CVE-2026-27411 MEDIUM

CVE-2026-27411: WordPress SiteGuard WP plugin plugin <= 1.7.9 - Captcha Bypass vulnerability

Vendor Jp-Secure
Product SiteGuard WP Plugin
Weakness CWE-804
Published March 5, 2026
Last update April 29, 2026

CVSS base score

5.4/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through <= 1.7.9.

Explanation of Vulnerability in Simple Terms

02Summary

SiteGuard WP Plugin versions up to 1.7.9 contain a flaw that allows an attacker to read or modify limited data on the site through network requests. The vulnerability requires specific conditions to exploit but can affect other systems or users interacting with the site. No authentication is required to attempt exploitation.

What an attacker can do

03Attacker Capabilities

Read or modify limited data on the site through network-based requests.

Potential impact on your site

04Site Impact

Sensitive data may be exposed or altered; users and connected systems could be affected.

Conditions required to exploit

05Prerequisites

Network access to the site; specific conditions must be met to trigger the vulnerability.

Key dates

06Disclosure timeline

March 5, 2026 CVE published
April 29, 2026 Record updated