Cross-Site Scripting Vulnerability in SI CAPTCHA Anti-Spam for WordPress
CVE-2014-5190

Currently unrated

Key Information:

Vendor

Wordpress
Status
Si Captcha Anti-spam
Vendor
CVE Published:
7 August 2014

What is CVE-2014-5190?

A cross-site scripting vulnerability exists in the SI CAPTCHA Anti-Spam plugin for WordPress, specifically in the captcha-secureimage/test/index.php file. This flaw allows attackers to inject arbitrary web scripts or HTML via the PATH_INFO variable. Successful exploitation could lead to potential data theft or compromise of user sessions, making it crucial for users of this plugin to apply the necessary updates to mitigate risks associated with this security hole.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/69011
vdb-entryx_refsource_BID
http://packetstormsecurity.com/files/127723/WordPress-SI-...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/95104
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.