Description
WordPress Plugin Enmask Captcha is prone to malicious redirects. Attackers may leverage this issue to promote spam, distribute malware/backdoors, or to perform all kinds of malicious activities. WordPress Plugin Enmask Captcha version 1.3 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
SharePoint CVE-2020-0892 Vulnerability (CVE-2020-0892)
WordPress Plugin Csv Import-Export Multiple Cross-Site Scripting Vulnerabilities (1.1.0)
Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153)
WordPress Plugin BuddyPress Activity Plus Cross-Site Scripting (1.6.3)