Primary

Context

Metform Elementor Contact Form Builder reCaptcha Bypass Vulnerability

Vulnerability

A vulnerability allowing reCaptcha bypass has been identified in the Metform Elementor Contact Form Builder plugin for WordPress, affecting versions through 3.2.1. The issue arises from inadequate server-side validation of the captcha response during form submissions. This flaw enables unauthenticated attackers to circumvent Captcha protections, potentially allowing bots to submit forms automatically.

Impact

Exploitation of this vulnerability allows for the bypassing of reCaptcha protections, enabling automated form submissions by bots.

Remediation

Users are advised to update the Metform Elementor Contact Form Builder plugin to version 3.2.2 or a newer patched version.

Added: May 15, 2026, 9:50 AM

Updated: May 15, 2026, 9:50 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Metform Elementor Contact Form Builder reCaptcha Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Metform

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating