CVE-2022-37411 MEDIUM

CVE-2022-37411: WordPress Captcha Code plugin <= 2.7 - Cross-Site Request Forgery (CSRF) vulnerability

Vendor Vinoj Cardoza
Product Captcha Code (WordPress plugin)
Weakness CWE-352 · CSRF
Published September 9, 2022
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza's Captcha Code plugin <= 2.7 at WordPress.

Key dates

02Disclosure timeline

September 9, 2022 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-3901 Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii CVE-2024-38765 WordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerability CVE-2023-37277 XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API CVE-2024-34807 WordPress Fast Custom Social Share by CodeBard plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery