VYPR

Captcha

by WordPress

Source repositories

CVEs (5)

  • CVE-2026-3214MedMar 25, 2026
    risk 0.42cvss 6.5epss 0.00

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CAPTCHA allows Functionality Bypass.This issue affects CAPTCHA: from 0.0.0 before 1.17.0, from 2.0.0 before 2.0.10.

  • CVE-2026-1075MedJan 24, 2026
    risk 0.28cvss 4.3epss 0.00

    The ZT Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to improper nonce validation on the save_ztcpt_captcha_settings action where the nonce check can be bypassed by sending an empty token value.…

  • CVE-2022-2184Aug 1, 2022
    risk 0.00cvss epss 0.00

    The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive require_once call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server.

  • CVE-2014-9283Mar 3, 2015
    risk 0.00cvss epss 0.02

    The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

  • CVE-2008-0206Jan 10, 2008
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) captcha_ttffolder, (2) captcha_numchars, (3) captcha_ttfrange, or (4)…