Contact Form 7 Captcha Project: >> Contact Form 7 Captcha >> 0.0.9 Security Vulnerabilities
The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
CVSS Score
6.1
EPSS Score
0.078
Published
2022-07-17