CVE-2023-44236

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 9, 2023

Updated: Oct 11, 2023

CWE ID 352

Summary

CVE-2023-44236 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WP Captcha plugin developed by Devnath Verma. Versions 2.0.0 and below are reportedly affected. A successful exploit of this vulnerability allows an attacker to submit unintended commands in the context of an unsuspecting user, potentially leading to unauthorized actions such as account takeover or data manipulation. Users of the WP Captcha plugin are advised to upgrade to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sz8_gb
https://www.cve.org/CVERecord?id=CVE-2023-44236
https://nvd.nist.gov/vuln/detail/CVE-2023-44236

Back to Vulnerability Database

CVE-2023-44236

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations