CVE-2024-10781

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Nov 26, 2024
CWE ID 703

Summary

CVE-2024-10781 is a vulnerability affecting the Spam protection, Anti-Spam, FireWall plugin by CleanTalk for WordPress. This issue allows unauthenticated attackers to install and activate arbitrary plugins due to a missing empty value check on the 'api_key' value in the 'perform' function. By exploiting this flaw, malicious actors can potentially gain remote code execution if another vulnerable plugin is installed and activated on the targeted WordPress site.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share