BestWebSoft WordPress CAPTCHA Plugin Backdoor
A backdoor has been discovered in the popular WordPress plugin “Captcha free plugin”, by BestWebSoft. It has recently been sold to an undisclosed buyer, who added a backdoor to the plugin before re-releasing it.
The backdoor allows the plugin’s owners to gain administrative rights to any site using it without authentication.
Affected Platforms
- WordPress – All Versions
“Captcha free plugin” WordPress by BestWebSoft
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.