Description

Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719 parameter.

Remediation

References

CVE-2014-2265

Related Vulnerabilities

Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-30635)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7864)

Apache Tomcat Other Vulnerability (CVE-2002-2006)

PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4545)

WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.5)

Severity

Medium

Classification

CVE-2014-2265 CWE-264

Tags

Missing Update Known Vulnerabilities