Vulnerabilities4 min read
CleanTalk WordPress Plugin Flaw Exposes 200K Sites to Takeover
Critical CVE-2026-1490 (CVSS 9.8) in CleanTalk anti-spam plugin allows unauthenticated attackers to install malicious plugins via DNS spoofing. Update to 6.72 now.
Marcus ChenFeb 19, 2026