Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2014-2265: Contact Form 7 3.7.2

Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719 parameter.

CVE
#js#wordpress

Contact Form 7 3.7.2 has just been released. This release includes a fix for a bug that allows to avoid CAPTCHA validation. Upgrading quickly is recommended especially if you have CAPTCHAs in forms.

Requires: WordPress 3.6 or higher
Tested up to: WordPress 3.8.1

» Download Contact Form 7 plugin from WordPress.org

Change Log

  • Fixed a bug that allowed to avoid CAPTCHA validation.
  • The jQuery Form Plugin (jquery.form.js) has been updated to 3.50.0.
  • Translation for Dutch (Tim de Hoog) has been updated.

Post navigation

Just another contact form plugin for WordPress. Simple but flexible.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907