PT-2014-4565 · Plogger · Plogger

Published

2014-12-29

Updated

2014-12-30

CVE-2014-2224

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Plogger versions 1.0 RC1 and earlier

Description The issue makes it easier for remote attackers to bypass the CAPTCHA protection mechanism via a series of form submissions, due to the failure to assign new values for certain codes when the Lucid theme is used.

Recommendations For Plogger versions 1.0 RC1 and earlier, consider disabling the Lucid theme until a patch is available to prevent bypassing the CAPTCHA protection mechanism.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254

Related Identifiers

CVE-2014-2224

Affected Products

Plogger

PT-2014-4565 · Plogger · Plogger

CVE-2014-2224

Weakness Enumeration

Related Identifiers

Affected Products

References · 3