SpamBam Plugin for WordPress - Comment Restriction Bypass via Server-Supplied Shared Key
The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key.
Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.