cleantalk
Vulnerabilities and Security Researches

hCaptcha for WordPress, CVE-2026-25315

CVE, Research URL

CVE-2026-25315

Home page URL

Security reports for hCaptcha for WordPress

Application

hCaptcha for WordPress

Published on
Feb 19, 2026
Research Description
Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for WP: from n/a through <= 4.22.0.
Affected versions
max 4.22.0.
Status
vulnerable
Previous vulnerability researches
Squeeze (CVE-2024-35767) , Jun 22, 2024
Squeeze (CVE-2025-31002) , Apr 11, 2025
Squeeze (CVE-2025-31003) , Apr 11, 2025
Squeeze (CVE-2026-32415) , Mar 29, 2026
New vulnerability
PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) (CVE-2026-32430) , Mar 29, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
Strong Testimonials (CVE-2026-24957) , Mar 29, 2026
BackWPup &#8211; WordPress Backup Plugin (CVE-2025-15041) , Mar 29, 2026
hCaptcha for WordPress (CVE-2026-25315) , Mar 29, 2026