Description
WordPress Plugin Flexible Captcha is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass the captcha with a modified submission at login. WordPress Plugin Flexible Captcha version 4.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.1 or latest
References
Related Vulnerabilities
WordPress Plugin Cherry Cross-Site Scripting (1.2.8.1)
Internet Information Services Other Vulnerability (CVE-2002-1695)
WordPress Plugin WP Header Images Cross-Site Scripting (2.0.0)
PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2358)