Cross-Site Request Forgery in Secure CAPTCHA Plugin by Stanisław Skonieczny
CVE-2025-23693
7.1HIGH
What is CVE-2025-23693?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Secure CAPTCHA plugin by Stanisław Skonieczny, which can lead to Stored Cross-Site Scripting (XSS) exploits. A malicious actor could exploit this vulnerability to execute unauthorized actions on behalf of users, potentially compromising sensitive data and site integrity. This issue affects versions from n/a up to 1.2, making it crucial for users of the plugin to apply necessary patches and updates to mitigate risks.
Affected Version(s)
Secure CAPTCHA <= 1.2