Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. The plugin was recently removed from the official WordPress Plugins repository and provided sanitized versions for affected customers. WordFence now includes firewall rules to block Captcha and five other plugins from the same author. Backdoored version Captcha 4.3.7 update process downloads a ZIP file from: simplywordpress[.]net that is registered to someone named Stacy Wellington using email address scwellington@hotmail.co.uk.”]
Source: https://securityaffairs.co/wordpress/66951/hacking/captcha-plugin-backdoor.html