Vulnerabilities and security researches forrecaptcha-for-all recaptcha-for-all

Jun 06, 2024

CVE, Research URL: 6e39913b14e05ccec85584f5eddcdf946239ae21
Home page URL: Security reports for Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Application: Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Date: May 15, 2023
Research Description: Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack. [recaptcha-for-all] < 1.23 WordPress reCAPTCHA for all Plugin <= 1.22 is vulnerable to Broken Access Control Update the WordPress reCAPTCHA for all plugin to the latest available version (at least 1.23). Jonas Höbenreich discovered and reported this Broken Access Control vulnerability in WordPress reCAPTCHA for all Plugin. This vulnerability has been fixed in version 1.23.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-32599
Home page URL: Security reports for Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Application: Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects reCAPTCHA for all: from n/a through 1.22.
Affected versions: Min -, max -.
Status: vulnerable

Apr 02, 2025

CVE, Research URL: CVE-2025-30862
Home page URL: Security reports for Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Application: Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Date: Mar 27, 2025
Research Description: Cloudflare Turnstile or reCAPTCHA For any Pages, to Block Spam and Hackers Attack. [recaptcha-for-all] < 2.23 CVE-2025-30862 [en] Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.22.
Affected versions: Min -, max -.
Status: vulnerable

May 21, 2025

CVE, Research URL: CVE-2025-48243
Home page URL: Security reports for Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Application: Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China
Date: May 19, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.26.
Affected versions: Min -, max -.
Status: vulnerable