14 matches found
CVE-2026-10552
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...
CVE-2026-10552 Blue Captcha <= 2.0.1 - Cross-Site Request Forgery via 'blcap_action' Parameter
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...
EUVD-2026-38669
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...
CVE-2026-10552
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...
WordPress Blue Captcha plugin <= 2.0.1 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Kamil Królikowski - Asseco Poland S.A. in WordPress Plugin Blue Captcha versions = 2.0.1...
EUVD-2025-8153
Malicious code in bioql PyPI...
WordPress Blue Captcha plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Blue Captcha plugin has a cross-site scripting vulnerability, the vulnerability stems from the lack...
CVE-2025-28880
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...
CVE-2025-28880
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...
CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...
CVE-2025-28880
CVE-2025-28880 : Reflected XSS in Blue Captcha for WordPress (affected from n/a to 1.7.4). Root cause: improper input neutralization during web page generation. Impact: cross-site scripting possible; exploitation details not provided in initial doc. Public data indicates no published patch in the...
CVE-2025-28880 WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through = 1.7.4...
WordPress plugin Blue Captcha 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Blue Captcha plugin has a cross-site scripting vulnerability, the vulnerability stems from the lack...
WordPress Blue Captcha plugin <= 1.7.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Blue Captcha versions = 1.7.4...