Description
WordPress Plugin Contact Form 7 is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently predict next values of the content of CAPTCHA. WordPress Plugin Contact Form 7 version 4.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.1.1 or latest
References
Related Vulnerabilities
WordPress Plugin WP Domain Redirect SQL Injection (1.0)
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.1.2)
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2017-7668)
WordPress Plugin Elementor Website Builder Arbitrary File Upload (2.7.4)
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556)