CVE-2024-10781
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Nov 26, 2024
CWE ID 703
Summary
CVE-2024-10781 is a vulnerability affecting the Spam protection, Anti-Spam, FireWall plugin by CleanTalk for WordPress. This issue allows unauthenticated attackers to install and activate arbitrary plugins due to a missing empty value check on the 'api_key' value in the 'perform' function. By exploiting this flaw, malicious actors can potentially gain remote code execution if another vulnerable plugin is installed and activated on the targeted WordPress site.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share