Vulnerability Details CVE-2024-10542
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.636
EPSS Ranking 98.3%
CVSS Severity
CVSS v3 Score 9.8
References
- https://plugins.trac.wordpress.org/browser/cleantalk-spam-protect/tags/6.43.2/lib/Cleantalk/ApbctWP/RemoteCalls.php#L41
- https://plugins.trac.wordpress.org/changeset/3179819/cleantalk-spam-protect#file631
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d7eb5fad-bb62-4f0b-ad52-b16c3e442b62?source=cve
Products affected by CVE-2024-10542
-
cpe:2.3:a:cleantalk:anti-spam:5.133
-
cpe:2.3:a:cleantalk:anti-spam:5.133.1
-
cpe:2.3:a:cleantalk:anti-spam:5.133.2
-
cpe:2.3:a:cleantalk:anti-spam:5.134
-
cpe:2.3:a:cleantalk:anti-spam:5.135
-
cpe:2.3:a:cleantalk:anti-spam:5.136
-
cpe:2.3:a:cleantalk:anti-spam:5.136.1
-
cpe:2.3:a:cleantalk:anti-spam:5.136.2
-
cpe:2.3:a:cleantalk:anti-spam:5.136.3
-
cpe:2.3:a:cleantalk:anti-spam:5.136.4
-
cpe:2.3:a:cleantalk:anti-spam:5.137
-
cpe:2.3:a:cleantalk:anti-spam:5.137.1
-
cpe:2.3:a:cleantalk:anti-spam:5.138
-
cpe:2.3:a:cleantalk:anti-spam:5.138.1
-
cpe:2.3:a:cleantalk:anti-spam:5.139
-
cpe:2.3:a:cleantalk:anti-spam:5.140
-
cpe:2.3:a:cleantalk:anti-spam:5.140.1
-
cpe:2.3:a:cleantalk:anti-spam:5.141
-
cpe:2.3:a:cleantalk:anti-spam:5.141.1
-
cpe:2.3:a:cleantalk:anti-spam:5.141.2
-
cpe:2.3:a:cleantalk:anti-spam:5.141.3
-
cpe:2.3:a:cleantalk:anti-spam:5.142
-
cpe:2.3:a:cleantalk:anti-spam:5.142.1
-
cpe:2.3:a:cleantalk:anti-spam:5.142.2
-
cpe:2.3:a:cleantalk:anti-spam:5.143
-
cpe:2.3:a:cleantalk:anti-spam:5.143.1
-
cpe:2.3:a:cleantalk:anti-spam:5.144
-
cpe:2.3:a:cleantalk:anti-spam:5.145
-
cpe:2.3:a:cleantalk:anti-spam:5.145.1
-
cpe:2.3:a:cleantalk:anti-spam:5.145.2
-
cpe:2.3:a:cleantalk:anti-spam:5.146
-
cpe:2.3:a:cleantalk:anti-spam:5.146.1
-
cpe:2.3:a:cleantalk:anti-spam:5.147
-
cpe:2.3:a:cleantalk:anti-spam:5.147.1
-
cpe:2.3:a:cleantalk:anti-spam:5.148
-
cpe:2.3:a:cleantalk:anti-spam:5.149
-
cpe:2.3:a:cleantalk:anti-spam:5.150
-
cpe:2.3:a:cleantalk:anti-spam:5.150.1
-
cpe:2.3:a:cleantalk:anti-spam:5.151
-
cpe:2.3:a:cleantalk:anti-spam:5.151.1
-
cpe:2.3:a:cleantalk:anti-spam:5.151.2
-
cpe:2.3:a:cleantalk:anti-spam:5.151.3
-
cpe:2.3:a:cleantalk:anti-spam:5.151.4
-
cpe:2.3:a:cleantalk:anti-spam:5.152
-
cpe:2.3:a:cleantalk:anti-spam:5.152.1
-
cpe:2.3:a:cleantalk:anti-spam:5.152.2
-
cpe:2.3:a:cleantalk:anti-spam:5.152.3
-
cpe:2.3:a:cleantalk:anti-spam:5.152.4
-
cpe:2.3:a:cleantalk:anti-spam:5.152.5
-
cpe:2.3:a:cleantalk:anti-spam:5.153
-
cpe:2.3:a:cleantalk:anti-spam:5.153.1
-
cpe:2.3:a:cleantalk:anti-spam:5.153.2
-
cpe:2.3:a:cleantalk:anti-spam:5.153.3
-
cpe:2.3:a:cleantalk:anti-spam:5.153.4
-
cpe:2.3:a:cleantalk:anti-spam:5.153.5
-
cpe:2.3:a:cleantalk:anti-spam:5.153.6
-
cpe:2.3:a:cleantalk:anti-spam:5.153.7
-
cpe:2.3:a:cleantalk:anti-spam:5.154
-
cpe:2.3:a:cleantalk:anti-spam:5.155
-
cpe:2.3:a:cleantalk:anti-spam:5.155.1
-
cpe:2.3:a:cleantalk:anti-spam:5.155.2
-
cpe:2.3:a:cleantalk:anti-spam:5.156
-
cpe:2.3:a:cleantalk:anti-spam:5.157
-
cpe:2.3:a:cleantalk:anti-spam:5.157.1
-
cpe:2.3:a:cleantalk:anti-spam:5.157.2
-
cpe:2.3:a:cleantalk:anti-spam:5.158
-
cpe:2.3:a:cleantalk:anti-spam:5.158.1
-
cpe:2.3:a:cleantalk:anti-spam:5.159
-
cpe:2.3:a:cleantalk:anti-spam:5.159.1
-
cpe:2.3:a:cleantalk:anti-spam:5.159.2
-
cpe:2.3:a:cleantalk:anti-spam:5.159.3
-
cpe:2.3:a:cleantalk:anti-spam:5.159.4
-
cpe:2.3:a:cleantalk:anti-spam:5.159.5
-
cpe:2.3:a:cleantalk:anti-spam:5.159.6
-
cpe:2.3:a:cleantalk:anti-spam:5.159.7
-
cpe:2.3:a:cleantalk:anti-spam:5.159.8
-
cpe:2.3:a:cleantalk:anti-spam:5.159.9
-
cpe:2.3:a:cleantalk:anti-spam:5.16
-
cpe:2.3:a:cleantalk:anti-spam:5.160
-
cpe:2.3:a:cleantalk:anti-spam:5.160.1
-
cpe:2.3:a:cleantalk:anti-spam:5.160.2
-
cpe:2.3:a:cleantalk:anti-spam:5.160.3
-
cpe:2.3:a:cleantalk:anti-spam:5.161
-
cpe:2.3:a:cleantalk:anti-spam:5.161.1
-
cpe:2.3:a:cleantalk:anti-spam:5.162
-
cpe:2.3:a:cleantalk:anti-spam:5.163
-
cpe:2.3:a:cleantalk:anti-spam:5.163.1
-
cpe:2.3:a:cleantalk:anti-spam:5.164
-
cpe:2.3:a:cleantalk:anti-spam:5.164.1
-
cpe:2.3:a:cleantalk:anti-spam:5.165
-
cpe:2.3:a:cleantalk:anti-spam:5.165.1
-
cpe:2.3:a:cleantalk:anti-spam:5.166
-
cpe:2.3:a:cleantalk:anti-spam:5.167
-
cpe:2.3:a:cleantalk:anti-spam:5.168
-
cpe:2.3:a:cleantalk:anti-spam:5.168.1
-
cpe:2.3:a:cleantalk:anti-spam:5.169
-
cpe:2.3:a:cleantalk:anti-spam:5.169.1
-
cpe:2.3:a:cleantalk:anti-spam:5.17
-
cpe:2.3:a:cleantalk:anti-spam:5.170
-
cpe:2.3:a:cleantalk:anti-spam:5.171
-
cpe:2.3:a:cleantalk:anti-spam:5.171.1
-
cpe:2.3:a:cleantalk:anti-spam:5.171.2
-
cpe:2.3:a:cleantalk:anti-spam:5.172
-
cpe:2.3:a:cleantalk:anti-spam:5.173
-
cpe:2.3:a:cleantalk:anti-spam:5.174
-
cpe:2.3:a:cleantalk:anti-spam:5.174.1
-
cpe:2.3:a:cleantalk:anti-spam:5.175
-
cpe:2.3:a:cleantalk:anti-spam:5.176
-
cpe:2.3:a:cleantalk:anti-spam:5.177
-
cpe:2.3:a:cleantalk:anti-spam:5.177.1
-
cpe:2.3:a:cleantalk:anti-spam:5.177.2
-
cpe:2.3:a:cleantalk:anti-spam:5.178
-
cpe:2.3:a:cleantalk:anti-spam:5.179
-
cpe:2.3:a:cleantalk:anti-spam:5.179.1
-
cpe:2.3:a:cleantalk:anti-spam:5.18
-
cpe:2.3:a:cleantalk:anti-spam:5.180
-
cpe:2.3:a:cleantalk:anti-spam:5.180.1
-
cpe:2.3:a:cleantalk:anti-spam:5.180.2
-
cpe:2.3:a:cleantalk:anti-spam:5.181
-
cpe:2.3:a:cleantalk:anti-spam:5.182
-
cpe:2.3:a:cleantalk:anti-spam:5.182.1
-
cpe:2.3:a:cleantalk:anti-spam:5.182.2
-
cpe:2.3:a:cleantalk:anti-spam:5.183
-
cpe:2.3:a:cleantalk:anti-spam:5.184
-
cpe:2.3:a:cleantalk:anti-spam:5.185
-
cpe:2.3:a:cleantalk:anti-spam:5.185.1
-
cpe:2.3:a:cleantalk:anti-spam:5.186
-
cpe:2.3:a:cleantalk:anti-spam:5.187
-
cpe:2.3:a:cleantalk:anti-spam:5.188
-
cpe:2.3:a:cleantalk:anti-spam:5.189
-
cpe:2.3:a:cleantalk:anti-spam:5.189.1
-
cpe:2.3:a:cleantalk:anti-spam:5.19
-
cpe:2.3:a:cleantalk:anti-spam:5.2
-
cpe:2.3:a:cleantalk:anti-spam:5.20
-
cpe:2.3:a:cleantalk:anti-spam:5.21
-
cpe:2.3:a:cleantalk:anti-spam:5.22
-
cpe:2.3:a:cleantalk:anti-spam:5.23
-
cpe:2.3:a:cleantalk:anti-spam:5.24
-
cpe:2.3:a:cleantalk:anti-spam:5.24.1
-
cpe:2.3:a:cleantalk:anti-spam:5.25.1
-
cpe:2.3:a:cleantalk:anti-spam:5.25.2
-
cpe:2.3:a:cleantalk:anti-spam:5.26
-
cpe:2.3:a:cleantalk:anti-spam:5.27
-
cpe:2.3:a:cleantalk:anti-spam:5.28
-
cpe:2.3:a:cleantalk:anti-spam:5.28.7
-
cpe:2.3:a:cleantalk:anti-spam:5.29
-
cpe:2.3:a:cleantalk:anti-spam:5.3
-
cpe:2.3:a:cleantalk:anti-spam:5.30
-
cpe:2.3:a:cleantalk:anti-spam:5.31
-
cpe:2.3:a:cleantalk:anti-spam:5.31.1
-
cpe:2.3:a:cleantalk:anti-spam:5.32
-
cpe:2.3:a:cleantalk:anti-spam:5.33
-
cpe:2.3:a:cleantalk:anti-spam:5.33.1
-
cpe:2.3:a:cleantalk:anti-spam:5.34
-
cpe:2.3:a:cleantalk:anti-spam:5.34.1
-
cpe:2.3:a:cleantalk:anti-spam:5.35
-
cpe:2.3:a:cleantalk:anti-spam:5.36
-
cpe:2.3:a:cleantalk:anti-spam:5.36.1
-
cpe:2.3:a:cleantalk:anti-spam:5.37.3
-
cpe:2.3:a:cleantalk:anti-spam:5.38.1
-
cpe:2.3:a:cleantalk:anti-spam:5.39.1
-
cpe:2.3:a:cleantalk:anti-spam:5.4
-
cpe:2.3:a:cleantalk:anti-spam:5.40
-
cpe:2.3:a:cleantalk:anti-spam:5.40.1
-
cpe:2.3:a:cleantalk:anti-spam:5.40.2
-
cpe:2.3:a:cleantalk:anti-spam:5.40.3
-
cpe:2.3:a:cleantalk:anti-spam:5.41
-
cpe:2.3:a:cleantalk:anti-spam:5.42
-
cpe:2.3:a:cleantalk:anti-spam:5.43
-
cpe:2.3:a:cleantalk:anti-spam:5.43.1
-
cpe:2.3:a:cleantalk:anti-spam:5.43.2
-
cpe:2.3:a:cleantalk:anti-spam:5.44.1
-
cpe:2.3:a:cleantalk:anti-spam:5.45
-
cpe:2.3:a:cleantalk:anti-spam:5.45.1
-
cpe:2.3:a:cleantalk:anti-spam:5.45.2
-
cpe:2.3:a:cleantalk:anti-spam:5.46
-
cpe:2.3:a:cleantalk:anti-spam:5.47
-
cpe:2.3:a:cleantalk:anti-spam:5.48
-
cpe:2.3:a:cleantalk:anti-spam:5.49
-
cpe:2.3:a:cleantalk:anti-spam:5.49.1
-
cpe:2.3:a:cleantalk:anti-spam:5.49.2
-
cpe:2.3:a:cleantalk:anti-spam:5.50
-
cpe:2.3:a:cleantalk:anti-spam:5.50.1
-
cpe:2.3:a:cleantalk:anti-spam:5.51
-
cpe:2.3:a:cleantalk:anti-spam:5.52.1
-
cpe:2.3:a:cleantalk:anti-spam:5.53
-
cpe:2.3:a:cleantalk:anti-spam:5.53.1
-
cpe:2.3:a:cleantalk:anti-spam:5.54
-
cpe:2.3:a:cleantalk:anti-spam:5.55
-
cpe:2.3:a:cleantalk:anti-spam:5.56
-
cpe:2.3:a:cleantalk:anti-spam:5.56.1
-
cpe:2.3:a:cleantalk:anti-spam:5.57
-
cpe:2.3:a:cleantalk:anti-spam:5.57.1
-
cpe:2.3:a:cleantalk:anti-spam:5.58
-
cpe:2.3:a:cleantalk:anti-spam:5.58.1
-
cpe:2.3:a:cleantalk:anti-spam:5.58.2
-
cpe:2.3:a:cleantalk:anti-spam:5.58.3
-
cpe:2.3:a:cleantalk:anti-spam:5.58.4
-
cpe:2.3:a:cleantalk:anti-spam:5.58.5
-
cpe:2.3:a:cleantalk:anti-spam:5.58.6
-
cpe:2.3:a:cleantalk:anti-spam:5.59
-
cpe:2.3:a:cleantalk:anti-spam:5.6
-
cpe:2.3:a:cleantalk:anti-spam:5.60
-
cpe:2.3:a:cleantalk:anti-spam:5.60.1
-
cpe:2.3:a:cleantalk:anti-spam:5.61
-
cpe:2.3:a:cleantalk:anti-spam:5.62
-
cpe:2.3:a:cleantalk:anti-spam:5.63
-
cpe:2.3:a:cleantalk:anti-spam:5.64
-
cpe:2.3:a:cleantalk:anti-spam:5.65
-
cpe:2.3:a:cleantalk:anti-spam:5.66
-
cpe:2.3:a:cleantalk:anti-spam:5.67
-
cpe:2.3:a:cleantalk:anti-spam:5.67.1
-
cpe:2.3:a:cleantalk:anti-spam:5.67.2
-
cpe:2.3:a:cleantalk:anti-spam:5.67.3
-
cpe:2.3:a:cleantalk:anti-spam:5.68
-
cpe:2.3:a:cleantalk:anti-spam:5.69
-
cpe:2.3:a:cleantalk:anti-spam:5.7
-
cpe:2.3:a:cleantalk:anti-spam:5.70
-
cpe:2.3:a:cleantalk:anti-spam:5.70.1
-
cpe:2.3:a:cleantalk:anti-spam:5.70.2
-
cpe:2.3:a:cleantalk:anti-spam:5.71
-
cpe:2.3:a:cleantalk:anti-spam:5.72
-
cpe:2.3:a:cleantalk:anti-spam:5.73
-
cpe:2.3:a:cleantalk:anti-spam:5.74
-
cpe:2.3:a:cleantalk:anti-spam:5.74.1
-
cpe:2.3:a:cleantalk:anti-spam:5.74.2
-
cpe:2.3:a:cleantalk:anti-spam:5.75
-
cpe:2.3:a:cleantalk:anti-spam:5.76
-
cpe:2.3:a:cleantalk:anti-spam:5.77
-
cpe:2.3:a:cleantalk:anti-spam:5.78
-
cpe:2.3:a:cleantalk:anti-spam:5.79
-
cpe:2.3:a:cleantalk:anti-spam:5.8
-
cpe:2.3:a:cleantalk:anti-spam:5.80
-
cpe:2.3:a:cleantalk:anti-spam:5.81
-
cpe:2.3:a:cleantalk:anti-spam:5.82
-
cpe:2.3:a:cleantalk:anti-spam:5.82.1
-
cpe:2.3:a:cleantalk:anti-spam:5.83
-
cpe:2.3:a:cleantalk:anti-spam:5.83.1
-
cpe:2.3:a:cleantalk:anti-spam:5.83.2
-
cpe:2.3:a:cleantalk:anti-spam:5.84
-
cpe:2.3:a:cleantalk:anti-spam:5.85
-
cpe:2.3:a:cleantalk:anti-spam:5.86
-
cpe:2.3:a:cleantalk:anti-spam:5.87
-
cpe:2.3:a:cleantalk:anti-spam:5.88
-
cpe:2.3:a:cleantalk:anti-spam:5.89
-
cpe:2.3:a:cleantalk:anti-spam:5.9
-
cpe:2.3:a:cleantalk:anti-spam:5.90
-
cpe:2.3:a:cleantalk:anti-spam:5.91
-
cpe:2.3:a:cleantalk:anti-spam:5.92
-
cpe:2.3:a:cleantalk:anti-spam:5.92.1
-
cpe:2.3:a:cleantalk:anti-spam:5.92.2
-
cpe:2.3:a:cleantalk:anti-spam:5.93
-
cpe:2.3:a:cleantalk:anti-spam:5.93.1
-
cpe:2.3:a:cleantalk:anti-spam:5.94
-
cpe:2.3:a:cleantalk:anti-spam:5.95
-
cpe:2.3:a:cleantalk:anti-spam:5.95.1
-
cpe:2.3:a:cleantalk:anti-spam:5.96
-
cpe:2.3:a:cleantalk:anti-spam:5.97
-
cpe:2.3:a:cleantalk:anti-spam:5.98
-
cpe:2.3:a:cleantalk:anti-spam:5.99
-
cpe:2.3:a:cleantalk:anti-spam:5.99.1
-
cpe:2.3:a:cleantalk:anti-spam:6.0
-
cpe:2.3:a:cleantalk:anti-spam:6.0.1
-
cpe:2.3:a:cleantalk:anti-spam:6.1
-
cpe:2.3:a:cleantalk:anti-spam:6.10
-
cpe:2.3:a:cleantalk:anti-spam:6.11
-
cpe:2.3:a:cleantalk:anti-spam:6.11.1
-
cpe:2.3:a:cleantalk:anti-spam:6.11.2
-
cpe:2.3:a:cleantalk:anti-spam:6.12
-
cpe:2.3:a:cleantalk:anti-spam:6.13
-
cpe:2.3:a:cleantalk:anti-spam:6.14
-
cpe:2.3:a:cleantalk:anti-spam:6.14.1
-
cpe:2.3:a:cleantalk:anti-spam:6.14.2
-
cpe:2.3:a:cleantalk:anti-spam:6.15
-
cpe:2.3:a:cleantalk:anti-spam:6.16
-
cpe:2.3:a:cleantalk:anti-spam:6.17
-
cpe:2.3:a:cleantalk:anti-spam:6.18
-
cpe:2.3:a:cleantalk:anti-spam:6.19
-
cpe:2.3:a:cleantalk:anti-spam:6.19.1
-
cpe:2.3:a:cleantalk:anti-spam:6.2
-
cpe:2.3:a:cleantalk:anti-spam:6.2.1
-
cpe:2.3:a:cleantalk:anti-spam:6.20
-
cpe:2.3:a:cleantalk:anti-spam:6.21
-
cpe:2.3:a:cleantalk:anti-spam:6.22
-
cpe:2.3:a:cleantalk:anti-spam:6.23
-
cpe:2.3:a:cleantalk:anti-spam:6.24
-
cpe:2.3:a:cleantalk:anti-spam:6.3
-
cpe:2.3:a:cleantalk:anti-spam:6.3.1
-
cpe:2.3:a:cleantalk:anti-spam:6.4
-
cpe:2.3:a:cleantalk:anti-spam:6.4.1
-
cpe:2.3:a:cleantalk:anti-spam:6.5
-
cpe:2.3:a:cleantalk:anti-spam:6.6
-
cpe:2.3:a:cleantalk:anti-spam:6.7
-
cpe:2.3:a:cleantalk:anti-spam:6.8
-
cpe:2.3:a:cleantalk:anti-spam:6.9
-
cpe:2.3:a:cleantalk:anti-spam:6.9.1
-
cpe:2.3:a:cleantalk:anti-spam:6.9.2