Overview

A vulnerability related to CAPTCHA (CVE-2026-27411) has been reported in WordPress Plugin "SiteGuard WP Plugin" version 1.7.9 and earlier. Currently, a patched version has not yet been released.

Current Status

March 23, 2026
We have completed our investigation into the details and the scope of impact for this vulnerability. We are currently requesting the reporter to verify the fixed version.

March 10, 2026
Our development team is currently investigating the details and impact of the reported vulnerability. We are working on developing a fix (update) to address this issue.

Request to Users

We request all users to prepare for a swift update once the patched version is released. Additionally, please refrain from installing any "unofficial patches" distributed outside of our official channels, as they may pose significant security risks.

We will announce the release date of the fixed version on this page as soon as it is confirmed. We sincerely apologize for any concern this situation may cause to our users.

Impact of Vulnerability

March 23,2026
In the CAPTCHA function, it is possible to perform password attacks (such as brute-force attacks) by using specially crafted requests to bypass the CAPTCHA verification for a certain period. This vulnerability does not have a critical impact, such as bypassing the user authentication (login) process itself.

March 10, 2026
While details are still under investigation, no critical damage or exploitation has been reported at this time.

Workarounds

There are no available workarounds for this vulnerability at this time.

Revision History

March 23, 2026: Added information regarding the current status and the impact of vulnerability.

March 10, 2026: This vulnerability information page was published.

Contact Information

Vulnerability Reporting Desk

EG Secure Solutions Co., Ltd.

SiteGuard WP Plugin Support Team

Email: sg-wp-plugin@eg-secure.co.jp