Description
WordPress Plugin Enmask Captcha is prone to malicious redirects. Attackers may leverage this issue to promote spam, distribute malware/backdoors, or to perform all kinds of malicious activities. WordPress Plugin Enmask Captcha version 1.3 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Sendit WP Newsletter 'submit.php' Blind SQL Injection (1.5.9)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1860)
WordPress Plugin Sexy Add Template Cross-Site Request Forgery (1.0)
Oracle Database Server CVE-2006-3705 Vulnerability (CVE-2006-3705)