Lucene search
K

9 matches found

CNVD
CNVD
added 2025/08/20 12:0 a.m.1 views

WordPress Alobaidi Captcha plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Alobaidi Captcha plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

4.4CVSS6.1AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/17 8:29 a.m.10 views

CVE-2025-8080

The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS6AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 9:15 a.m.5 views

CVE-2025-8080

The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS0.00232EPSS
Exploits0References4
CVE
CVE
added 2025/08/15 8:25 a.m.23 views

CVE-2025-8080

CVE-2025-8080 describes a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Alobaidi Captcha (versions up to 1.0.3). The issue stems from insufficient input sanitization and output escaping in the plugin settings, enabling - for authenticated users with administrator-level permission...

4.4CVSS5.9AI score0.00232EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/15 8:25 a.m.5 views

CVE-2025-8080 Alobaidi Captcha <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings

The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS0.00232EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/15 8:25 a.m.2 views

CVE-2025-8080 Alobaidi Captcha <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings

The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS5.5AI score0.00232EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.1 views

WordPress plugin Alobaidi Captcha 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Alobaidi Captcha plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

4.4CVSS6AI score0.00232EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.5 views

PT-2025-33464 · WordPress · Alobaidi Captcha

Name of the Vulnerable Software and Affected Versions: Alobaidi Captcha plugin for WordPress versions up to and including 1.0.3 Description: The Alobaidi Captcha plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the...

4.4CVSS5.7AI score0.00232EPSS
Exploits0References8
Patchstack
Patchstack
added 2025/08/14 11:10 p.m.5 views

WordPress Alobaidi Captcha plugin <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Plugin Settings vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Alobaidi Captcha versions = 1.0.3...

4.4CVSS5.5AI score0.00232EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder