39 matches found
CVE-2024-4014
CVE-2024-4014 concerns the hCaptcha for WordPress plugin for WordPress, exposing a Stored Cross-Site Scripting (XSS) vulnerability via the plugin’s cf7-hcaptcha shortcode. The issue affects all versions up to and including 4.0.0 due to insufficient input sanitization and output escaping on user-s...
CVE-2024-4014 hCaptcha for WordPress <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7-hcaptcha Shortcode
The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Plugin hCaptcha for WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-28794 · WordPress · Hcaptcha For Wordpress
Name of the Vulnerable Software and Affected Versions: hCaptcha for WordPress plugin for WordPress versions up to, and including, 4.0.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's cf7-hcaptcha shortcode, allowi...
hCaptcha for WordPress < 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7-hcaptcha Shortcode
Description The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
Shifting from reCAPTCHA to hCaptcha
We are adding another CAPTCHA vendor and helping our customers migrate from Googles reCAPTCHA to hCaptcha. Why We Are Making This Change We continuously evaluate our security measures to ensure they align with the evolving landscape of threats. After carefully evaluating several different CAPTCHA...
GHSA-93WX-J2QV-49FG hCaptcha for EXT:form Broken Access Control vulnerability
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
hCaptcha for EXT:form Broken Access Control vulnerability
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
Authentication flaw
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
CVE-2023-41100
CVE-2023-41100 affects the hCaptcha for EXT:form extension in TYPO3 prior to 2.1.2. The issue is that the required captcha field is not checked in form submissions, allowing a remote attacker to bypass the CAPTCHA check. Remediation: upgrade to version 2.1.2 or later (or apply vendor guidance). E...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
PT-2023-27786 · Hcaptcha +1 · Hcaptcha +1
Name of the Vulnerable Software and Affected Versions: hCaptcha for EXT:form extension versions prior to 2.1.2 for TYPO3 Description: An issue was discovered in the hcaptcha extension, where it fails to check that the required captcha field is submitted in the form data, allowing a remote user to...
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...
Cloudflare Axes Google reCAPTCHA Due to Privacy, Price
Cloudflare is nixing Google’s reCAPTCHA tool and replacing it with what the network services company’s CEO calls “a better CAPTCHA” service, hCaptcha. Google’s reCAPTCHA is a type of CAPTCHA an acronym for “Completely Automated Public Turing Test to Tell Computers and Humans Apart” that uses...