ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Recaptcha Plugin <= 2.9.8.2 - Multiple CSRF and XSS

Product
Recaptcha
Description
Because of these cross-site request forgery vulnerabilities in the configuration page, the attackers can hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting sequences.
Solution
Update the plugin.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2011-0759
Versions
Affected In <= 2.9.8.2
Fixed In 2.9.8.3
Disclosure date
2011-02-03
Credits
Gabriel Quadros