48 matches found
CVE-2023-46210
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WebCource WC Captcha plugin = 1.4 versions...
CVE-2023-46210 WordPress WC Captcha Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WebCource WC Captcha plugin = 1.4 versions...
CVE-2023-46210
CVE-2023-46210 affects the WebCource WC Captcha plugin for WordPress, with a Stored Cross-Site Scripting (XSS) vulnerability in versions 1.4 and validating site inputs, along with standard patching practices.
WordPress Contact Form With Captcha Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software Contact Form With Captcha Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Request Forgery CSRF CVE CVE-2023-45771 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 79f7e7f9285e Credits LEE SE...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin = 4.1 versions...
CVE-2023-44236
Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...
CVE-2023-44236
Summary: CVE-2023-44236 affects the WordPress plugin “WP Captcha” (WP Captcha) up to version 2.0.0. The vulnerability is a Cross-Site Request Forgery (CSRF) in settings updates, caused by missing CSRF protection. The initial description and connected sources confirm the affected software and the ...
CVE-2023-44236 WordPress WP Captcha Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...
CVE-2023-33312
Unauth. Reflected Cross-Site Scripting XSS vulnerability in wppal Easy Captcha plugin = 1.0 versions...
CVE-2023-0147
The Flexible Captcha WordPress plugin through 4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2022-37411 WordPress Captcha Code plugin <= 2.7 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Vinoj Cardoza's Captcha Code plugin = 2.7 at WordPress...
CVE-2022-2184
The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive requireonce call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server...
CVE-2022-2187
The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2022-2187
The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
WordPress plugin Contact Form 7 Captcha 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Contact Form 7 Captcha plugin <= 0.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by ZhongFu Su aka JrXnm WuHan University in WordPress Contact Form 7 Captcha plugin versions = 0.1.1. Solution Update the WordPress Contact Form 7 Captcha plugin to the latest available version at least 0.1.2...
WordPress Contact Form With Captcha plugin <= 1.6.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Yuga Futatsuki Cryptography Laboratory in Tokyo Denki University in WordPress Contact Form With Captcha plugin versions = 1.6.7. Solution Update the WordPress Contact Form With Captcha plugin to...
CVE-2018-16979
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943...
Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. One such incident happened recently when the renowned developer BestWebSoft sold a popular Captcha WordPress plugin to an undisclosed buyer, who then modified the...