Vulnerability Report

CVE-2008-7216

Title: Wordpress Peter\'S Math Anti-Spam For Wordpress

Other

Proof Of Concept

PoC Available for CVE-2008-7216

CWE Category CWE-264

Published Date Sep 11, 2009

Modified Date Apr 09, 2025

Exploit Status Available

Score 4.3 CVSS v2.0

Exploit Probability (EPSS)

4.81%

Vulnerability Summary

CVE-2008-7216: Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.

Impacted Vendors

wordpress 1

Reference Links

http://docs.google.com/View?docid=df36cd52_19xzmkwqcg http://www.securityfocus.com/archive/1/486331/100/200/threaded http://www.securityfocus.com/bid/27287 https://exchange.xforce.ibmcloud.com/vulnerabilities/39688 http://docs.google.com/View?docid=df36cd52_19xzmkwqcg http://www.securityfocus.com/archive/1/486331/100/200/threaded http://www.securityfocus.com/bid/27287 https://exchange.xforce.ibmcloud.com/vulnerabilities/39688

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

4.3

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:M/Au:N/C:P/I:N/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2008-7216 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/31029

View Code

April 09, 2025 MODIFIED

Vulnerability data or affected products updated.

September 11, 2009 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:M/Au:N/C:P/I:N/A:N

Affected Stack

No specific products linked.