Description
WordPress Plugin Flexible Captcha is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass the captcha with a modified submission at login. WordPress Plugin Flexible Captcha version 4.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.1 or latest
References
Related Vulnerabilities
MySQL CVE-2020-2898 Vulnerability (CVE-2020-2898)
Piwigo Improper Access Control Vulnerability (CVE-2016-10085)
WordPress Plugin Teamleader CRM Forms Cross-Site Scripting (2.0.0)
PrestaShop Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-21302)
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)