Lucene search

K

Contact Form 7 Captcha Security Vulnerabilities

cve
cve

CVE-2023-45009

Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 09:15 AM
1
cve
cve

CVE-2024-30540

Guessable CAPTCHA vulnerability in Guido VS Contact Form allows Functionality Bypass.This issue affects VS Contact Form: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
28
cve
cve

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web...

6.1CVSS

6AI Score

0.001EPSS

2022-07-17 11:15 AM
42
2
cve
cve

CVE-2021-24565

The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place when saving its settings, allowing attacker to make a logged in user with the manage_options change them. Furthermore, the settings are not escaped when output in attributes, leading to a Stored...

8.8CVSS

7.7AI Score

0.001EPSS

2021-08-23 12:15 PM
33
4
cve
cve

CVE-2014-2265

Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719...

7.1AI Score

0.004EPSS

2014-03-14 10:55 AM
78
2