• info
• discussion
• exploit
• solution
• references

WordPress WP-reCAPTCHA Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities

An attacker can exploit HTML-injection issues through a browser. To exploit the cross-site request-forgery issue, the attacker must entice an unsuspecting victim into viewing a malicious webpage.