Posts Tagged 'WordPress'

Recaptcha WordPress Plugin Cross Site Scripting Vulnerability

Vulnerable Systems:
* Recaptcha WordPress Plugin
The WordPress Recaptcha Plugin “integrates reCAPTCHA antispam methods with WordPress including comment, registration, and email spam protection”.
This advisory describes multiple Stored Cross Site Scripting (XSS) vulnerabilities and one Cross Site Request Forgery (CSRF) vulnerability on the plugin. As a result, an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the WordPress administrator user. Furthermore, the attacker …

Continue Reading →
0