cleantalk
Vulnerabilities and Security Researches

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress, CVE-2022-2184

CVE, Research URL

CVE-2022-2184

Home page URL

Security reports for CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress

Application

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress

Published on
Aug 01, 2022
Research Description
The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive require_once call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server.
Affected versions
Min -, max 7.1.0.
Status
vulnerable
Previous vulnerability researches
CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress (CVE-2022-2184) , Jun 06, 2024
CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress (c6be45dd0e7d5dfb8372ecee800d8202a05dd4c6) , Jun 06, 2024
CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress (CVE-2022-4974) , Nov 14, 2024
New vulnerability
The E-Commerce ERP: Purchasing, Inventory, Fulfillment, Manufacturing, BOM, Accounting, Sales Analysis (CVE-2025-52836) , Jul 15, 2025
Strong Testimonials (CVE-2025-7367) , Jul 15, 2025
Companion Auto Update (CVE-2025-4369) , Jul 15, 2025
Restrict File Access (CVE-2025-7667) , Jul 15, 2025
Product XML Feed Manager for WooCommerce – Google Shopping, Social Sites, Skroutz & More (CVE-2025-30959) , Jul 15, 2025