HIGH
CleanTalk
CVE published 2026-06-10
CVE-2026-8071
CVE-2026-8071 is a HIGH-severity vulnerability in the Anti-Spam by CleanTalk. Spam protection WordPress plugin before version 6.79. The plugin does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user (including administrators) views the post. The [truncated]