CVE-2026-1369
Open Redirect Vulnerability in Conditional CAPTCHA WordPress Plugin
Publication date: 2026-02-22
Last updated on: 2026-02-23
Assigner: WPScan
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| conditional_captcha | conditional_captcha | to 4.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-1369 is an Open Redirect vulnerability found in the WordPress plugin Conditional CAPTCHA versions up to and including 4.0.0.'}, {'type': 'paragraph', 'content': 'The vulnerability occurs because the plugin does not validate a parameter before redirecting the user to its value. This means an attacker can craft a URL or form that redirects users to arbitrary external websites after they complete the CAPTCHA.'}, {'type': 'paragraph', 'content': "Technically, an attacker can create a form that submits a comment with a 'redirect_to' parameter set to any URL. After the user solves the CAPTCHA, they are redirected to that URL without any validation, potentially leading to phishing or other malicious sites."}] [1]
How can this vulnerability impact me? :
This vulnerability can impact users and site owners by enabling attackers to redirect users to malicious or phishing websites.
Such redirects can be used to trick users into divulging sensitive information, downloading malware, or performing unwanted actions on other sites.
For site owners, this can damage reputation and trust, as users may associate the malicious redirects with the legitimate site.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the redirect behavior of the Conditional CAPTCHA WordPress plugin when submitting comments with a crafted redirect parameter.
- Identify a post that allows comments and obtain its post ID by inspecting the <body> classes in the page source.
- Create an HTML form targeting the comment submission URL of the vulnerable site, setting the comment_post_ID to the identified post ID and including a redirect_to parameter with an arbitrary URL (e.g., https://cnn.com).
- Open the crafted HTML form in a browser and submit it.
- After solving and submitting the CAPTCHA, observe if the plugin redirects the user to the URL specified in the redirect_to parameter without validation.
What immediate steps should I take to mitigate this vulnerability?
There is currently no known fix for this vulnerability.
Immediate mitigation steps are not explicitly provided in the available information.