Does CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress compatible with WordPress 6.8.5?

According to WordPress.org data, CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress 7.6.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress compatible with PHP 7.4+?

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Security & Risk Analysis

wordpress.org/plugins/advanced-nocaptcha-recaptcha

Use CAPTCHA to stop spam and allow customers & users to interact with your website easily. Block fake accounts and orders. Avoid false positives.

100K active installs v7.6.0 PHP 7.4+ WP 5.5+ Updated Jun 11, 2025

antispam-protectioncaptchacloudflare-turnstilehcaptcharecaptcha

A · Safe

CVEs total1

Unpatched0

Last CVEJun 29, 2022

Plugin page Download

Safety Verdict

Is CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Safe to Use in 2026?

Generally Safe

Score 99/100

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jun 29, 2022Updated 11mo ago

Risk Assessment

The "advanced-nocaptcha-recaptcha" plugin v7.6.0 exhibits a generally good security posture, with a high percentage of SQL queries using prepared statements and a strong adherence to output escaping and nonce checks. The plugin also shows good practice by not bundling external libraries, which often become outdated and introduce vulnerabilities. However, a significant concern arises from the presence of an unprotected AJAX handler, creating a potential entry point for unauthorized actions. While the taint analysis reports no immediate critical or high severity issues, this uncovered AJAX handler warrants attention. The plugin's vulnerability history, particularly a past high-severity Cross-Site Request Forgery (CSRF) vulnerability, indicates a potential for similar issues if not diligently managed. Despite the current lack of unpatched CVEs and zero taint flows, the single unprotected AJAX handler is a clear risk that slightly degrades its otherwise strong security standing.

Key Concerns

Unprotected AJAX handler found
One past high severity CVE

Vulnerabilities

1 published

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2022-2184high · 8.8Cross-Site Request Forgery (CSRF)

CAPTCHA 4WP <= 7.0.6.1 - Cross-Site Request Forgery to Local File Inclusion

Jun 29, 2022 Patched in 7.1.0 (573d)

Version History

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Release Timeline

v7.6.0Current46 files changed

v7.5.012 files changed

v7.4.112 files changed

v7.4.017 files changed

v7.3.19 files changed

v7.3.032 files changed

v7.2.35 files changed

v7.2.27 files changed

v7.2.16 files changed

v7.2.019 files changed

v7.1.18 files changed

v7.1.014 files changed

v7.0.6.11 CVE6 files changed

CVE-2022-2184

v7.0.61 CVE180 files changed

CVE-2022-2184

v7.0.51 CVE20 files changed

CVE-2022-2184

v7.0.41 CVE3 files changed

CVE-2022-2184

v7.0.31 CVE180 files changed

CVE-2022-2184

v7.0.21 CVE190 files changed

CVE-2022-2184

v6.1.71 CVE31 files changed

CVE-2022-2184

v6.1.61 CVE

CVE-2022-2184

Code Analysis

Analyzed Mar 16, 2026

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

267 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared9 total queries

Output Escaping

95% escaped280 total outputs

Attack Surface

1 unprotected

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Attack Surface

Entry Points9

Unprotected1

AJAX Handlers 9

authwp_ajax_c4wp_dismiss_update_noticeadmin\admin-notices\class-plugin-updated-notice.php:35

authwp_ajax_c4wp_dismiss_owner_noticeadmin\admin-notices\class-plugin-updated-notice.php:36

authwp_ajax_c4wp_reset_captcha_configadmin\class-c4wp-settings.php:70

authwp_ajax_c4wp_nocaptcha_plugin_notice_ignoreadmin\class-c4wp-settings.php:71

authwp_ajax_c4wp_ajax_verifyincludes\class-c4wp-captcha-class.php:116

noprivwp_ajax_c4wp_ajax_verifyincludes\class-c4wp-captcha-class.php:117

authwp_ajax_c4wp_nocaptcha_plugin_notice_ignoreincludes\class-c4wp-captcha-class.php:118

authwp_ajax_c4wp_validate_secret_keyincludes\class-c4wp-captcha-class.php:137

noprivwp_ajax_c4wp_validate_secret_keyincludes\class-c4wp-captcha-class.php:138

WordPress Hooks 53

actionadmin_noticesadmin\admin-notices\class-plugin-updated-notice.php:30

actionnetwork_admin_noticesadmin\admin-notices\class-plugin-updated-notice.php:31

actionadmin_initadmin\admin-notices\class-plugin-updated-notice.php:32

actionadmin_initadmin\class-c4wp-settings.php:55

actionadmin_initadmin\class-c4wp-settings.php:56

actionadmin_enqueue_scriptsadmin\class-c4wp-settings.php:58

actionnetwork_admin_menuadmin\class-c4wp-settings.php:63

actionadmin_menuadmin\class-c4wp-settings.php:66

filterc4wp_settings_fieldsadmin\class-c4wp-settings.php:78

actionadmin_bar_menuadmin\class-c4wp-settings.php:79

actionadmin_noticesadmin\class-c4wp-settings.php:83

filterc4wp_settings_fields_afteradmin\class-c4wp-settings.php:85

actionadmin_footeradmin\class-c4wp-settings.php:1212

actionwp_loadedadvanced-nocaptcha-recaptcha.php:132

actioninitadvanced-nocaptcha-recaptcha.php:133

actioninitadvanced-nocaptcha-recaptcha.php:134

actioninitadvanced-nocaptcha-recaptcha.php:137

actionadmin_print_scriptsadvanced-nocaptcha-recaptcha.php:140

actioninitadvanced-nocaptcha-recaptcha.php:151

actioninitadvanced-nocaptcha-recaptcha.php:152

actioninitadvanced-nocaptcha-recaptcha.php:153

actionlogin_enqueue_scriptsadvanced-nocaptcha-recaptcha.php:154

actionplugins_loadedadvanced-nocaptcha-recaptcha.php:162

actionlogin_formincludes\class-c4wp-captcha-class.php:74

filterlogin_form_middleincludes\class-c4wp-captcha-class.php:75

actionum_after_login_fieldsincludes\class-c4wp-captcha-class.php:76

filterauthenticateincludes\class-c4wp-captcha-class.php:77

actionregister_formincludes\class-c4wp-captcha-class.php:81

filterregistration_errorsincludes\class-c4wp-captcha-class.php:82

actionsignup_extra_fieldsincludes\class-c4wp-captcha-class.php:86

filterwpmu_validate_user_signupincludes\class-c4wp-captcha-class.php:87

actionsignup_blogformincludes\class-c4wp-captcha-class.php:88

filterwpmu_validate_blog_signupincludes\class-c4wp-captcha-class.php:89

actionlostpassword_formincludes\class-c4wp-captcha-class.php:93

actionlostpassword_postincludes\class-c4wp-captcha-class.php:94

actionresetpass_formincludes\class-c4wp-captcha-class.php:98

filtervalidate_password_resetincludes\class-c4wp-captcha-class.php:99

actioncomment_form_after_fieldsincludes\class-c4wp-captcha-class.php:104

filtercomment_form_field_commentincludes\class-c4wp-captcha-class.php:106

filterpre_comment_approvedincludes\class-c4wp-captcha-class.php:110

filterpreprocess_commentincludes\class-c4wp-captcha-class.php:112

actionadmin_enqueue_scriptsincludes\class-c4wp-captcha-class.php:119

actionwp_enqueue_scriptsincludes\class-c4wp-captcha-class.php:127

actionlogin_enqueue_scriptsincludes\class-c4wp-captcha-class.php:128

actionwp_footerincludes\class-c4wp-captcha-class.php:130

actionlogin_footerincludes\class-c4wp-captcha-class.php:131

actionwp_headincludes\class-c4wp-captcha-class.php:134

actionlogin_footerincludes\class-c4wp-captcha-class.php:135

filtershake_error_codesincludes\class-c4wp-functions.php:38

actionadmin_initincludes\include-functions.php:20

actionbefore_woocommerce_initincludes\include-functions.php:42

filterc4wp_settings_fieldsincludes\methods\class-cloudflare.php:47

filterc4wp_settings_fieldsincludes\methods\class-hcaptcha.php:47

Maintenance & Trust

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 11, 2025

PHP min version7.4

Downloads3.6M

Community Trust

Rating64/100

Number of ratings268

Active installs100K

Alternatives

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Alternatives

Contact Form 7 Captcha

contact-form-7-simple-recaptcha

Protect your Contact Form 7 forms with Google reCAPTCHA V2, Google reCAPTCHA V3, hCAPTCHA, or Cloudflare Turnstile.

100K 2 CVEs

hCaptcha for WP

hcaptcha-for-forms-and-more

The strongest CAPTCHA. Switch from reCAPTCHA and Turnstile for free. Works with 60+ integrations: Contact Form 7, Elementor, WooCommerce, Divi, etc.

70K 2 CVEs

reCAPTCHA in WP comments form

recaptcha-in-wp-comments-form

reCAPTCHA in WP comments form is an ANTISPAM tool that adds a Google reCAPTCHA to the comments form and protects your site from the spam robots threat …

8K No CVEs

DoLogin Security

dologin

Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent/Country/City)/IP range to limit login attempts.

7K 4 CVEs

G-Forms hCaptcha

gf-hcaptcha

A new way to monetize your site traffic with the hCaptcha addon for Gravity Forms.

3K No CVEs

Developer Profile

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Developer Profile

WPKube

9 plugins · 238K total installs

trust score

Avg Security Score

78/100

Avg Patch Time

725 days

View full developer profile

Detection Fingerprints

How We Detect CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/advanced-nocaptcha-recaptcha/js/admin/c4wp-admin-settings.js/wp-content/plugins/advanced-nocaptcha-recaptcha/js/frontend/c4wp-frontend.js/wp-content/plugins/advanced-nocaptcha-recaptcha/css/c4wp-admin.css/wp-content/plugins/advanced-nocaptcha-recaptcha/css/c4wp-frontend.css

Script Paths

https://www.google.com/recaptcha/api.js?render=https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=

Version Parameters

advanced-nocaptcha-recaptcha/js/admin/c4wp-admin-settings.js?ver=advanced-nocaptcha-recaptcha/js/frontend/c4wp-frontend.js?ver=advanced-nocaptcha-recaptcha/css/c4wp-admin.css?ver=advanced-nocaptcha-recaptcha/css/c4wp-frontend.css?ver=

HTML / DOM Fingerprints

CSS Classes

c4wp-fieldc4wp-labelc4wp-input-wrapc4wp-captcha-settings-wrapc4wp-recaptcha-block

HTML Comments

+2 more

Data Attributes

data-site-key

JS Globals

C4WP

REST Endpoints

/wp-json/c4wp/v1/settings

FAQ

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Security & Risk Analysis

Is CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Safe to Use in 2026?

Generally Safe

Key Concerns

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Security Vulnerabilities

CVEs by Year

Severity Breakdown

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Release Timeline

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Code Analysis

SQL Query Safety

Output Escaping

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Attack Surface

AJAX Handlers 9

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Maintenance & Trust

Maintenance Signals

Community Trust

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Alternatives

Contact Form 7 Captcha

hCaptcha for WP

reCAPTCHA in WP comments form

DoLogin Security

G-Forms hCaptcha

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress Developer Profile

How We Detect CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress