CVE-2025-1262

Summary

The Advanced Google reCaptcha plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.27 . This makes it possible for unauthenticated attackers to bypass the Built-in Math Captcha Verification.

Affected Software

VendorProductVersion RangeStatus
webfactoryAdvanced Google reCAPTCHA0 <= 1.27affected

Weaknesses

  • CWE-804: CWE-804 Guessable CAPTCHA

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References