[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBqvY220DkAxifod_Vdfsj91fT-qfPqkql_psX8lxB-A":3,"$fwPrVOlk5ERsw26NOCNi-OkJL4Rbo7IJx22mh6EN1iv8":241,"$fEJLo6a6qo9r5Y8Dk_qJUXdD9KQ0nyHdjwyCQsQCITuU":245},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":142,"fingerprints":221},"captcha-for-comments-form","Comments Form Captcha","1.0","Milankumar Kyada","https:\u002F\u002Fprofiles.wordpress.org\u002Fmilankyada\u002F","\u003Cp>This is a very basic plugin but work efficiently. Any suggestions are welcomed and I assure users that I will make\u003Cbr \u002F>\nchanges if it’s in favor of the plugin. This plugin is using google recaptcha and reason for making this plugin is the\u003Cbr \u002F>\nsame as others, I was facing spam comments too.\u003C\u002Fp>\n","This is a very basic plugin but work efficiently. Any suggestions are welcomed and I assure users that I will make",0,1048,"2020-01-24T21:03:00.000Z","5.3.21","4.0.0","5.2.4",[18,19,20,21],"captcha","comments","googlerecaptcha","spam","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-for-comments-form.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"milankyada",1,30,84,"2026-05-20T02:37:37.765Z",[36,60,83,103,122],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":11,"last_vuln_date":59,"fetched_at":26},"cleantalk-spam-protect","Spam protection, Honeypot, Anti-Spam by CleanTalk","6.76","CleanTalk Inc","https:\u002F\u002Fprofiles.wordpress.org\u002Fcleantalk\u002F","\u003Cp>Top-rated anti-spam protection for WordPress. No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.\u003C\u002Fp>\n\u003Ch4>Anti-Spam features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Stops spam comments.\u003C\u002Fli>\n\u003Cli>Stops spam registrations.\u003C\u002Fli>\n\u003Cli>Stops spam contact emails.\u003C\u002Fli>\n\u003Cli>Stops spam orders.\u003C\u002Fli>\n\u003Cli>Stops spam bookings.\u003C\u002Fli>\n\u003Cli>Stops spam subscriptions.\u003C\u002Fli>\n\u003Cli>Stops spam surveys, polls.\u003C\u002Fli>\n\u003Cli>Stops spam in widgets.\u003C\u002Fli>\n\u003Cli>Stops spam in WooCommerce.\u003C\u002Fli>\n\u003Cli>Real-time email validation. Is email real or Not.\u003C\u002Fli>\n\u003Cli>Checks and removes the existing spam comments and spam users.\u003C\u002Fli>\n\u003Cli>Compatible with mobile users and devices.\u003C\u002Fli>\n\u003Cli>Compatible with General Data Protection Regulation (GDPR) (EU).\u003C\u002Fli>\n\u003Cli>Blocking  disposable & temporary emails.\u003C\u002Fli>\n\u003Cli>No Spam – No Google Penalties. Give your SEO boost.\u003C\u002Fli>\n\u003Cli>Mobile friendly Anti Spam & FireWall.\u003C\u002Fli>\n\u003Cli>Stops spam in Search Form.\u003C\u002Fli>\n\u003Cli>Disable comments.\u003C\u002Fli>\n\u003Cli>Spam FireWall: Anti-Flood.\u003C\u002Fli>\n\u003Cli>Spam FireWall: Anti-Crawler.\u003C\u002Fli>\n\u003Cli>Hide «Website» field for comments.\u003C\u002Fli>\n\u003Cli>Block messages by languages, countries, networks and stop words.\u003C\u002Fli>\n\u003Cli>Email Address Encoder – protection for email addresses published on your site.\u003C\u002Fli>\n\u003Cli>No jQuery.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Free trial then $12 per year\u003C\u002Fh4>\n\u003Cp>CleanTalk is an anti-spam plugin which works with the premium Cloud Anti-Spam service cleantalk.org. This plugin as a service \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fdetailed-plugin-guidelines\u002F#6-software-as-a-service-is-permitted\" rel=\"nofollow ugc\">https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fwordpress-org\u002Fdetailed-plugin-guidelines\u002F#6-software-as-a-service-is-permitted\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Public reviews\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>It’s more than just a tool to combat spam; it’s an integral component that enhances the overall quality and performance of your website.\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwww.techbusinessnews.com.au\u002Fembracing-a-spam-free-digital-experience-with-cleantalk-anti-spam-plugin\u002F\" rel=\"nofollow ugc\">techbusinessnews.com.au\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fthehackernews.com\u002F2023\u002F07\u002Fimprove-your-security-wordpress-spam.html\" rel=\"nofollow ugc\">The Hacker News\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>CleanTalk – Cloud-Based Anti-Spam Service to Keep Your Site Bot-Free.\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fnewswatchtv.com\u002F2018\u002F07\u002F18\u002Fcleantalk-newswatch-review\u002F\" rel=\"nofollow ugc\">NewsWatch Review\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Compare reCAPTCHA & Akismet VS CleanTalk\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwww.saashub.com\u002Fcompare-recaptcha-vs-cleantalk\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.saashub.com\u002Fcompare-recaptcha-vs-cleantalk\u003C\u002Fa>\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwww.saashub.com\u002Fcompare-akismet-vs-cleantalk\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.saashub.com\u002Fcompare-akismet-vs-cleantalk\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>I know you have heard of a number of anti-spam plugins. But you must know, the cloud-based ones are the best regarding detection rate. They compare all the content in forms with their own algorithm to find out the legibility.\u003Cbr \u002F>\n  \u003Cem>\u003Ca href=\"https:\u002F\u002Fwww.techwibe.com\u002Fcleantalk-wordpress-plugin-review\u002F\" rel=\"nofollow ugc\">www.techwibe.com\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>The key selling point of CleanTalk for me is not simply its effectiveness. It’s the fact that CleanTalk works in the background. It does not make users jump through hoops in order to submit a comment or complete a form.\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwww.kevinmuldoon.com\u002Fcleantalk-anti-spam-service\u002F\" rel=\"nofollow ugc\">www.kevinmuldoon.com\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>AntiSpam protection for comments\u003C\u002Fh4>\n\u003Cp>Native spam protection for WordPress, JetPack comments and any other comment plugins. The plugin moves spam comments to SPAM folder or you can set the option to ban spam comments silently. You can also enable the option in the plugin settings to auto-delete comments from SPAM folder.\u003C\u002Fp>\n\u003Ch4>Contact Form 7 spam filter\u003C\u002Fh4>\n\u003Cp>Plugin extends spam protection for Contact Form 7 (CF7). It can be used with any other third-party spam filters.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fblog.cleantalk.org\u002Fhow-to-protect-your-contactform7-contact-form-using-cleantalk-anti-spam-plugin\u002F\" rel=\"nofollow ugc\">How to protect your Contact Form 7 using CleanTalk Anti-Spam plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Elementor Website Builder filter\u003C\u002Fh4>\n\u003Cp>Plugin extends spam protection for Elementor Website Builder. It filters spam submisssions and tested for contact form type.\u003C\u002Fp>\n\u003Ch4>Gravity forms spam filter\u003C\u002Fh4>\n\u003Cp>Plugin extends spam protection for Gravity forms. It filters spam submisssions for any type of forms.\u003C\u002Fp>\n\u003Ch4>Formidable Form Builder spam filter\u003C\u002Fh4>\n\u003Cp>Plugin extends spam protection for Formidable Form Builder. It filters spam submisssions for any type of forms – Contact Form, Survey & Quiz Forms.\u003C\u002Fp>\n\u003Ch4>Leaky Paywall subscription protection\u003C\u002Fh4>\n\u003Cp>Plugin protects Leaky Paywall plugin (by ZEEN01) against spam subscriptions. It can be used with any other third-party spam filters.\u003C\u002Fp>\n\u003Ch4>HubSpot protection for embedded forms\u003C\u002Fh4>\n\u003Cp>Plugin protects HubSpot embedded forms against any spam submissions. Guide to start using embedded forms https:\u002F\u002Fknowledge.hubspot.com\u002Fforms\u002Fhow-can-i-share-a-hubspot-form-if-im-using-an-external-site\u003C\u002Fp>\n\u003Ch4>Contact Form by WPForms spam filter\u003C\u002Fh4>\n\u003Cp>Plugin extends Contact Form by WPForms to provide spam protection. It filters spam submissions for each type of forms – simple contact form, marketing form, request a quote and etc.\u003C\u002Fp>\n\u003Ch4>WooCommerce spam filter\u003C\u002Fh4>\n\u003Cp>Anti-spam by CleanTalk filters spam registrations and spam reviews for WooCommerce. The plugin is fully compatible with WooCommerce 2.1 and higher.\u003C\u002Fp>\n\u003Ch4>Spam filter for theme contact forms\u003C\u002Fh4>\n\u003Cp>The plugin blocks spam emails via any theme (built-in ones included) contact forms. The plugin filters spam emails silently (without any error notices on WordPress frontend) in AJAX forms as well.\u003C\u002Fp>\n\u003Ch4>bbPress spam filter\u003C\u002Fh4>\n\u003Cp>Spam protection for everything about bbPress: logins, registrations, forums, topics and replies.\u003C\u002Fp>\n\u003Ch4>Many other great contact, signups and all kind of forms that supported by CleanTalk\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>AWeber form builder \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faweber-web-form-widget\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faweber-web-form-widget\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Contact form by BestWebSoft \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-plugin\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-plugin\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Contact Form Plugin by Fluent Forms Ninja forms \u003Ca href=\"https:\u002F\u002Ffluentforms.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Ffluentforms.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Forminator contact from \u003Ca href=\"https:\u002F\u002Fwpmudev.com\u002Fproject\u002Fforminator-pro\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpmudev.com\u002Fproject\u002Fforminator-pro\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ninja forms \u003Ca href=\"https:\u002F\u002Fninjaforms.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fninjaforms.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Newsletters – MC4WP: Mailchimp for WordPress (\u003Ca href=\"https:\u002F\u002Fwww.mc4wp.com\u002F\" rel=\"nofollow ugc\">mc4wp.com\u003C\u002Fa>), MailPoet – emails and newsletters in WordPress (https:\u002F\u002Fwww.mailpoet.com\u002F)\u003C\u002Fli>\n\u003Cli>WS Form Lite \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fws-form\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fws-form\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>WP User Frontend, UserPro.\u003C\u002Fli>\n\u003Cli>WordPress Landing Pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Protection for forms above works as built-in function of Anti-Spam by CleanTalk, without any additional actions from a user. Anywaym, if you have missed spam, try to activate a few options below. If nothing helps, ask for help at support forum \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcleantalk-spam-protect\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcleantalk-spam-protect\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any WordPress form (checkbox ‘Custom contact forms’).\u003C\u002Fli>\n\u003Cli>Any submission to the site (checkbox ‘Check all POST data’).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Check existing comments for spam. Bulk spam comments removal. Spam comment Cleaner\u003C\u002Fh4>\n\u003Cp>With the help of anti-spam by CleanTalk you can inspect through existing comments to find and quickly delete spam comments at once. To use this function, go to WP Console -> Comments -> Find spam comments.\u003C\u002Fp>\n\u003Ch4>Check existing users for spam. Bulk spam accounts removal. Spam users cleaner\u003C\u002Fh4>\n\u003Cp>With the help of anti-spam by CleanTalk you can inspect through existing accounts to find and quickly delete spam users at once. For use this function, go to WP Console -> Users -> Check for spam. Also, you can export a list of spam users to the CSV.\u003C\u002Fp>\n\u003Ch4>Private black lists for anti-spam service\u003C\u002Fh4>\n\u003Cp>Automatically block comments and registrations from your private black IP\u002Femail address list.\u003C\u002Fp>\n\u003Ch4>Hide «Website» field for comments\u003C\u002Fh4>\n\u003Cp>This option hides the «Website» field from standard WordPress comments forms. After that spammers won’t be able to send spam links using «Website» field in the bottom of the comments form.\u003C\u002Fp>\n\u003Ch4>Low false\u002Fpositive rate\u003C\u002Fh4>\n\u003Cp>This plugin uses multiple anti-spam tests to filter spam bots having as low false\u002Fpositive rate as possible.\u003C\u002Fp>\n\u003Ch4>How does CleanTalk improve SEO for your website?\u003C\u002Fh4>\n\u003Cp>\u003Cem>CleanTalk works faster than most of the other anti-spam plugins.\u003C\u002Fem> It is common knowledge that the faster your site loads, the better your customer experience is, the better your SEO will be, and the better your site will convert. Speed is becoming increasingly important in SEO, conversion and user experience. Today, site speed is one of the most important ranking factors on Google. A site that loads slowly will lose visitors and potential revenue.\u003C\u002Fp>\n\u003Cp>Among anti-spam plugins CleanTalk is one of the fastest. Despite the large plugin functionality, the developers have optimized the performance of\u003Cbr \u002F>\nthe plugin so that AntiSpam by CleanTalk is faster than most analogs. This contributes to the cloud service architecture, as all calculations take place in the cloud, not on the server, the server receives the finished result for further action.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fs.w.org\u002Fplugins\u002Fcleantalk-spam-protect\u002Fscreenshot-5.png?r=1288723\u003C\u002Fp>\n\u003Cp>Unlike stand-alone plugins (like Antispam Bee) Anti-Spam by CleanTalk uses less CPU that improves site response, visitors experience and SEO results.\u003C\u002Fp>\n\u003Ch4>Spam FireWall\u003C\u002Fh4>\n\u003Cp>Spam FireWall allows blocking the most active spam bots before they get access to your website. It prevents spam bots from loading website pages so your web server doesn’t have to perform all scripts on these pages. Also it prevents scanning of pages of the website by spam bots. Therefore Spam FireWall significantly reduces the load on your web server. Spam FireWall also makes CleanTalk the two-step protection from spam bots. Spam FireWall is the first step and it blocks the most active spam bots.  CleanTalk Anti-Spam is the second step and checks all other requests on the website in the moment of submitting comments\u002Fregisters etc. How does it work?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The visitor enters to your web site.\u003C\u002Fli>\n\u003Cli>HTTP request data are being checked in the nearly 5.8 million of the identified spam bot IPs.\u003C\u002Fli>\n\u003Cli>If it is an active spam bot, the bot gets a blank page, if it is a visitor then he receives a normal page. This process is completely transparent for the visitors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All the CleanTalk Spam FireWall activity is being logged in the process of filtering.\u003C\u002Fp>\n\u003Ch4>Spam FireWall: Anti-Flood & Anti-Crawler\u003C\u002Fh4>\n\u003Cp>Spam FireWall: Anti-Flood and Anti-Crawler options are intended for blocking unwanted bots, content parsing, shop goods prices parsing or aggressive website scanning bots. Learn more https:\u002F\u002Fcleantalk.org\u002Fhelp\u002Fanti-flood-and-anti-crawler\u003C\u002Fp>\n\u003Ch4>How to protect sites from spam bots without CAPTCHA?\u003C\u002Fh4>\n\u003Cp>The most popular anti-spam method is CAPTCHA – the annoying picture with curved and sloping symbols, which are presented to the visitor to decipher and fill in. In is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if the visitor wants to comment, he has to fill in these symbols time after time, making mistakes and starting once again. Sometimes CAPTCHA reminds us of the doodles of a two year old child. For users with vision problems CAPTCHA is an insurmountable obstacle. Users hate captcha. Captcha for users means “hate”. Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to decipher CAPTCHA 95% of visitors reject further attempts. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource spam both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts concerning the Need for CAPTCHA?\u003C\u002Fp>\n\u003Cp>\u003Cem>“Ultimately, CAPTCHAs are useless for spam because they’re designed to tell you if someone is ‘human’ or not, but not whether something is spam or not.” Matt Mullenweg\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>You do not have to work in IT to know what spam is. Besides piles of unwanted email, there are spam bots, or special software programs designed to act as human website visitors that post unwelcome messages over the Internet to advertise dubious services. More often than not spam messages do not even make sense. Similar to bacteria and virus mutations developing antibiotic resistance, spam bots are becoming more resilient in penetrating Internet firewalls and security layers.\u003C\u002Fp>\n\u003Ch4>Real-time email validation. Is email real or Not.\u003C\u002Fh4>\n\u003Cp>It is very important to be sure that the user used his real email address. Spambots very often use fake email addresses, i.e. which addresses do not exist.\u003C\u002Fp>\n\u003Cp>CleanTalk will check email addresses for existence in real time.\u003C\u002Fp>\n\u003Cp>Non-existing email addresses also entail several other problems for website owners.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can never contact them by email,\u003C\u002Fli>\n\u003Cli>the client will never receive any notifications from you (account activation letter, password recovery, email distribution, notifications, etc.),\u003C\u002Fli>\n\u003Cli>if you use email marketing for your clients, then a large number of nonexistent emails in the mailing list may result in your IP address being added to various blacklists of email servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Improve your email list with email validation without fake emails.\u003C\u002Fp>\n\u003Ch4>Blocking  disposable & temporary emails\u003C\u002Fh4>\n\u003Cp>Block fake and suspicious users with disposable & temporary emails to improve email delivery. So, it also prevents malicious activity, spam bots, and internet trolls.\u003C\u002Fp>\n\u003Ch4>Latest and the most SPAM active IPs, Emails, Domains and ASN\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>yawiviseya67@gmail.com\u003C\u002Fli>\n\u003Cli>xrumer888@outlook.com\u003C\u002Fli>\n\u003Cli>irinademenkova86@gmail.com\u003C\u002Fli>\n\u003Cli>zekisuquc419@gmail.com\u003C\u002Fli>\n\u003Cli>prince@stopformspam.xyz\u003C\u002Fli>\n\u003Cli>191.101.217.24\u003C\u002Fli>\n\u003Cli>199.167.138.22\u003C\u002Fli>\n\u003Cli>178.159.37.17\u003C\u002Fli>\n\u003Cli>185.190.42.200\u003C\u002Fli>\n\u003Cli>45.133.172.23\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Effective date is July 13th, 2025. Real-time data is available at \u003Ca href=\"https:\u002F\u002Fcleantalk.org\u002Fblacklists\" rel=\"nofollow ugc\">https:\u002F\u002Fcleantalk.org\u002Fblacklists\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Stops Spam in Search Form\u003C\u002Fh4>\n\u003Cp>Spam bots can use your search form to make a GET request with spam text. CleanTalk Anti-Spam has the option to protect your website search form from spam bots. Each time, the search generates a new page and if there are many requests, this can create additional load. So, under some conditions, spam searches can be indexed, which affects SEO,\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Anti-Spam protection for website search forms repels spambots.\u003C\u002Fli>\n\u003Cli>If your search form gets data too often the CleanTalk Anti-Spam plugin will add a pause and increase it with each new attempt to send data. It saves your web server processor time.\u003C\u002Fli>\n\u003Cli>Spam protection allows you to not forbid indexation for the crawler bots if you really need it but simultaneously you will get protection from spambots.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You will always know what users were looking for on your site.\u003C\u002Fp>\n\u003Ch4>Disable comments\u003C\u002Fh4>\n\u003Cp>This option disables comments on your site. You can choose one or several options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable comments for posts\u003C\u002Fli>\n\u003Cli>Disable comments for pages\u003C\u002Fli>\n\u003Cli>Disable comments for media\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When using Disables comments, existing comments will not be deleted and will remain on the pages.\u003C\u002Fp>\n\u003Ch4>Email, Phones Address Encoder\u003C\u002Fh4>\n\u003Cp>CleanTalk Anti-Spam offers a feature called “Encode contact data” that is designed to encode all email addresses on the website pages. Encoding email, phontes addresses increases the level of protection of contact data from being abused, parsed, getting spammed and used in spam mailing lists by bots and online criminals. To reveal the encoded email address simply click on it and it will be decoded instantly.\u003C\u002Fp>\n\u003Ch4>Will the anti-spam plugin protect my theme?\u003C\u002Fh4>\n\u003Cp>Yes, it will. The Anti-spam by CleanTalk is compatible with any WordPress theme.\u003C\u002Fp>\n\u003Ch4>Should I use other anti-spam tools (Captcha, reCaptcha and etc.)?\u003C\u002Fh4>\n\u003Cp>CleanTalk stops up to 99.998% of spam bots, so you can disable other anti-spam plugins (especially CAPTCHA-type anti-spam plugins). In some cases several anti-spam plugins could conflict with each other.\u003C\u002Fp>\n\u003Ch4>Honeypot field\u003C\u002Fh4>\n\u003Cp>The option helps to block bots. The honeypot field option adds a hidden field to the form. When spambots come to a website form, they can fill out each input field. Enable this option to make the protection stronger on these forms. Learn more about supported forms here.\u003C\u002Fp>\n","Blocks spam comments, fake users, contact form spam and more. No impact on SEO. Privacy focused. CAPTCHA free, premium Antispam plugin.",200000,23382707,96,3177,"2026-04-02T10:28:00.000Z","7.0","4.7","7.2",[53,18,19,54,21],"antispam","contact-form","https:\u002F\u002Fcleantalk.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcleantalk-spam-protect.6.76.zip",76,13,"2026-02-14 14:21:19",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":57,"num_ratings":70,"last_updated":71,"tested_up_to":49,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":22,"download_link":79,"security_score":80,"vuln_count":81,"unpatched_count":11,"last_vuln_date":82,"fetched_at":26},"captcha-code-authentication","Captcha Code","3.31","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetwpcaptcha.com\u002F\" rel=\"nofollow ugc\">Captcha\u003C\u002Fa> adds GDPR compatible captcha code anti-spam protection (like Google ReCaptcha) to WordPress forms – comments form, registration form, lost password form, and login form. In order to post comments or register, users have to type in the code shown on the image. This prevents spam from automated bots & adds security. No external services (like Google ReCaptcha) are used. No API keys are needed, and no user-identifiable data is used so it’s GDPR compatible.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Captcha position – comments form, login form, registration form, or lost password form.\u003C\u002Fli>\n\u003Cli>Letters type – capital letters, small letters, or captial & small letters.\u003C\u002Fli>\n\u003Cli>Captcha type – alphanumeric, alphabets or numbers.\u003C\u002Fli>\n\u003Cli>Translation enabled.\u003C\u002Fli>\n\u003C\u002Fol>\n","GDPR compatible captcha anti-spam protection for login form, comments form, registration form & lost password form. Eliminate spam with captcha.",100000,708754,34,"2026-04-14T19:46:00.000Z","3.0","5.2",[18,75,76,77,78],"comments-spam","form-captcha","login-captcha","recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-code-authentication.3.31.zip",99,2,"2023-11-24 00:00:00",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":15,"requires_php":22,"tags":97,"homepage":101,"download_link":102,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"recaptcha-in-wp-comments-form","reCAPTCHA in WP comments form","9.1.2","jmviade","https:\u002F\u002Fprofiles.wordpress.org\u002Fjmviade\u002F","\u003Cp>reCAPTCHA in WP comments form plugin is an \u003Cstrong>ANTISPAM tool\u003C\u002Fstrong> that adds the visible Google \u003Cstrong>reCAPTCHA field\u003C\u002Fstrong> inside the comments form of your WP theme when the user is not logged in preventing fraudulent or deceptive comments.\u003C\u002Fp>\n\u003Cp>The plugin also \u003Cstrong>introduces a second verification process\u003C\u002Fstrong> that detects the unauthorized direct accesses by spam robots to the WP comments system and allows you to decide what do you want to do with those comments.\u003C\u002Fp>\n\u003Cp>Finally, the plugin has got an optional \u003Cstrong>forced javascript output mode\u003C\u002Fstrong> that lets you to add a reCAPTCHA field \u003Cstrong>also in old WP themes\u003C\u002Fstrong> that didn’t use the new WP form comments functions but they make a direct output of its own comments form.\u003C\u002Fp>\n\u003Ch4>FEATURES LIST\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Basic Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>All variants\u003C\u002Fstrong> of Google reCAPTCHA field are available\u003C\u002Fli>\n\u003Cli>Two simple steps \u003Cstrong>Installation Wizard\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Automatic \u003Cstrong>default configuration settings\u003C\u002Fstrong> for all plugin components\u003C\u002Fli>\n\u003Cli>Automatic default configuration for reCAPTCHA field\u003C\u002Fli>\n\u003Cli>Configuration settings for Plugin \u003C\u002Fli>\n\u003Cli>Configuration settings for \u003Cstrong>ANTISPAM operation\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Four modes of operation in case of spam robots threats (SPAM, TRASH, DELETE or DIE)\u003C\u002Fli>\n\u003Cli>Visual configuration settings for Google reCAPTCHA: theme, size, type, align, language\u003C\u002Fli>\n\u003Cli>Dynamic comments form sample for viewing configuration settings changes\u003C\u002Fli>\n\u003Cli>Visual Help\u003C\u002Fli>\n\u003Cli>RTL Language support\u003C\u002Fli>\n\u003Cli>Admin Color scheme adapted\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Middle features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forced language option for reCAPTCHA field\u003C\u002Fli>\n\u003Cli>Plugin \u003Cstrong>blocks the submit button\u003C\u002Fstrong> while reCAPTCHA field is not verified\u003C\u002Fli>\n\u003Cli>Plugin \u003Cstrong>changes HTML structure of the comments form\u003C\u002Fstrong> to prevent malicious automatic sendings while reCAPTCHA field is not verified\u003C\u002Fli>\n\u003Cli>Plugin also blocks \u003Cstrong>other elements with \u003Ccode>[type=submit]\u003C\u002Fcode> inside form\u003C\u002Fstrong> in case of a theme customized comments form\u003C\u002Fli>\n\u003Cli>Plugin lets you to write your own \u003Cstrong>additional CSS for the reCAPTCHA field\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>New \u003Cstrong>restore default value buttons\u003C\u002Fstrong> in plugin configuration section for helping you in case of changing WP theme, accidental errors, test environtments, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>reCAPTCHA \u003Cstrong>verification process via AJAX before submitting the form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Second security checking process\u003C\u002Fstrong> for preventing any security breach \u003Cstrong>before saving the comment\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Supporting \u003Cstrong>four different WP comments form HTML structure types\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Advanced plugin options \u003Cstrong>based on HTML queries\u003C\u002Fstrong> for inserting the reCAPTCHA plugin in all kinds of WP themes\u003C\u002Fli>\n\u003Cli>Optional \u003Cstrong>Forced javascript output\u003C\u002Fstrong> that allows you to use the plugin with old WP themes that didn’t use function \u003Ccode>comment_form()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Advanced ID’s tags settings for using this plugin with WP Themes that creates its own comments form HTML struct\u003C\u002Fli>\n\u003Cli>reCAPTCHA javascript initialization that prevents reCAPTCHA conflicts in case of that other plugins use reCAPTCHA.\u003C\u002Fli>\n\u003Cli>New mínimum CSS styles for recaptcha alignment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PLUGIN PAGE\u003C\u002Fh4>\n\u003Cp>To learn more about the plugin, visit the \u003Ca href=\"http:\u002F\u002Fwww.joanmiquelviade.com\u002Fplugin\u002Fgoogle-recaptcha-in-wp-comments-form\u002F\" title=\"Author's plugin page\" rel=\"nofollow ugc\">Plugin page\u003C\u002Fa>.\u003C\u002Fp>\n","reCAPTCHA in WP comments form is an ANTISPAM tool that adds a Google reCAPTCHA to the comments form and protects your site from the spam robots threat &hellip;",8000,72956,82,20,"2019-04-22T12:10:00.000Z","5.1.22",[53,98,99,100,78],"antispam-protection","comments-antispam","comments-recaptcha","http:\u002F\u002Fwww.joanmiquelviade.com\u002Fplugin\u002Fgoogle-recaptcha-in-wp-comments-form\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecaptcha-in-wp-comments-form.9.1.2.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":31,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":49,"tags":117,"homepage":120,"download_link":121,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"toms-recaptcha","TomS reCAPTCHA","1.2.0","TomS Caprice","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomsneddon\u002F","\u003Cp>Integrated Google ReCaptcha for WordPress. Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more popular forms.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Frecaptcha\" rel=\"nofollow ugc\">\u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong>\u003C\u002Fa> is a free service that protects your site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fadmin\u002Fcreate\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa> to get the \u003Cstrong>Site key\u003C\u002Fstrong> and \u003Cstrong>Secret key\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>reCAPTCHA Type:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>reCAPTCHA \u003Cstrong>v3\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Checkbox\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA \u003Cstrong>v2 Invisible\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Form List\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress default login form\u003C\u002Fli>\n\u003Cli>WordPress default register form\u003C\u002Fli>\n\u003Cli>WordPress default lostpassword form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress default comment form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">\u003Cstrong>Woocommerce\u003C\u002Fstrong>\u003C\u002Fa> checkout Billing form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add a shortcode \u003Cstrong>[toms_woo_register_form]\u003C\u002Fstrong> for \u003Cstrong>woocommerce register form\u003C\u002Fstrong> on any page you want.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> login form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> register form\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-member\u002F\" rel=\"ugc\">\u003Cstrong>Ultimate Member\u003C\u002Fstrong>\u003C\u002Fa> lostpassword form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-block\u002F\" rel=\"ugc\">\u003Cstrong>Contact Form Block\u003C\u002Fstrong>\u003C\u002Fa> Contact Form Block\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>more support forms comming soon…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Option settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verify API : \u003Cstrong>Google.com\u003C\u002Fstrong>\u002F\u003Cstrong>Recaptcha.net\u003C\u002Fstrong> \u003Cstrong>—Notice:—\u003C\u002Fstrong> Some country can not use Google verify API, that means Google verify API will not work, even using vpn. If google.com not work try use Recaptcha.net\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Checkbox)  Theme: \u003Cstrong>Light\u003C\u002Fstrong>\u002F\u003Cstrong>Dark\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>reCAPTCHA v2 (Invisible) Badge: \u003Cstrong>Bottom Right\u003C\u002Fstrong>\u002F\u003Cstrong>Bottom Left\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom reCAPTCHA Language\u003C\u002Fh4>\n\u003Ch4>Translation ready\u003C\u002Fh4>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Reliance upon any non-English translation is at your own risk; TomS reCAPTCHA can give no guarantees that translations from the original English are accurate.\u003C\u002Fp>\n\u003Cp>We recognise and thank those mentioned at https:\u002F\u002Ftoms-caprice.org\u002Ftranslations for code and\u002For libraries used and\u002For modified under the terms of their open source licences.\u003C\u002Fp>\n","Integrated Google ReCaptcha for WordPress.Protect the login, register, lostpassword and comment forms. Support Woocommerce, Ultimate Member and more p &hellip;",600,16788,100,"2023-03-29T08:59:00.000Z","6.2.9","5.8",[118,18,119,78,104],"block-spam-comments","nocaptcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftoms-recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftoms-recaptcha.1.2.0.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":22,"tags":137,"homepage":140,"download_link":141,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"advanced-invisible-anti-spam","Advanced Invisible Anti-Spam","1.4.3","Matt Keys","https:\u002F\u002Fprofiles.wordpress.org\u002Fmattkeys\u002F","\u003Cp>Anti-Spam solutions that require your users to fill out captcha’s are frustrating for actual humans, and not that great at stopping bots.\u003C\u002Fp>\n\u003Cp>This solution works automatically without any user configuration, and puts no additional burden on your users. After activation this plugin will go to work stopping: comment spam, spam bot registration, and bbPress spam.\u003C\u002Fp>\n\u003Cp>Key features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fully compatible with wordpress caching plugins or even more advanced server level caching solutions (like WP Engine uses).\u003C\u002Fli>\n\u003Cli>Utilizes randomly generated and rotating token field name and token value, which stops more clever bots that might try caching the ‘solved’ field.\u003C\u002Fli>\n\u003Cli>Anti-spam field is randomly placed within the form on page load to make it difficult for spammers to target the field.\u003C\u002Fli>\n\u003Cli>Developer friendly with filters and actions\u003C\u002Fli>\n\u003Cli>Lightweight, clean, and efficient solution to comment, registration, and bbPress spam\u003C\u002Fli>\n\u003Cli>Uses native JavaScript to avoid jQuery dependancies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Requires JavaScript be enabled in client browser (Users will see a warning if JavaScript is disabled)\u003C\u002Fp>\n","Block bots without annoying captchas. Cache friendly solution with rotating keys! Blocks comment, registration, and bbpress spam. Activate and done!",300,5858,88,7,"2016-04-27T00:59:00.000Z","4.5.33","3.5",[138,18,19,139,21],"bot","invisible","http:\u002F\u002Fmattkeys.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-invisible-anti-spam.zip",{"attackSurface":143,"codeSignals":176,"taintFlows":186,"riskAssessment":212,"analyzedAt":220},{"hooks":144,"ajaxHandlers":167,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":31,"unprotectedCount":11},[145,150,154,158,162],{"type":146,"name":147,"callback":148,"file":149,"line":70},"action","admin_menu","google_recapthca_settings","init.php",{"type":146,"name":151,"callback":152,"file":149,"line":153},"admin_enqueue_scripts","enqueueScripts",36,{"type":146,"name":155,"callback":156,"file":149,"line":157},"wp_enqueue_scripts","add_recaptch_js",37,{"type":146,"name":159,"callback":160,"file":149,"line":161},"pre_comment_on_post","verify_google_recaptcha",40,{"type":163,"name":164,"callback":165,"file":149,"line":166},"filter","comment_form_defaults","add_google_recaptcha",41,[168],{"action":169,"nopriv":170,"callback":169,"hasNonce":171,"hasCapCheck":170,"file":172,"line":133},"save_captcha_keys",false,true,"includes\u002FCFCFORM_CaptchaAjax.php",[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":11,"externalRequests":31,"nonceChecks":31,"capabilityChecks":11,"bundledLibraries":185},[],{"prepared":11,"raw":11,"locations":179},[],{"escaped":81,"rawEcho":31,"locations":181},[182],{"file":149,"line":183,"context":184},61,"raw output",[],[187,204],{"entryPoint":188,"graph":189,"unsanitizedCount":31,"severity":203},"is_valid_captcha (init.php:103)",{"nodes":190,"edges":201},[191,196],{"id":192,"type":193,"label":194,"file":149,"line":195},"n0","source","$_POST['g-recaptcha-response']",107,{"id":197,"type":198,"label":199,"file":149,"line":195,"wp_function":200},"n1","sink","wp_remote_request() [SSRF]","wp_remote_request",[202],{"from":192,"to":197,"sanitized":170},"medium",{"entryPoint":205,"graph":206,"unsanitizedCount":31,"severity":203},"\u003Cinit> (init.php:0)",{"nodes":207,"edges":210},[208,209],{"id":192,"type":193,"label":194,"file":149,"line":195},{"id":197,"type":198,"label":199,"file":149,"line":195,"wp_function":200},[211],{"from":192,"to":197,"sanitized":170},{"summary":213,"deductions":214},"The \"captcha-for-comments-form\" plugin v1.0 demonstrates a generally good security posture based on the provided static analysis. It has a very small attack surface, with only one AJAX handler and no REST API routes, shortcodes, or cron events. Notably, this single AJAX handler is protected by a nonce check, which is a positive sign. The absence of dangerous functions and file operations further strengthens its security.  The plugin also exclusively uses prepared statements for its SQL queries, which is an excellent practice for preventing SQL injection vulnerabilities. However, there are some areas for improvement.  The code signals indicate that 67% of output is properly escaped, meaning one out of three outputs is not, potentially leading to cross-site scripting (XSS) vulnerabilities. Additionally, the taint analysis revealed two flows with unsanitized paths, though they were not categorized as critical or high severity, they still represent a potential risk that warrants attention.  The plugin's vulnerability history is completely clean, with no recorded CVEs, indicating a track record of security. This, combined with its proactive use of prepared statements and nonce checks, suggests a development team that is conscious of security. Despite the minor concerns with unescaped output and unsanitized paths, the plugin appears relatively safe for general use, but users should be aware of the potential for XSS if the unescaped outputs are exploitable.",[215,218],{"reason":216,"points":217},"Unescaped output detected",5,{"reason":219,"points":217},"Flows with unsanitized paths found","2026-04-16T13:53:44.492Z",{"wat":222,"direct":228},{"assetPaths":223,"generatorPatterns":225,"scriptPaths":226,"versionParams":227},[224],"\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-comments-form\u002Fjs\u002Fajax-call.js",[],[],[],{"cssClasses":229,"htmlComments":235,"htmlAttributes":236,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[230,231,232,233,234],"inno-g-captcha-form","g-inno-site-key","g-inno-secret-key","inno-submit","g-recaptcha",[],[237],"data-sitekey",[],[],[],{"error":171,"url":242,"statusCode":243,"statusMessage":244,"message":244},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcaptcha-for-comments-form\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":246},[]]