cleantalk
Vulnerabilities and Security Researches

Contact Form 7 reCAPTCHA, CVE-2025-23972

CVE, Research URL

CVE-2025-23972

Home page URL

Security reports for Contact Form 7 reCAPTCHA

Application

Contact Form 7 reCAPTCHA

Published on
Jul 04, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Brian S. Reed Contact Form 7 reCAPTCHA allows Cross Site Request Forgery. This issue affects Contact Form 7 reCAPTCHA: from n/a through 1.2.0.
Affected versions
Min -, max 1.2.0.
Status
vulnerable
Previous vulnerability researches
Cornerstone (CVE-2024-28002) , Jun 07, 2024
Cornerstone (CVE-2024-32570) , Jun 07, 2024
New vulnerability
Guest Support – Complete customer support ticket system for WordPress (CVE-2025-5957) , Jul 08, 2025
Contact Form 7 reCAPTCHA (CVE-2025-23972) , Jul 08, 2025
Easy Stripe (CVE-2025-49302) , Jul 08, 2025
Gallery Widget (CVE-2025-28969) , Jul 08, 2025
Contact Us Page – Contact People (CVE-2025-28967) , Jul 07, 2025