WordPress Plugin Vulnerabilities

Google Captcha <= 1.12 - Authentication Bypass

Description

The reCaptcha by BestWebSoft WordPress plugin was affected by an Authentication Bypass security vulnerability.

Affects Plugins

Plugin icon
google-captcha
Fixed in 1.13

References

CVE
CVE-2015-0890
URL
https://jvn.jp/en/jp/JVN55063777/index.html

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
89a43bdc-2ad8-43b5-8330-ffe52543fc65

Timeline

Publicly Published
2015-03-03 (about 11 years ago)
Added
2015-03-03 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-11-04
Title
KiotViet Sync <= 1.8.5 - Authorization Bypass via Use of Hard-coded Password
Published
2025-08-27
Title
RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function
Published
2014-08-01
Title
portable-phpMyAdmin < 1.3.1 - Authentication Bypass
Published
2020-04-08
Title
Klarna Checkout for WooCommerce < 2.0.10 - Authenticated Arbitrary Plugin Deactivation, Activation and Installation
Published
2020-02-19
Title
Duplicator 1.3.24 & 1.3.26 - Unauthenticated Arbitrary File Download