CVE-2008-7216

Severity CVSS v4.0:

Pending analysis

Type:

CWE-264 Permissions, Privileges, and Access Control

Publication date:

11/09/2009

Last modified:

09/04/2025

Description

Peter&#39;s Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.

Impact

Vector 2.0

AV:N/AC:M/Au:N/C:P/I:N/A:N CVSS v2.0 Severity and Metrics:

Base Score: 4.30 MEDIUM
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Attack Vector (AV): Network
Attack Complexity (AC): Medium
Authentication (Au): None
Confidentiality (C): Physical
Integrity (I): None
Availability (A): None