Vulnerability in WordPress Plugin "SiteGuard WP Plugin": WPV2026001
Published: March 10, 2026
Last Updated: April 17, 2026
A vulnerability related to CAPTCHA (CVE-2026-27411) has been reported in WordPress Plugin "SiteGuard WP Plugin" version 1.7.9 and earlier. The fixed version, 1.7.10, was released on April 17, 2026
April 17, 2026The fixed version, 1.7.10, has been released.
March 23, 2026We have completed our investigation into the details and the scope of impact for this vulnerability. We are currently requesting the reporter to verify the fixed version.
March 10, 2026Our development team is currently investigating the details and impact of the reported vulnerability. We are working on developing a fix (update) to address this issue.
Please update your plugin to version 1.7.10.
March 23,2026In the CAPTCHA function, it is possible to perform password attacks (such as brute-force attacks) by using specially crafted requests to bypass the CAPTCHA verification for a certain period. This vulnerability does not have a critical impact, such as bypassing the user authentication (login) process itself.
March 10, 2026While details are still under investigation, no critical damage or exploitation has been reported at this time.
April 17, 2026: Added information regarding the release of version 1.7.10.
March 23, 2026: Added information regarding the current status and the impact of vulnerability.
March 10, 2026: This vulnerability information page was published.
Vulnerability Reporting Desk
EG Secure Solutions Co., Ltd.
SiteGuard WP Plugin Support Team
Email: sg-wp-plugin@eg-secure.co.jp