Security researchers have uncovered two critical vulnerabilities in CleanTalk’s popular WordPress plugin “Spam protection, Anti-Spam, and FireWall,” potentially exposing over 200,000 websites to severe security risks. These high-severity flaws could enable malicious actors to gain unauthorized administrative access and potentially deploy malware on affected websites.
Understanding the Critical Vulnerabilities
The discovered security flaws, identified as CVE-2024-10542 and CVE-2024-10781, have been assigned a critical severity rating of 9.8 out of 10 on the CVSS scale. This exceptionally high score reflects the significant potential impact on affected WordPress installations, particularly concerning given the plugin’s widespread use in protecting websites from spam comments and malicious registration attempts.
Technical Analysis of the Security Flaws
According to Wordfence’s security analysis, both vulnerabilities stem from authentication bypass issues in the plugin’s core functionality. The first vulnerability (CVE-2024-10542) compromises the remote call handling and plugin installation mechanisms. Attackers can potentially circumvent security checks through IP address and DNS record manipulation, enabling unauthorized plugin installations. This attack vector presents a particularly serious threat as it could allow threat actors to deploy malicious code across vulnerable websites.
Vulnerability Timeline and Patch Deployment
The security timeline reveals a complex remediation process. The initial vulnerability was identified in late October and addressed in version 6.44, released on November 1, 2023. However, this update introduced a second vulnerability (CVE-2024-10781), which also permitted authentication bypasses. The comprehensive fix was finally implemented in version 6.45, released on November 14, 2023.
Current statistics indicate that approximately 50% of active plugin installations remain vulnerable, running outdated versions as of late November 2023. Website administrators are strongly advised to implement immediate updates to CleanTalk version 6.45 or later to mitigate potential security risks. Security best practices recommend conducting regular security audits, maintaining comprehensive logging systems, and implementing robust monitoring solutions to detect and respond to suspicious activities promptly. The severity of these vulnerabilities emphasizes the critical importance of maintaining up-to-date security patches across all WordPress installations and associated plugins.
