CRITICAL🇵🇱 Wersja polska

CVE-2024-13365

CVSS 9.8v3.1pub. 2025-02-12upd. 2025-02-25

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file uploads due to the plugin uploading and extracting .zip archives when scanning them for malware through the checkUploadedArchive() function in all versions up to, and including, 2.149. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

🤖 AI Analysis
How it works

The checkUploadedArchive() function responsible for scanning uploaded archives for malware uploads and extracts .zip archives without proper content verification or user authentication. An attacker can upload a crafted .zip archive containing arbitrary files — including server-side scripts — which will be extracted into the website's directory structure. The lack of verification of file types and contents of uploaded files (CWE-434) makes the protection mechanism become an attack vector.

Impact

An attacker without any authentication can place arbitrary files on the server, which in practice can lead to remote code execution (RCE), takeover of the website and potentially the entire hosting server.

Mitigation & patch

The Security & Malware scan by CleanTalk plugin should be updated to version 2.150 or newer as soon as possible. A fix is available in the official WordPress repository (changeset 3229205). Until the update is applied, it is recommended to consider temporarily disabling the plugin.

Who is affected

Security & Malware scan by CleanTalk plugin for WordPress — all versions up to and including 2.149.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cleantalk Security \& Malware Scan

    APP
    Cleantalk
    < 2.150
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2023-5239HIGH7.5ten sam produkt

The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from pote...

CVE-2020-36698HIGH8.8ten sam produkt

The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction i...

CVE-2024-10542CRITICAL9.8PL ✓ten sam vendor

CleanTalk Anti-Spam: nieautoryzowana instalacja wtyczek przez bypass autoryzacji

CVE-2024-10781HIGH8.1ten sam vendor

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbit...

CVE-2022-3302HIGH7.2ten sam vendor

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids bef...