What is CVE-2022-1801?

CVE-2022-1801 is a vulnerability in Very Simple Contact Form, classified under CWE-804. Published 2022-06-20.

Is CVE-2022-1801 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Very Simple Contact Form

CVE-2022-1801

The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check…

EPSS: 0.002 (48.0th percentile) — read the EPSS interpretation.

Affected products

Unknown Very Simple Contact Form — versions 11.6

Weakness classification (CWE)

CWE-804

Public proof-of-concept exploits

20142995/nuclei-templates

References

wpscan.com/vulnerability/a5c97809-2ffc-4efb-8c80-1b734361cd06 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-1801?: CVE-2022-1801 is a vulnerability in Very Simple Contact Form, classified under CWE-804. Published 2022-06-20.
Is CVE-2022-1801 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.