The CAPTCHA 4WP plugin for WordPress has a security issue in versions up to 7.0.6.1. This issue makes it possible for people with bad intentions to slip malicious code into a website without being noticed. They can do this by getting a site administrator to click on a link