WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-44997
8.8HIGH
What is CVE-2023-44997?
The WP Forms Puzzle Captcha plugin developed by Nitin Rathod is susceptible to Cross-Site Request Forgery (CSRF), which allows attackers to perform unauthorized actions on behalf of authenticated users. This vulnerability, present in versions 4.1 and below, can potentially compromise the integrity of user interactions on WordPress sites using this plugin. Proper security measures must be implemented to mitigate the risks associated with this vulnerability.
Affected Version(s)
WP Forms Puzzle Captcha <= 4.1