🔎 Have you found a vulnerability in a WordPress plugin or theme? Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty on all in-scope submissions, while we handle the responsible disclosure process on your behalf.

Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms

Information

Software Type	Plugin
Software Slug	stop-spammer-registrations-plugin (view on wordpress.org)
Software Status	Active
Software Author	mcitar
Software Website	www.calculator.io
Software Downloads	2,388,174
Software Active Installs	50,000
Software Record Last Updated	July 26, 2024

6 Vulnerabilities

Stop Spammers Security | Block Spam Users, Comments, Forms <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_process

5.4

CVE-2023-7065

May 3, 2024

Researcher: Lucio Sá

Stop Spammers Security <= 2022.6 - Authenticated (Admin+) Stored Cross-Site Scripting

4.4

CVE-2023-2489

May 15, 2023

Researcher: Erwan LR

Stop Spammers Security <= 2022.6 - Reflected Cross-Site Scripting

6.1

CVE-2023-2488

May 15, 2023

Researcher: Erwan LR

Stop Spammers Security <= 2022.5 - Unauthenticated PHP Object Injection

9.8

CVE-2022-4120

Dec 5, 2022

Researcher: Seryeon Ham

Stop Spammers Security <= 2021.17 - Authenticated (Admin+) Stored Cross-Site Scripting

4.8

CVE-2021-24517

Aug 9, 2021

Researcher: swapnil subhash bodekar

Stop Spammers <= 2021.8 - Reflected Cross-Site Scripting

6.1

CVE-2021-24245

Apr 8, 2021

Researcher: Hosein_vita

Title	Status	CVE ID	CVSS	Researchers	Date
Stop Spammers Security \| Block Spam Users, Comments, Forms <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_process	Patched	CVE-2023-7065	5.4	Lucio Sá	May 3, 2024
Stop Spammers Security <= 2022.6 - Authenticated (Admin+) Stored Cross-Site Scripting	Patched	CVE-2023-2489	4.4	Erwan LR	May 15, 2023
Stop Spammers Security <= 2022.6 - Reflected Cross-Site Scripting	Patched	CVE-2023-2488	6.1	Erwan LR	May 15, 2023
Stop Spammers Security <= 2022.5 - Unauthenticated PHP Object Injection	Patched	CVE-2022-4120	9.8	Seryeon Ham	December 5, 2022
Stop Spammers Security <= 2021.17 - Authenticated (Admin+) Stored Cross-Site Scripting	Patched	CVE-2021-24517	4.8	swapnil subhash bodekar	August 9, 2021
Stop Spammers <= 2021.8 - Reflected Cross-Site Scripting	Patched	CVE-2021-24245	6.1	Hosein_vita	April 8, 2021

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation