CVE ID :CVE-2026-8071 Published : June 10, 2026, 7:16 a.m. | 5 hours, 59 minutes ago Description :The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-8071 - Spam protection, Honeypot, Anti-Spam by CleanTalk < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass

VERWANDTEARTIKEL

CVE-2026-49759 - Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

CVE-2026-46558 - Plane: Cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces

CVE-2026-45569 - Roxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)

CVE-2026-45565 - Roxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)

CVE-2026-45567 - Roxy-WI: Authentication bypass via 'api' substring in URL + unauthenticated /api/gpt

CVE-2026-45656