Wikimedia ConfirmEdit FancyCaptcha API Vulnerability

Vulnerability

A vulnerability exists in the Wikimedia Foundation ConfirmEdit extension, specifically within the FancyCaptcha API file. This issue impacts all versions of ConfirmEdit.

Impact

The vulnerability could potentially be exploited to interfere with the CAPTCHA verification process, possibly allowing automated systems to bypass CAPTCHA challenges.

Added: Feb 3, 2026, 12:32 AM

Updated: Feb 3, 2026, 12:32 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

2.7

threat

0.0

urgency

5.7

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

2.7

threat

0.0

urgency

5.7

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wikimedia ConfirmEdit FancyCaptcha API Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating