Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
hCaptcha for WP: Unsecured Access to Sensitive Features
CVE-2026-25315
Summary
A security issue in hCaptcha for WordPress allows attackers to exploit weak access controls. This affects versions of hCaptcha for WordPress from version 1 to 4.22.0. To protect your site, update to the latest version or adjust your security settings to ensure proper access controls.
Original title
Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for W...
Original description
Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for WP: from n/a through <= 4.22.0.
nvd CVSS3.1
5.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026