CVE-2025-23972

Name of the Vulnerable Software and Affected Versions: Contact Form 7 reCAPTCHA versions 1.2.0 and earlier

Description: The issue is related to a Cross Site Request Forgery (CSRF) problem. It affects the reCAPTCHA component of Contact Form 7, allowing unauthorized requests to be made on behalf of a user.

Recommendations: For versions 1.2.0 and earlier, consider disabling the reCAPTCHA function until a patch is available to prevent CSRF attacks. Restrict access to sensitive areas of the Contact Form 7 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.