Cyberpress
Critical CleanTalk Plugin Vulnerability Enables Authorization Bypass on WordPress
First seen 16 Feb 2026, 16:10 UTC
•


•76% similarity
•44.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A critical vulnerability tracked as CVE-2026-1490 has been identified in the CleanTalk plugin for WordPress, allowing for authorization bypass via reverse DNS. This flaw affects thousands of WordPress installations that utilize the plugin for spam filtering and has been assigned a CVSS score of 9.8, indicating its severity.
ThreatCluster AI
Timeline
2026-02-15
CVE-2026-1490 published
2026-02-16
Cyberpress and Gbhackers report on the vulnerability