reCAPTCHA Jetpack, CVE-2024-3940

CVE, Research URL: CVE-2024-3940
Home page URL: Security reports for reCAPTCHA Jetpack
Application: reCAPTCHA Jetpack
Published on: May 14, 2024
Research Description: The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Affected versions: Min -, max 0.2.2.
Status: vulnerable