CVE-2023-6963

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array.
Configurations

Configuration 1 (hide)

cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*

History

25 Nov 2024, 16:47

Type Values Removed Values Added
First Time Motopress getwid
CPE cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:* cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*

21 Nov 2024, 08:44

Type Values Removed Values Added
References () https://plugins.trac.wordpress.org/changeset/3022982 - Patch () https://plugins.trac.wordpress.org/changeset/3022982 - Patch
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve - Third Party Advisory () https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve - Third Party Advisory

14 Feb 2024, 17:05

Type Values Removed Values Added
CPE cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*
First Time Motopress getwid - Gutenberg Blocks
Motopress
CWE CWE-863
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
References () https://plugins.trac.wordpress.org/changeset/3022982 - () https://plugins.trac.wordpress.org/changeset/3022982 - Patch
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve - () https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve - Third Party Advisory

05 Feb 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-05 22:15

Updated : 2024-11-25 16:47


NVD link : CVE-2023-6963

Mitre link : CVE-2023-6963

CVE.ORG link : CVE-2023-6963


JSON object : View

Products Affected

motopress

  • getwid
CWE
CWE-863

Incorrect Authorization