CVE-2008-7216

critical

Description

Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/39688

http://www.securityfocus.com/archive/1/486331/100/200/threaded

http://docs.google.com/View?docid=df36cd52_19xzmkwqcg

Details

Source: Mitre, NVD

Published: 2009-09-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.04814