns 0.9 score. Avoid false positives

The Latest

We Have Reset 178 Passwords That Might Have Been Compromised

Security, Security issues

·

September 29, 2023

While monitoring exposed password databases we found a leaked database that contained 178 compromised credentials of CleanTalk users among other data. These emails/passwords were compromised some time ago and after that were used to create a CleanTalk account by their owners. As soon as we found this potential vulnerability – we immediately reset passwords for…
CVE-2023-4795 – Testimonial Slider Shortcode < 1.1.9 - Contributor+ Stored XSS

Security, Security issues

·

September 26, 2023

While evaluating the plugin, we uncovered a vulnerability that permits the execution of Stored Cross-Site Scripting (XSS) on behalf of a contributor. This vulnerability is exploited by inserting a shortcode into a newly created post, potentially resulting in an account takeover. Main info: CVE CVE-2023-4795 Plugin Testimonial Slider Shortcode Critical High Publicly Published September 25,…
CVE-2023-4725 – Simple Posts Ticker < 1.1.6 - Admin+ Stored XSS

Security, Security issues

·

September 26, 2023

During testing, a vulnerability was found that allows, through changing the settings, to implement Stored XSS on all pages where there is a mention of the plugin. This vulnerability is available on behalf of the administrator and allows you to leave javascript “backdoor” when capturing an administrative account, which will allow account takeover. Unfiltered_html capability…
CVE-2023-4646 – Simple Posts Ticker < 1.1.6 - Contributor + Stored XSS via shortcode

Security, Security issues

·

September 26, 2023

While examining the plugin during the testing phase, we uncovered a vulnerability that enables the execution of Stored Cross-Site Scripting (XSS) attacks, accomplished by incorporating a shortcode into a new post. This vulnerability has the potential to lead to the compromise of user accounts, particularly those of contributors. Main info: CVE CVE-2023-4646 Plugin Simple Posts…

Events Manager Spam Protection in 2026

FEEDBACK LOG

The Latest

Formidable Forms Spam Protection in 2026

CleanTalk Releases version 1.6. Update for the MyBB Anti-Spam Plugin

HivePress Spam Protection in 2026

Is zekisuquc419@gmail.com Spam Bot? How to Stop It

Performance Update: Slow load times on some sites, fix in progress

Standard WordPress Registration Forms Spam Protection Guide in 2026

We Have Reset 178 Passwords That Might Have Been Compromised

CVE-2023-4795 – Testimonial Slider Shortcode < 1.1.9 - Contributor+ Stored XSS

CVE-2023-4725 – Simple Posts Ticker < 1.1.6 - Admin+ Stored XSS

CVE-2023-4646 – Simple Posts Ticker < 1.1.6 - Contributor + Stored XSS via shortcode

CleanTalk

Anti-Spam

Security