{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-6963","assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","state":"PUBLISHED","assignerShortName":"Wordfence","dateReserved":"2023-12-19T20:14:55.515Z","datePublished":"2024-02-05T21:22:02.318Z","dateUpdated":"2026-04-08T17:25:28.890Z"},"containers":{"cna":{"providerMetadata":{"orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence","dateUpdated":"2026-04-08T17:25:28.890Z"},"affected":[{"vendor":"jetmonsters","product":"Getwid – Gutenberg Blocks","versions":[{"version":"0","status":"affected","lessThanOrEqual":"2.0.4","versionType":"semver"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array."}],"title":"Getwid – Gutenberg Blocks <= 2.0.4 - Captcha Bypass","references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve"},{"url":"https://plugins.trac.wordpress.org/changeset/3022982"}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-804 Guessable CAPTCHA","cweId":"CWE-804","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM"}}],"credits":[{"lang":"en","type":"finder","value":"Lucio Sá"}],"timeline":[{"time":"2023-12-19T00:00:00.000Z","lang":"en","value":"Vendor Notified"},{"time":"2024-01-17T00:00:00.000Z","lang":"en","value":"Disclosed"}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2023-6963","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-02-06T16:38:49.003534Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-05T17:21:34.751Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:50:06.720Z"},"title":"CVE Program Container","references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve","tags":["x_transferred"]},{"url":"https://plugins.trac.wordpress.org/changeset/3022982","tags":["x_transferred"]}]}]}}