CVE-2026-8071

{"id": "CVE-2026-8071", "cveTags": [], "metrics": {}, "published": "2026-06-10T07:16:25.373", "references": [{"url": "https://wpscan.com/vulnerability/0d4635b5-2d79-4337-a1ad-6b8d02cfd64b/", "source": "contact@wpscan.com"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user (including administrators) views the post."}], "lastModified": "2026-06-10T07:16:25.373", "sourceIdentifier": "contact@wpscan.com"}