Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
CleanTalk Inc

CleanTalk Inc Vendor Cyber Rating & Cyber Score

cleantalk.org

CleanTalk is a SaaS spam protection service for Web sites. CleanTalk uses protection methods which are invisible for site visitors. Connecting to the service eliminates needs for CAPTCHA, questions and answers and other methods of protection, complicating the exchange of information on the site. Our solutions are reliable, easy and efficient. Algorithms CleanTalk evaluates visitor behavior on the site and parameters filled in forms, these multi-level checks allow CleanTalk achieve such high-performance protection against spam attacks. The module is completely invisible to the visitors and allows you to permanently abandon the ways of protection that impede the communication of visitors to the site (CAPTCHA, question-answer, etc.).


CleanTalk Inc A.I CyberSecurity Scoring

CleanTalk Inc
Company Information
Website:https://cleantalk.org/
Employees number:21
Number of followers:1,568
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:cleantalk.org
CleanTalk Inc Risk Score (AI oriented)
Between 700 and 749
logo
CleanTalk IncIT Services and IT Consulting
Updated:
10/03/2026
748/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CleanTalk Inc Global Score (TPRM)
xxxx
logo
CleanTalk IncIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CleanTalk Inc
CleanTalk IncModerate
Current Score
748Ba (MODERATE)
01000
1 incidents
-1 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
749Before Incident
JUNE 2026
749Before Incident
MAY 2026
749Before Incident
APRIL 2026
748Before Incident
MARCH 2026
748Before Incident
FEBRUARY 2026
748Before Incident
JANUARY 2026
749Before Incident
Vulnerability
01 Jan 2026CleanTalk Inc
CleanTalk: CleanTalk WordPress Plugin Vulnerability Puts 200,000 Sites at Risk

Critical WordPress Plugin Vulnerability Exposes 200,000 Sites to Remote Attacks

748After Incident
CRITICAL-1
CLE1771323857
Critical WordPress Plugin Vulnerability Exposes 200,000 Sites to Remote Attacks A severe security flaw in the CleanTalk Anti-Spam WordPress plugin (CVE-2026-1490) has left up to 200,000 websites vulnerable to unauthenticated arbitrary plugin installation, potentially leading to remote code execution (RCE). The vulnerability, rated 9.8 (Critical) on the CVSS scale, was disclosed by security researcher Nguyen Ngoc Duc (duc193) of KCSC and published via Wordfence Intelligence. The flaw affects all versions of the plugin up to and including 6.71 and stems from an authorization bypass via reverse DNS (PTR) spoofing. The plugin’s `checkWithoutToken` function fails to properly verify request authenticity when an invalid API key is present, allowing attackers to spoof PTR records and impersonate trusted sources specifically the cleantalk.org domain. This enables unauthenticated attackers to install malicious plugins, which could then be leveraged for further exploitation, including RCE. While CVE-2026-1490 does not directly grant RCE, it creates a pathway for attackers to deploy additional plugins that may facilitate such attacks. The vulnerability is exploitable only on sites with an invalid API key; those with a valid key remain unaffected. The CleanTalk Anti-Spam plugin, a subscription-based SaaS solution, is widely used to block spam registrations, form submissions, and malicious bots. With over 200,000 active installations, the flaw presents a significant risk to the WordPress ecosystem. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) underscores its low attack complexity, no required privileges, and high impact on confidentiality, integrity, and availability. No patches have been mentioned at the time of disclosure, leaving affected sites exposed until remediation steps are taken.
INCIDENT DETAILS -
TYPE
Vulnerability Exploitation
IMPACT
Systems Affected: Up to 200,000 WordPress sitesOperational Impact: Potential remote code execution (RCE) and arbitrary plugin installation
DECEMBER 2025
749Before Incident
NOVEMBER 2025
749Before Incident
OCTOBER 2025
749Before Incident
SEPTEMBER 2025
749Before Incident
AUGUST 2025
749Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CleanTalk Inc ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CleanTalk Inc's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CleanTalk Inc's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CleanTalk Inc ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CleanTalk Inc's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?