Description

Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719 parameter.

Remediation

References

CVE-2014-2265

Related Vulnerabilities

MySQL CVE-2018-2612 Vulnerability (CVE-2018-2612)

WordPress Plugin multi Scheduler Cross-Site Request Forgery (1.0.0)

WordPress Plugin VideoWhisper Video Conference Integration 'vw_upload.php' Arbitrary File Upload (4.51)

WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.5)

WordPress Plugin My Chatbot Cross-Site Scripting (1.1)

Severity

Medium

Classification

CVE-2014-2265 CWE-264

Tags

Missing Update Known Vulnerabilities