CVE-2023-6963

Summary

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array.

Affected Software

VendorProductVersion RangeStatus
jetmonstersGetwid – Gutenberg Blocks0 <= 2.0.4affected

Weaknesses

  • CWE-804: CWE-804 Guessable CAPTCHA

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References