CVE-2026-2112 in Dam Spam Plugininfo

Zusammenfassung

von MITRE • 18.02.2026

The Dam Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce verification on the pending comment deletion action in the cleanup page. This makes it possible for unauthenticated attackers to delete all pending comments via a forged request granted they can trick an admin into performing an action such as clicking on a link.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

18.02.2026

Moderieren

akzeptiert

Eintrag

VDB-346395

CPE

bereit

CWE

CWE-352 (bestätigt)

CVSS

4.3 (CNA)

EPSS

0.00011

KEV

nein

Aktivitäten

very low

Sektor

Finance, Police, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-2112
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-2112
CVE Details	https://www.cvedetails.com/cve/CVE-2026-2112/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!