📦

contact_form_with_captcha

Vendor: contact_form_with_captcha_project

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.13% Exploit Prob.

Latest CVE CVE-2023-45771 Mar 26

Security Vulnerability Index

Page 1 / 1

7.1 CVSS

CVE-2023-45771

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contact Form With Captcha allows Reflected XSS.This issue affects Contact Form With Captcha: from n/a through 1.6.8.

EPSS: 0.14%

Severity: HIGH

Mar 26, 2024

8.8 CVSS

CVE-2021-42358

The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ~/cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2.

EPSS: 0.11%

Severity: HIGH

Nov 29, 2021

Displaying 2 of 1 Total Entries

Total 1 Sections