CVE-2026-5415 WP Captcha PRO <= 5.38 - Authenticated (Subscriber+) Authentication Bypass via Temporary Login Link

The WP Captcha PRO the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.38. This is due to the ajaxruntool AJAX handler relying solely on a nonce check...

EUVD-2023-48595

Malicious code in bioql PyPI...

EUVD-2023-48594

Malicious code in bioql PyPI...

CVE-2023-44236

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

CVE-2023-44235

Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0...

CVE-2023-44235

Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0...

WP Captcha <= 2.0.0 - Captcha Bypass

Description The plugin does not properly check the Captcha, allowing user to bypass it...

CVE-2023-44236

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Devnath verma WP Captcha plugin = 2.0.0 versions...

CVE-2023-44236

Summary: CVE-2023-44236 affects the WordPress plugin “WP Captcha” (WP Captcha) up to version 2.0.0. The vulnerability is a Cross-Site Request Forgery (CSRF) in settings updates, caused by missing CSRF protection. The initial description and connected sources confirm the affected software and the ...