cleantalk
Vulnerabilities and Security Researches

hCaptcha for WordPress, CVE-2026-25315

CVE, Research URL

CVE-2026-25315

Home page URL

Security reports for hCaptcha for WordPress

Application

hCaptcha for WordPress

Published on
Feb 19, 2026
Research Description
Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for WP: from n/a through <= 4.22.0.
Affected versions
max 4.22.0.
Status
vulnerable
Previous vulnerability researches
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing &amp; Mo (CVE-2024-38745) , Jul 14, 2024
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing &amp; Mo (CVE-2026-27541) , Mar 29, 2026
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing &amp; Mo (52d60d940aeadf2db4ad84ad458f877983f7b389) , Jun 07, 2024
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing &amp; Mo (CVE-2022-41640) , Jun 07, 2024
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing &amp; Mo (CVE-2022-34344) , Jun 07, 2024
New vulnerability
PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) (CVE-2026-32430) , Mar 29, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
Strong Testimonials (CVE-2026-24957) , Mar 29, 2026
BackWPup &#8211; WordPress Backup Plugin (CVE-2025-15041) , Mar 29, 2026
hCaptcha for WordPress (CVE-2026-25315) , Mar 29, 2026