Contact Form 7 Math Captcha <= 2.0.1 - Cross-site Scripting

The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users. id: CVE-2024-6517 info: name: Contact Form 7 Math Captcha =...

EUVD-2024-47598

Malicious code in bioql PyPI...

CVE-2024-6517

The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users...

CVE-2025-1262

The Advanced Google reCaptcha plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.27 . This makes it possible for unauthenticated attackers to bypass the Built-in Math Captcha Verification...

WordPress Advanced Google reCaptcha plugin <= 1.27 - Built-in Math CAPTCHA Bypass vulnerability

Built-in Math CAPTCHA Bypass vulnerability discovered by Max Boll b0lli in WordPress Plugin Advanced Google reCAPTCHA versions = 1.27...

WordPress Contact Form 7 Math Captcha plugin <= 3.0.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by goodguyandy & ahmed in WordPress Plugin Contact Form 7 Math Captcha versions = 3.0.0...

CVE-2024-6517

The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users...

CVE-2024-6517

The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users...

CVE-2024-6517

The CVE concerns the WordPress plugin Contact Form 7 Math Captcha, affected versions

WordPress plugin Contact Form 7 Math Captcha 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin...

WordPress Contact Form 7 Math Captcha Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 Math Captcha Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6517 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1067711fa4c4 Credits...

PT-2024-37683 · WordPress · Contact Form 7 Math Captcha

Name of the Vulnerable Software and Affected Versions: Contact Form 7 Math Captcha WordPress plugin versions 2.0.1 and earlier Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitized and escaped before being outputted back in the...

WordPress Easy Math Captcha for CF7 Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Math Captcha for CF7 Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c64d705fa07e Credits Rafie Muhammad Patchstac...

WordPress Easy Math Captcha for CF7 plugin <= 1.0.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Easy Math Captcha for CF7 plugin versions = 1.0.0. Solution No patched version available...

WordPress Easy Math Captcha for CF7 plugin <= 1.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Easy Math Captcha for CF7 plugin versions = 1.0.0. Solution No patched version available...

base64Captcha

A flexible and various captcha package !Testhttps://github...

Vulnerability in Dumb math captcha for WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в плагине Dumb math captcha для WordPress. Insufficient Anti-automation: При передаче параметра action со значением commentopenid, значение ответа капчи не проверяется, что позволяет обойти капчу на страница...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Dumb math captcha: protection bypass backdoor...

Vulnerabilities in Dumb math captcha for WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation и Full path disclosure уязвимостях в плагине Dumb math captcha для WordPress. Insufficient Anti-automation: Капча на страницах записей уязвима к Constant values bypass method, который я описал в проекте Month of Bugs i...