Skip to content

Features
Pricing

Search

WordPress Plugin Vulnerabilities

Captcha/Honeypot for Contact Form 7 < 1.11.4 - Captcha Bypass

Description

The Captcha/Honeypot for Contact Form 7 plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.11.3. This makes it possible for unauthenticated attackers to bypass the Captcha Verification.

Affects Plugins

captcha-for-contact-form-7

Fixed in 1.11.4

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/60e9351a-302b-4a31-8a9c-c0a0b6ee3fcd

Miscellaneous

Original Researcher

qilin_99

Verified

No

WPVDB ID

793961d3-d4fa-46eb-95bf-dbbb4507e652

Timeline

Publicly Published

2023-10-03 (about 2 years ago)

Added

2023-11-23 (about 2 years ago)

Last Updated

2023-11-24 (about 2 years ago)

Other

Published

Title

Published

2024-04-22

Title

Appointment Hour Booking < 1.4.57 - Captcha Bypass

Published

2026-02-06

Title

Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass

Published

2020-05-06

Title

Elementor < 2.9.8 - SVG Sanitizer Bypass leading to Authenticated Stored XSS

Published

2014-08-01

Title

blogVault 1.08 - Missing Account Empty Secret Key Generation

Published

2026-02-26

Title

OVRI Payment 1.7.0 - Malicious .htaccess directive

Vulnerabilities

WordPress
Plugins
Themes
Our Stats
Submit vulnerabilities

About

How it works
Pricing
WordPress plugin
Blog
Contact

For Developers

Status
API details
CLI scanner

Other

Privacy
Terms of service
Submission terms
Disclosure policy
Privacy Notice for California Users

In partnership with Jetpack

GitHub
Twitter
Facebook

An

endeavor

Subscribe Subscribed
- WPScan
- Already have a WordPress.com account? Log in now.