CleanTalk Inc A.I CyberSecurity Scoring
CleanTalk Inc
Company Information
Website:https://cleantalk.org/
Employees number:21
Number of followers:1,568
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:cleantalk.org
CleanTalk Inc Risk Score (AI oriented)
Between 700 and 749
CleanTalk IncIT Services and IT Consulting
Updated:
10/03/2026
10/03/2026
748/1000
Moderate
Ba
CleanTalk Inc Global Score (TPRM)
xxxx
CleanTalk IncIT Services and IT Consulting
Score locked

CleanTalk IncModerate
Current Score
748Ba (MODERATE)
01000
1 incidents
-1 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
749
JUNE 2026
749
MAY 2026
749
APRIL 2026
748
MARCH 2026
748
FEBRUARY 2026
748
JANUARY 2026
749
Vulnerability
01 Jan 2026 • CleanTalk Inc
CleanTalk: CleanTalk WordPress Plugin Vulnerability Puts 200,000 Sites at Risk
Critical WordPress Plugin Vulnerability Exposes 200,000 Sites to Remote Attacks
748
CRITICAL-1
CLE1771323857
Critical WordPress Plugin Vulnerability Exposes 200,000 Sites to Remote Attacks
A severe security flaw in the CleanTalk Anti-Spam WordPress plugin (CVE-2026-1490) has left up to 200,000 websites vulnerable to unauthenticated arbitrary plugin installation, potentially leading to remote code execution (RCE). The vulnerability, rated 9.8 (Critical) on the CVSS scale, was disclosed by security researcher Nguyen Ngoc Duc (duc193) of KCSC and published via Wordfence Intelligence.
The flaw affects all versions of the plugin up to and including 6.71 and stems from an authorization bypass via reverse DNS (PTR) spoofing. The plugin’s `checkWithoutToken` function fails to properly verify request authenticity when an invalid API key is present, allowing attackers to spoof PTR records and impersonate trusted sources specifically the cleantalk.org domain. This enables unauthenticated attackers to install malicious plugins, which could then be leveraged for further exploitation, including RCE.
While CVE-2026-1490 does not directly grant RCE, it creates a pathway for attackers to deploy additional plugins that may facilitate such attacks. The vulnerability is exploitable only on sites with an invalid API key; those with a valid key remain unaffected.
The CleanTalk Anti-Spam plugin, a subscription-based SaaS solution, is widely used to block spam registrations, form submissions, and malicious bots. With over 200,000 active installations, the flaw presents a significant risk to the WordPress ecosystem. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) underscores its low attack complexity, no required privileges, and high impact on confidentiality, integrity, and availability.
No patches have been mentioned at the time of disclosure, leaving affected sites exposed until remediation steps are taken.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
DECEMBER 2025
749
NOVEMBER 2025
749
OCTOBER 2025
749
SEPTEMBER 2025
749
AUGUST 2025
749
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CleanTalk Inc ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in June 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in May 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in April 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in March 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in February 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in January 2026 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in December 2025 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in November 2025 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in October 2025 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in September 2025 ??
What was CleanTalk Inc's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on CleanTalk Inc's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CleanTalk Inc ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CleanTalk Inc's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?