450 matches found
CVE-2024-8739
The ReCaptcha Integration for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2023-28167
Cross-Site Request Forgery CSRF vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin = 1.3.3 versions...
CVE-2023-32599
Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects reCAPTCHA for all: from n/a through 1.22...
CVE-2023-0085
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including, 3.2.1. This is due to insufficient server side checking on the captcha value submitted during a form submission. This makes it possible for unauthenticated attackers...
CVE-2022-3831
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-39362
An XSS issue was discovered in ReCaptcha Solver 5.7. A response from Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, or BestCaptchaSolver.com in setCaptchaCode is inserted into the DOM as HTML, resulting in full control over the user's browser by these servers...
CVE-2020-8594
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninjaformsrecaptchasitekey, ninjaformsrecaptchasecretkey, ninjaformsrecaptchalang, or ninjaformsdateformat...
CVE-2025-48243
Cross-Site Request Forgery CSRF vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through = 2.26...
CVE-2025-48233
Cross-Site Request Forgery CSRF vulnerability in affmngr Affiliates Manager Google reCAPTCHA Integration affiliates-manager-google-recaptcha-integration allows Stored XSS.This issue affects Affiliates Manager Google reCAPTCHA Integration: from n/a through = 1.0.6...
WordPress reCAPTCHA for all plugin <= 2.26 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin reCAPTCHA for all versions = 2.26...
WordPress Affiliates Manager Google reCAPTCHA Integration plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin Affiliates Manager Google reCAPTCHA Integration versions = 1.0.6...
CVE-2025-48243
Cross-Site Request Forgery CSRF vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through = 2.26...
CVE-2025-48233
Cross-Site Request Forgery CSRF vulnerability in affmngr Affiliates Manager Google reCAPTCHA Integration affiliates-manager-google-recaptcha-integration allows Stored XSS.This issue affects Affiliates Manager Google reCAPTCHA Integration: from n/a through = 1.0.6...
CVE-2025-48243 WordPress reCAPTCHA for all <= 2.26 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.26...
CVE-2025-48243
CVE-2025-48243: WordPress reCAPTCHA for all plugin suffers a CSRF vulnerability in versions up to 2.26. Exploitation details are not provided in the Initial document, but Patchstack and NVD entries confirm a CSRF weakness affecting the plugin. The CVSS v3.1 base score is 4.3 (Medium) with no conf...
CVE-2025-48243 WordPress reCAPTCHA for all plugin <= 2.26 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through = 2.26...
CVE-2025-48233 WordPress Affiliates Manager Google reCAPTCHA Integration plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in affmngr Affiliates Manager Google reCAPTCHA Integration affiliates-manager-google-recaptcha-integration allows Stored XSS.This issue affects Affiliates Manager Google reCAPTCHA Integration: from n/a through = 1.0.6...
CVE-2025-48233
CVE-2025-48233 is a CSRF to Stored XSS vulnerability in the WordPress plugin Affiliates Manager Google reCAPTCHA Integration . The advisory states affected versions range from “n/a through 1.0.6” and the underlying issue is Cross-Site Request Forgery that can lead to stored XSS. Connected sources...
PT-2025-21956 · Google · Recaptcha
Name of the Vulnerable Software and Affected Versions: reCAPTCHA for all versions n/a through 2.26 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. This means an attacker can trick a user into performing unintended actions on a web...
PT-2025-21947 · Unknown · Affiliates Manager Google Recaptcha Integration
Name of the Vulnerable Software and Affected Versions: Affiliates Manager Google reCAPTCHA Integration versions 1.0.0 through 1.0.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the Affiliates Manager Google reCAPTCHA Integration...