Captcha/Honeypot for Contact Form 7 <= 1.11.3 is vulnerable to Capcha Bypass vulnerability

Unauthenticated

Published
2023-10-02

The Captcha/Honeypot for Contact Form 7 plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.11.3. This makes it possible for unauthenticated attackers to bypass the Captcha Verification.

CVE

https://www.cve.org/CVERecord?id=CVE-2023-45009

CVSS

Score:5.3

Severity:Medium

Version: 1.11.3

There is a patch available in v1.11.4 and we strongly recommend you update to this version as soon as possible.