Vulnerabilities (CVE)

Filtered by vendor Wpwhitesecurity Subscribe
Filtered by product Captcha 4wp
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2184 1 Wpwhitesecurity 1 Captcha 4wp 2024-11-21 N/A 8.8 HIGH
The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive require_once call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server.