Lucene search
K

14 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.7 views

CVE-2026-10552

The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...

4.3CVSS0.00146EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.32 views

CVE-2026-10552 Blue Captcha <= 2.0.1 - Cross-Site Request Forgery via 'blcap_action' Parameter

The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...

4.3CVSS0.00146EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 5:33 a.m.8 views

EUVD-2026-38669

The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...

4.3CVSS5.9AI score0.00146EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.7 views

CVE-2026-10552

The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...

4.3CVSS5.9AI score0.00146EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/06/23 4:41 p.m.5 views

WordPress Blue Captcha plugin <= 2.0.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Kamil Królikowski - Asseco Poland S.A. in WordPress Plugin Blue Captcha versions = 2.0.1...

4.3CVSS5.8AI score0.00146EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-8153

Malicious code in bioql PyPI...

7.1CVSS7.8AI score0.00294EPSS
Exploits0References2
CNVD
CNVD
added 2025/03/31 12:0 a.m.15 views

WordPress Blue Captcha plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Blue Captcha plugin has a cross-site scripting vulnerability, the vulnerability stems from the lack...

7.1CVSS6.6AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/28 5:49 p.m.10 views

CVE-2025-28880

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...

7.1CVSS7.2AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2025/03/26 3:16 p.m.19 views

CVE-2025-28880

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...

7.1CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/26 2:24 p.m.14 views

CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...

7.1CVSS8.6AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2025/03/26 2:24 p.m.69 views

CVE-2025-28880

CVE-2025-28880 : Reflected XSS in Blue Captcha for WordPress (affected from n/a to 1.7.4). Root cause: improper input neutralization during web page generation. Impact: cross-site scripting possible; exploitation details not provided in initial doc. Public data indicates no published patch in the...

7.1CVSS7.2AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/26 2:24 p.m.20 views

CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...

7.1CVSS0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.4 views

WordPress plugin Blue Captcha 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Blue Captcha plugin has a cross-site scripting vulnerability, the vulnerability stems from the lack...

7.1CVSS6.4AI score0.00294EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/24 1:28 p.m.4 views

WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Blue Captcha versions = 1.7.4...

7.1CVSS6.1AI score0.00294EPSS
Exploits0Affected Software1
Rows per page
Query Builder