A critical vulnerability in the CleanTalk Spam Protection plugin for WordPress lets attackers bypass authorization and seize control of sites. Tracked as CVE-2026-1490, this flaw affects thousands of WordPress installations using the plugin for spam filtering. With a CVSS score of 9.8, it poses an urgent risk, enabling unauthenticated attackers to install arbitrary plugins and […] The post Critical CleanTalk Plugin Flaw Allows Authorization Bypass on WordPress via Reverse DNS appeared first on Cyber Security News.