Description
WordPress Plugin SI CAPTCHA Anti-Spam was deliberately modified to inject spam ads for payday loans and such in the WP posts of the web sites running the plugin. WordPress Plugin SI CAPTCHA Anti-Spam versions 3.0.1 and 3.0.2 are affected ONLY.
Remediation
Update to plugin version 3.0.3 or latest
References
https://wordpress.org/support/topic/where-did-the-plugin-go-2/
https://plugins.svn.wordpress.org/si-captcha-for-wordpress/trunk/readme.txt
Related Vulnerabilities
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-41801)
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-1149)
Internet Information Services Other Vulnerability (CVE-2000-0071)
WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)
WordPress 4.7.x Arbitrary File Deletion Vulnerability (4.7 - 4.7.10)