WordPress Plugin Vulnerabilities

reCaptcha by BestWebSoft < 1.79 - CAPTCHA Bypass

Description

The plugin is vulnerable to CAPTCHA Bypass. This makes it possible for unauthenticated attackers to bypass CAPTCHA protection offered by the plugin

Affects Plugins

Plugin icon
google-captcha
Fixed in 1.79

References

CVE
CVE-2025-24628
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/eee2d5e8-a027-486b-93d8-9fe1501f9ed2

Miscellaneous

Original Researcher
cod3beat
Verified
No
WPVDB ID
aa633292-d49f-4ddb-99c4-b3ef2a2cb142

Timeline

Publicly Published
2025-01-03 (about 11 months ago)
Added
2025-02-20 (about 10 months ago)
Last Updated
2025-02-20 (about 10 months ago)

Other

Published
Title
Published
2020-08-20
Title
Advanced Access Manager < 6.6.2 - Authenticated Authorization Bypass and Privilege Escalation
Published
2020-10-29
Title
WordPress < 5.5.2 - Disable Spam Embeds from Disabled Sites on a Multisite Network
Published
2022-08-31
Title
Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing
Published
2022-11-09
Title
Better Messages < 1.9.10.71 - Subscriber+ Messaging Block Bypass
Published
2020-05-07
Title
Ultimate Addons for Elementor < 1.24.2 - Registration Bypass