CVE-2026-1369

MEDIUM 4.3

Conditional CAPTCHA <= 4.0.0 - Open Redirect

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

10th

The Conditional CAPTCHA WordPress plugin through 4.0.0 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue

Vendor	unknown
Product	conditional captcha
Published	Feb 22, 2026
Last Updated	Apr 2, 2026

Stay Ahead of the Next One

Get instant alerts for unknown conditional captcha

Be the first to know when new medium vulnerabilities affecting unknown conditional captcha are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Conditional CAPTCHA

0 ≤ 4.0.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/5a275725-85f2-4463-880b-9473dbdfa8e0/

Credits

Bob Matyas WPScan