Description
WordPress Plugin Captcha by BestWebSoft is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass intended restrictions. WordPress Plugin Captcha by BestWebSoft version 3.8.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.8.8 or latest
References
Related Vulnerabilities
WordPress Plugin WordPress Facebook Multiple Cross-Site Scripting Vulnerabilities (1.0.10)
WordPress Plugin Integration for Contact Form 7 and Mailchimp Cross-Site Scripting (1.0.9)
WordPress Plugin Paytium:Mollie payment forms & donations Cross-Site Scripting (3.1.1)
Squid Missing Authentication for Critical Function Vulnerability (CVE-2019-12524)
WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)