[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkPKtvlPutUjdMkyJmxMG5eiRyolg1iluTTiiaFuUnmc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":56,"fingerprints":95},"beauty-orange-wordpress-comment-captcha","beautyorange-wp-comment-captcha","1.00","leo_fanaq","https:\u002F\u002Fprofiles.wordpress.org\u002Fleo_fanaq\u002F","\u003Cp>A plugin for WordPress, simple comment captcha.\u003C\u002Fp>\n\u003Ch3>Source\u003C\u002Fh3>\n\u003Cp>= CheckOut =\u003Cbr \u002F>\nUse this command to anonymously check out the latest project source code:\u003C\u002Fp>\n\u003Cp>svn checkout http:\u002F\u002Fsvn.beautyorange.com\u002Fcode\u002Fbeautyorange-wp-comment-captcha\u002Ftrunk\u002F beautyorange-wp-comment-captcha-read-only\u003C\u002Fp>\n\u003Ch4>Browse\u003C\u002Fh4>\n\u003Cp>http:\u002F\u002Ftrac.beautyorange.com\u002Fcode\u002Fbrowser\u002Fbeautyorange-wp-comment-captcha\u003C\u002Fp>\n","A plugin for WordPress, simple comment captcha.",80,7841,0,"2010-12-21T03:53:00.000Z","3.0.5","3.0.0","",[5,19],"comment-captcha","http:\u002F\u002Fwww.beautyorange.com\u002Fbeauty-orange-projects\u002Fbeauty-orange-wordpress-comment-captcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeauty-orange-wordpress-comment-captcha.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":22,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},2,90,30,84,"2026-04-05T03:24:15.709Z",[33],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":29,"downloaded":41,"rating":42,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":17,"tags":47,"homepage":54,"download_link":55,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"kcaptcha","Kcaptcha","1.0.1","Ksolves - Emerging Ahead Always","https:\u002F\u002Fprofiles.wordpress.org\u002Fksolves\u002F","\u003Cp>Kcaptcha plugin is the perfect security plugin for your wordpress website forms that protects your website from spam bots. Kcaptcha allows you to implement security captcha anywhere in website’s form. It is very easy for humans and hard for robots. Kcaptcha is designed to recognise the difference between a bot and human and sometimes even malicious software to provide the security to the system. This captcha can be used for login, registration,password recovery, comments and contact forms.If you want to prevent the entry of bots into your website, then you must start using Kcaptcha as it is the smartest way to stop it.\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FyiMMJrLIdWY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Like WordPress, Kcaptcha is, and always will be free. We’ll continue supporting and developing it for many years to come. It’ll only get better from here. If you are facing any issue or challenges please contact us and help us making it better and rich in features.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fproducts.ksolves.com\u002Fkcaptcha.php\" rel=\"nofollow ugc\">We offer free support \u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Add captcha to:\u003C\u002Fp>\n\u003Cp>Registration form\u003C\u002Fp>\n\u003Cp>Login form\u003C\u002Fp>\n\u003Cp>Reset password form\u003C\u002Fp>\n\u003Cp>Comments form\u003C\u002Fp>\n\u003Cp>Easy for humans and hard for robots\u003C\u002Fp>\n","Kcaptcha plugin is the perfect security plugin for your wordpress website forms that protects your website from spam bots.",2993,100,1,"2016-09-14T17:39:00.000Z","4.6.30","3.1",[48,49,19,50,51,52,53],"anti-spam","captcha-plugin","form-captcha","login-captcha","registration-captcha","wordpress-captcha-plugin","http:\u002F\u002Fksolves.com\u002Fplugins.php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkcaptcha.1.0.1.zip",{"attackSurface":57,"codeSignals":74,"taintFlows":84,"riskAssessment":85,"analyzedAt":94},{"hooks":58,"ajaxHandlers":70,"restRoutes":71,"shortcodes":72,"cronEvents":73,"entryPointCount":13,"unprotectedCount":13},[59,66],{"type":60,"name":61,"callback":62,"priority":63,"file":64,"line":65},"action","comment_form","captcha_comment_form",10,"beautyorange-wp-comment-captcha.php",34,{"type":60,"name":67,"callback":68,"file":64,"line":69},"preprocess_comment","captcha_comment_post",36,[],[],[],[],{"dangerousFunctions":75,"sqlUsage":76,"outputEscaping":78,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":27,"bundledLibraries":83},[],{"prepared":13,"raw":13,"locations":77},[],{"escaped":13,"rawEcho":43,"locations":79},[80],{"file":64,"line":81,"context":82},15,"raw output",[],[],{"summary":86,"deductions":87},"The \"beauty-orange-wordpress-comment-captcha\" plugin, version 1.00, exhibits a mixed security posture.  The static analysis shows a commendably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events exposed without proper authentication or permission checks. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests, coupled with the use of prepared statements for all SQL queries, are strong indicators of good development practices. However, a significant concern arises from the complete lack of output escaping, meaning any dynamic content displayed to users could be vulnerable to cross-site scripting (XSS) attacks. The plugin also lacks nonce checks on potential entry points, although the reported entry point count is zero, this could be an oversight if new functionality is added without proper security reviews. The vulnerability history is clean, with no recorded CVEs, which suggests either a lack of past vulnerabilities or a history of prompt patching. This absence of history, combined with the identified output escaping and nonce check weaknesses, warrants careful consideration.",[88,91],{"reason":89,"points":90},"Output escaping is not implemented",8,{"reason":92,"points":93},"No nonce checks on potential entry points",5,"2026-03-16T21:28:57.080Z",{"wat":96,"direct":102},{"assetPaths":97,"generatorPatterns":99,"scriptPaths":100,"versionParams":101},[98],"\u002Fwp-content\u002Fplugins\u002Fbeauty-orange-wordpress-comment-captcha\u002Fbeautyorange-wp-comment-captcha.php",[],[],[],{"cssClasses":103,"htmlComments":104,"htmlAttributes":105,"restEndpoints":110,"jsGlobals":111,"shortcodeOutput":112},[],[],[106,107,108,109],"name=\"beautyorange_wp_comment_captcha_value\"","id=\"beautyorange_wp_comment_captcha_value\"","name=\"beautyorange_wp_comment_captcha_a\"","name=\"beautyorange_wp_comment_captcha_b\"",[],[],[113,114,115,116,117,118,117],"\u003Cinput type=text name=beautyorange_wp_comment_captcha_value id=beautyorange_wp_comment_captcha_value \u002F>","= "," + ","\u003Cinput name=beautyorange_wp_comment_captcha_a value="," type=hidden \u002F>","\u003Cinput name=beautyorange_wp_comment_captcha_b value="]