- Description
- The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generating an unblock request. This makes it possible for unauthenticated attackers to unblock their IP after being locked out due to too many bad password attempts
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
- security@wordfence.com
- CWE-340
- Hype score
- Not currently trending
CVE-2024-12034 Unauthorized IP Unblocking Exploit in Google reCAPTCHA WordPress Plugin The Advanced Google reCAPTCHA plugin for WordPress, in all versions up to 1.25, has a vulnerability. It does not use a strong... https://t.co/2LsW1eqoX2
@VulmonFeeds
24 Dec 2024
56 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2024-12034 The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing … https://t.co/6azvjUQMy6
@CVEnew
24 Dec 2024
541 Impressions
1 Retweet
3 Likes
2 Bookmarks
0 Replies
0 Quotes