CVE-2008-7216

Peter's Math Anti-Spam Spinoff - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7216. PoCs published by Romero.

AI-analyzed exploit summary This Perl script exploits a security-bypass vulnerability in Peter's Math Anti-Spam for WordPress by interpreting poorly obfuscated challenge data. It reads and decodes the challenge data from a file to bypass the anti-spam measures.

Description

Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Romero · perlwebappsphp
https://www.exploit-db.com/exploits/31029

This Perl script exploits a security-bypass vulnerability in Peter's Math Anti-Spam for WordPress by interpreting poorly obfuscated challenge data. It reads and decodes the challenge data from a file to bypass the anti-spam measures.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Peter's Math Anti-Spam for WordPress 0.1.6
No auth needed
Prerequisites: Access to the challenge data file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39688
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27287
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486331/100/200/threaded

Scores

EPSS 0.0585
EPSS Percentile 92.2%

Details

CWE
CWE-264
Status published
Products (1)
wordpress/peter\'s_math_anti-spam_for_wordpress
Published Sep 11, 2009
Tracked Since Feb 18, 2026