VYPR
Medium severity5.3NVD Advisory· Published Aug 26, 2018· Updated Jun 17, 2026

CVE-2018-15876

CVE-2018-15876

Description

An issue was discovered in the ajax-bootmodal-login plugin 1.4.3 for WordPress. The register form, login form, and password-recovery form require solving a CAPTCHA to perform actions. However, this is required only once per user session, and therefore one could send as many requests as one wished by automation.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.