Arbitrary File Upload Vulnerability in WP Captcha PRO by WordPress
CVE-2026-5411
What is CVE-2026-5411?
The WP Captcha PRO plugin, a premium version of the Advanced Google reCAPTCHA plugin, is susceptible to an arbitrary file upload vulnerability in all versions leading up to and including version 5.38. This flaw arises from inadequate capability checks within the save_ajax() function of the licensing module, coupled with a lack of file extraction validation in the sync_cloud_protection() function. Consequently, authenticated attackers with Subscriber-level access or higher can exploit this vulnerability to upload malicious files, such as PHP web shells, via a malicious cloud_protection_url. This uploaded file can then be executed remotely, provided the server allows URL fopen in the PHP configuration, leading to potential remote code execution on the server.
Affected Version(s)
Advanced Google reCAPTCHA 0 <= 5.38
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.