Nearly 50% of over 200,000 WordPress sites with the Spam protection, Anti-Spam, FireWall by CleanTalk plugin were discovered to remain impacted by a pair of critical authorization bypass vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, which could be leveraged to facilitate arbitrary plugin activation and remote code execution attacks, SecurityWeek reports.