Backdoor in Captcha discovered

Nothing to see here, folks …

“Backdoor in Captcha Plugin Affects 300K WordPress Sites

This entry was posted in WordPress Security on December 19, 2017 by Matt Barry   54 Replies

The WordPress repository recently removed the plugin Captcha over what initially appeared to be a trademark issue with the current author using “WordPress” [Editors note: the original page has been removed, we’re now linking to a screen shot.] in their brand name.

Whenever the WordPress repository removes a plugin with a large user base, we check to see if it was possibly due to something security-related. Wordfence alerts users when any plugin they are running is removed from WordPress repo as well. At the time of its removal, Captcha had over 300,000 active installs, so its removal significantly impacts many users.”

Leave a Reply

Your email address will not be published. Required fields are marked *

9 × = 45