Lucene search
K

48 matches found

NVD
NVD
added 2023/10/31 8:15 a.m.18 views

CVE-2023-46210

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WebCource WC Captcha plugin = 1.4 versions...

5.9CVSS5.4AI score0.00316EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/31 7:38 a.m.26 views

CVE-2023-46210 WordPress WC Captcha Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WebCource WC Captcha plugin = 1.4 versions...

5.9CVSS5.5AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2023/10/31 7:38 a.m.53 views

CVE-2023-46210

CVE-2023-46210 affects the WebCource WC Captcha plugin for WordPress, with a Stored Cross-Site Scripting (XSS) vulnerability in versions 1.4 and validating site inputs, along with standard patching practices.

5.9CVSS5.1AI score0.00316EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.8 views

WordPress Contact Form With Captcha Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form With Captcha Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Request Forgery CSRF CVE CVE-2023-45771 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 79f7e7f9285e Credits LEE SE...

7.1CVSS6AI score0.00333EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/10/11 8:15 a.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin = 4.1 versions...

6.8CVSS8.8AI score0.00208EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/09 10:15 a.m.5 views

CVE-2023-44236

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

8.8CVSS7.3AI score0.00216EPSS
Exploits0References1
Prion
Prion
added 2023/10/09 10:15 a.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

6.8CVSS8.8AI score0.00216EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/09 9:13 a.m.55 views

CVE-2023-44236

Summary: CVE-2023-44236 affects the WordPress plugin “WP Captcha” (WP Captcha) up to version 2.0.0. The vulnerability is a Cross-Site Request Forgery (CSRF) in settings updates, caused by missing CSRF protection. The initial description and connected sources confirm the affected software and the ...

8.8CVSS7AI score0.00216EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/09 9:13 a.m.37 views

CVE-2023-44236 WordPress WP Captcha Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

5.4CVSS9AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2023/07/18 6:15 p.m.29 views

CVE-2023-33312

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wppal Easy Captcha plugin = 1.0 versions...

7.1CVSS0.00379EPSS
Exploits0References1
OSV
OSV
added 2023/02/06 8:15 p.m.2 views

CVE-2023-0147

The Flexible Captcha WordPress plugin through 4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00613EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/09/09 2:39 p.m.9 views

CVE-2022-37411 WordPress Captcha Code plugin <= 2.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Vinoj Cardoza's Captcha Code plugin = 2.7 at WordPress...

5.4CVSS6.5AI score0.0031EPSS
Exploits0References2
OSV
OSV
added 2022/08/01 1:15 p.m.6 views

CVE-2022-2184

The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive requireonce call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server...

8.8CVSS6AI score0.00499EPSS
Exploits2References1
OSV
OSV
added 2022/07/17 11:15 a.m.4 views

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS5.8AI score0.01277EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/17 11:15 a.m.8 views

CVE-2022-2187

The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.4AI score0.01277EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/07/17 12:0 a.m.5 views

WordPress plugin Contact Form 7 Captcha 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.9AI score0.01277EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.22 views

WordPress Contact Form 7 Captcha plugin <= 0.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by ZhongFu Su aka JrXnm WuHan University in WordPress Contact Form 7 Captcha plugin versions = 0.1.1. Solution Update the WordPress Contact Form 7 Captcha plugin to the latest available version at least 0.1.2...

6.1CVSS2.5AI score0.01277EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2021/11/29 12:0 a.m.20 views

WordPress Contact Form With Captcha plugin <= 1.6.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Yuga Futatsuki Cryptography Laboratory in Tokyo Denki University in WordPress Contact Form With Captcha plugin versions = 1.6.7. Solution Update the WordPress Contact Form With Captcha plugin to...

8.8CVSS2.4AI score0.00605EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/09/12 11:29 p.m.21 views

CVE-2018-16979

Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943...

6.1CVSS7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2017/12/19 10:56 p.m.16 views

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. One such incident happened recently when the renowned developer BestWebSoft sold a popular Captcha WordPress plugin to an undisclosed buyer, who then modified the...

7.4AI score
Exploits0
Rows per page
Query Builder