CVE-2024-12034

Published: Dic 24, 2024 Last Modified: Dic 24, 2024 EU-VD ID: EUVD-2024-50549

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,3

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: none

Description

AI Translation Available

The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generating an unblock request. This makes it possible for unauthenticated attackers to unblock their IP after being locked out due to too many bad password attempts

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0039

Percentile

0,6th

Updated

EPSS Score Trend (Last 90 Days)

340

Generation of Predictable Numbers or Identifiers

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfp…

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&ol…

https://www.wordfence.com/threat-intel/vulnerabilities/id/0…

https://www.wordfence.com/threat-intel/vulnerabilities/id/0fa7e6f6-92b2-494b-8c…

CVE-2024-12034

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Generation of Predictable Numbers or Identifiers

Common Consequences

Applicable Platforms

Iscriviti alla newsletter