Sunday, December 11, 2011

Google Recaptcha XSS Vulnerability

Vulnerable : The Google reCAPTCHA WordPress plugin uses a CAPTCHA to prevent comment spam and also uses MailHide to prevent email spam 


POC:
http://localhost/comment-page-1/?rcommentid=(id number)&rerror=XSS


Google Recaptcha XSS Vulnerability

No comments: