WordPress Plugin Vulnerabilities

Captcha Code < 3.0 - Captcha Bypass

Description

The Captcha Code plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.9. This makes it possible for unauthenticated attackers to bypass the Captcha Verification.

Affects Plugins

Plugin icon
captcha-code-authentication
Fixed in 3.0

References

CVE
CVE-2023-48745
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/b1dd3845-a88d-41aa-acf4-66fd1a6819ff
URL
https://patchstack.com/database/vulnerability/captcha-code-authentication/wordpress-captcha-code-plugin-2-8-captcha-bypass-vulnerability

Miscellaneous

Original Researcher
qilin_99
Verified
No
WPVDB ID
bcd7f1a6-e580-4227-a9c8-b0dffbfc93fd

Timeline

Publicly Published
2023-11-24 (about 2 years ago)
Added
2023-11-29 (about 2 years ago)
Last Updated
2024-02-02 (about 2 years ago)

Other

Published
Title
Published
2016-06-21
Title
WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
Published
2014-08-01
Title
Frontier Post - Publishing Posts Security Bypass
Published
2014-08-01
Title
Page Layout Builder 1.3.4 - Unspecified Issue
Published
2025-05-30
Title
Profitori 2.0.6.0 - 2.1.1.3 - Unauthenticated Privilege Escalation
Published
2018-02-26
Title
Ninja Forms < 3.2.15 - Parameter Tampering