4 matches found
EUVD-2026-24664
The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler admin/setting.php. The settings form does not include a wpnoncefield and the form processing code...
CVE-2026-4121 Kcaptcha <= 1.0.1 - Cross-Site Request Forgery to Settings Update
The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler admin/setting.php. The settings form does not include a wpnoncefield and the form processing code...
CVE-2026-4121
The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler admin/setting.php. The settings form does not include a wpnoncefield and the form processing code...
WordPress Kcaptcha plugin <= 1.0.1 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Kcaptcha versions = 1.0.1...