* Posts by PluginVulnerabilities

1 publicly visible post • joined 20 Dec 2017

WordPress captcha plugin on 300,000 sites had a sneaky backdoor


Re: So, the "rebranding" excuse was BS...

We had put out a post warning about the plugin due to the change of ownership and other security issues in the plugin on the day it was removed from the Plugin Directory, https://www.pluginvulnerabilities.com/2017/12/08/it-would-probably-be-a-good-idea-to-be-moving-off-of-the-captcha-wordpress-plugin/, which we had noticed before the plugin was removed. So it would be a good idea to look around if a plugin is removed or use a service that warns you if you are using plugins with known vulnerabilities.