Recaptcha V2 Amp V3 For Asgaros Forum
Monthly
DOM-Based Cross-Site Scripting in the reCAPTCHA (v2 & v3) for Asgaros Forum WordPress plugin (all versions through 1.1.0) enables authenticated low-privilege forum users to inject client-side scripts that execute in victims' browsers. The CVSS Scope:Changed metric (S:C) indicates the injected scripts can affect browser contexts beyond the vulnerable plugin component itself - including the broader WordPress session. No public exploit code or active exploitation has been identified at time of analysis, though the vulnerability was disclosed by Patchstack.
DOM-Based Cross-Site Scripting in the reCAPTCHA (v2 & v3) for Asgaros Forum WordPress plugin (all versions through 1.1.0) enables authenticated low-privilege forum users to inject client-side scripts that execute in victims' browsers. The CVSS Scope:Changed metric (S:C) indicates the injected scripts can affect browser contexts beyond the vulnerable plugin component itself - including the broader WordPress session. No public exploit code or active exploitation has been identified at time of analysis, though the vulnerability was disclosed by Patchstack.