Moodle ReCAPTCHA Bypass Vulnerability on Login Page

Vulnerability

A vulnerability in Moodle allows for bypassing ReCAPTCHA checks on the login page due to inadequate validation of whether ReCAPTCHA was enabled. This issue is not present on other pages that utilize ReCAPTCHA.

Impact

Exploitation of this vulnerability allows users to bypass ReCAPTCHA verification on the login page, potentially leading to automated login attempts or abuse of the login process.

Added: May 15, 2026, 9:44 AM

Updated: May 15, 2026, 9:44 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Moodle ReCAPTCHA Bypass Vulnerability on Login Page

Vulnerability

Impact

Affected Products

Moodle

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating