CVE-2021-24131

Summary

Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user (admin+).

Affected Software

VendorProductVersion RangeStatus
UnknownAnti-Spam by CleanTalk5.149 < 5.149affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References