Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites
December 20, 2017 Christos

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

With the amount of WordPress sites living on our network we felt that everyone should be aware of a Captcha plugin by BestWebSoft that is called Captcha Pro. The developer sold the plugin to an undisclosed buyer who then placed a backdoor in the code base which then is placed in a wordpress site using this plugin when the plugin is updated.

https://thehackernews.com/2017/12/wordpress-security-plugin.html

If you or any of your clients are using this plugin in a wordpress site it needs to be removed immediately.