Lucene search
K

39 matches found

CVE
CVE
added 2024/04/20 9:38 a.m.83 views

CVE-2024-4014

CVE-2024-4014 concerns the hCaptcha for WordPress plugin for WordPress, exposing a Stored Cross-Site Scripting (XSS) vulnerability via the plugin’s cf7-hcaptcha shortcode. The issue affects all versions up to and including 4.0.0 due to insufficient input sanitization and output escaping on user-s...

6.4CVSS5.6AI score0.00333EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/20 9:38 a.m.11 views

CVE-2024-4014 hCaptcha for WordPress <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7-hcaptcha Shortcode

The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.1AI score0.00333EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/20 12:0 a.m.2 views

WordPress Plugin hCaptcha for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS6AI score0.00333EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/20 12:0 a.m.5 views

PT-2024-28794 · WordPress · Hcaptcha For Wordpress

Name of the Vulnerable Software and Affected Versions: hCaptcha for WordPress plugin for WordPress versions up to, and including, 4.0.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's cf7-hcaptcha shortcode, allowi...

6.4CVSS6.8AI score0.00333EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2024/04/19 12:0 a.m.7 views

hCaptcha for WordPress < 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7-hcaptcha Shortcode

Description The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References1Affected Software1
Imperva Blog
Imperva Blog
added 2023/12/21 4:21 p.m.52 views

Shifting from reCAPTCHA to hCaptcha

We are adding another CAPTCHA vendor and helping our customers migrate from Googles reCAPTCHA to hCaptcha. Why We Are Making This Change We continuously evaluate our security measures to ensure they align with the evolving landscape of threats. After carefully evaluating several different CAPTCHA...

7.2AI score
Exploits0
OSV
OSV
added 2023/08/23 6:30 a.m.12 views

GHSA-93WX-J2QV-49FG hCaptcha for EXT:form Broken Access Control vulnerability

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS5.1AI score0.00515EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/08/23 6:30 a.m.25 views

hCaptcha for EXT:form Broken Access Control vulnerability

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS6.9AI score0.00515EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/23 6:15 a.m.6 views

CVE-2023-41100

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS5.8AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2023/08/23 6:15 a.m.27 views

CVE-2023-41100

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS5.2AI score0.00515EPSS
Exploits0References1
OSV
OSV
added 2023/08/23 6:15 a.m.5 views

CVE-2023-41100

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS5.8AI score0.00515EPSS
Exploits0References1
Prion
Prion
added 2023/08/23 6:15 a.m.8 views

Authentication flaw

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5CVSS5.3AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/23 12:0 a.m.7 views

CVE-2023-41100

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS6.8AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2023/08/23 12:0 a.m.72 views

CVE-2023-41100

CVE-2023-41100 affects the hCaptcha for EXT:form extension in TYPO3 prior to 2.1.2. The issue is that the required captcha field is not checked in form submissions, allowing a remote attacker to bypass the CAPTCHA check. Remediation: upgrade to version 2.1.2 or later (or apply vendor guidance). E...

5.3CVSS5.2AI score0.00515EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/23 12:0 a.m.40 views

CVE-2023-41100

An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...

5.3CVSS5.5AI score0.00515EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.4 views

PT-2023-27786 · Hcaptcha +1 · Hcaptcha +1

Name of the Vulnerable Software and Affected Versions: hCaptcha for EXT:form extension versions prior to 2.1.2 for TYPO3 Description: An issue was discovered in the hcaptcha extension, where it fails to check that the required captcha field is submitted in the form data, allowing a remote user to...

5.3CVSS5.1AI score0.00515EPSS
Exploits0References8
Friends Of PHP
Friends Of PHP
added 2023/08/16 10:5 a.m.33 views

TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...

5.3CVSS7.2AI score0.00515EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2023/08/16 10:5 a.m.29 views

TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...

5CVSS6.5AI score0.00515EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2020/04/09 8:42 p.m.86 views

Cloudflare Axes Google reCAPTCHA Due to Privacy, Price

Cloudflare is nixing Google’s reCAPTCHA tool and replacing it with what the network services company’s CEO calls “a better CAPTCHA” service, hCaptcha. Google’s reCAPTCHA is a type of CAPTCHA an acronym for “Completely Automated Public Turing Test to Tell Computers and Humans Apart” that uses...

9.3CVSS8.2AI score0.01252EPSS
Exploits0References15
Rows per page
Query Builder