WordPress Plugin Vulnerabilities

WP Forms Puzzle Captcha <= 4.1 - Captcha Bypass

Description

The WP Forms Puzzle Captcha plugin for WordPress is vulnerable to Captcha Bypass in versions up to, and including, 2.8. This makes it possible for unauthenticated attackers to bypass the Captcha Verification.

Affects Plugins

Plugin icon
wp-forms-puzzle-captcha
No known fix

References

CVE
CVE-2023-48276
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/58502e48-c1cf-4b94-954c-71046256c917

Miscellaneous

Original Researcher
qilin_99
Verified
No
WPVDB ID
821990ad-c031-4f15-a37b-d4b702a3684f

Timeline

Publicly Published
2023-11-28 (about 2 years ago)
Added
2023-11-29 (about 2 years ago)
Last Updated
2024-01-22 (about 2 years ago)

Other

Published
Title
Published
2017-08-16
Title
AddToAny Share Buttons <= 1.7.14 - Conditional Host Header Injection
Published
2014-08-01
Title
CSS Plus 1.3.1 - Unspecified Vulnerabilities
Published
2023-05-30
Title
CRM Perks Forms < 1.1.2 - Admin+ Stored Cross-Site Scripting
Published
2014-08-01
Title
dt-chocolate - Image Open redirect
Published
2026-04-08
Title
Bookly < 27.1 - Unauthenticated Price Manipulation via 'tips'