PT-2026-48387 · Undefined · Undefined
Matthew Rollings
·
Published
2026-06-10
·
Updated
2026-06-10
·
CVE-2026-8071
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user (including administrators) views the post.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined