CVE-2022-2184

Name of the Vulnerable Software and Affected Versions CAPTCHA 4WP WordPress plugin versions prior to 7.1.0

Description The issue allows user input to reach a sensitive require once call in one of its admin-side templates. This can be exploited by attackers via a Cross-Site Request Forgery attack to run arbitrary code on the server.

Recommendations For versions prior to 7.1.0, update to version 7.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin-side templates to minimize the risk of exploitation.