Nixpkgs security tracker

Untriaged

Permalink CVE-2026-25315

created 1 month, 4 weeks ago

WordPress hCaptcha for WP plugin <= 4.22.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for WP: from n/a through <= 4.22.0.

References

https://patchstack.com/database/Wordpress/Plugin/hcaptcha-for-forms-and-more/vu… vdb-entry

Affected products

hcaptcha-for-forms-and-more

=<<= 4.22.0

Matching in nixpkgs

pkgs.wordpressPackages.plugins.hcaptcha-for-forms-and-more

None

nixos-unstable 4.22.0
- nixpkgs-unstable 4.22.0
- nixos-unstable-small 4.22.0
nixos-25.11 4.12.0
- nixos-25.11-small 4.12.0
- nixpkgs-25.11-darwin 4.12.0

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.wordpressPackages.plugins.hcaptcha-for-forms-and-more