5
CVE-2014-2265
- EPSS 3.06%
- Veröffentlicht 14.03.2014 10:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginContact Form 7 < 3.7.2 - CAPTCHA Bypass
Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719 parameter.
Mögliche Gegenmaßnahme
Contact Form 7: Update to version 3.7.2, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rocklobster ≫ Contact Form 7 SwPlatformwordpress Version <= 3.7.1
Rocklobster ≫ Contact Form 7 Version3.6 SwPlatformwordpress
Rocklobster ≫ Contact Form 7 Version3.7 SwPlatformwordpress
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Contact Form 7
Version
[*, 3.7.2)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.06% | 0.859 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://contactform7.com/2014/02/26/contact-form-7-372/
http://web.archive.org/web/20140727133642/http://www.hedgehogsecurity.co.uk/2014/02/26/contactform7-vulnerability/
http://wordpress.org/plugins/contact-form-7/changelog
https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-contact-form-7-security-bypass-3-7-1/
https://www.cvedetails.com/cve/CVE-2014-2265/
https://www.wordfence.com/threat-intel/vulnerabilities/id/e421cb35-e9f4-43f3-a39e-d51d197bc279