CVE-2024-12034

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-340
View all →

Vulnerability Description

The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generating an unblock request. This makes it possible for unauthenticated attackers to unblock their IP after being locked out due to too many bad password attempts

Related Vulnerabilities

CVE-2024-28957

MEDIUM
CVSS:5.3(Medium)

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by pred...

CWE-3402024

CVE-2025-0218

HIGH
CVSS:7.1(High)

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used...

CWE-3402025

CVE-2024-47945

CRITICAL
CVSS:9.1(Critical)

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which al...

CWE-3402024

CVE-2024-52299

HIGH
CVSS:7.5(High)

macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the "key" that is passed to pre...

CWE-3402024

CVE-2025-0218

HIGH
CVSS:7.1(High)

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used...

CWE-3402025

CVE-2024-28957

MEDIUM
CVSS:5.3(Medium)

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by pred...

CWE-3402024