CVE-2026-2374 | robertpeake Login No Captcha reCAPTCHA Plugin up to 1.8.0 on WordPress xmlrpc.php authenticate PHP_SELF cross site scripting
A vulnerability classified as problematic has been found in robertpeake Login No Captcha reCAPTCHA Plugin up to 1.8.0 on WordPress. This affects the function Authenticate of the file xmlrpc.php. Performing a manipulation of the argument PHP_SELF results in cross site scripting.
This vulnerability is identified as CVE-2026-2374. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More