[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLy1lhr6KsPeR2e_H9AYzl0DpPkWFx-Fo1HMQY_KCKek":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":136,"fingerprints":216},"captcha-for-widgets","Captcha for Widgets","0.1","SimonaIlie","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimonailie\u002F","\u003Cp>This plugin allows you to add captcha for forms in your site. You can choose between (http:\u002F\u002Fwww.google.com\u002Frecaptcha “reCAPTCHA”) and (http:\u002F\u002Fkeith-wood.name\u002FrealPerson.html “Realperson jQuery plugin”) (only one will be available at a time).\u003C\u002Fp>\n\u003Cp>The captcha can be visible on:\u003Cbr \u002F>\n*   \u003Cstrong>all site’s pages\u003C\u002Fstrong> – excluding the default search form and the admin bar search.\u003Cbr \u002F>\n*   \u003Cstrong>certain pages\u003C\u002Fstrong> – you can choose from a pages’ list\u003Cbr \u002F>\n*   \u003Cstrong>certain forms\u003C\u002Fstrong> – if you know how to, you can introduce the jQuery selector for the form (e.g. \u003Ccode>#myform\u003C\u002Fcode>, \u003Ccode>.myform\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>Note: the plugin replaces DOM elements with name and\u002For id \u003Ccode>submit\u003C\u002Fcode>. If there is any CSS formatting on the id \u003Cem>#submit\u003C\u002Fem> you need to replace it.\u003C\u002Fp>\n","Flexible way to inject captca for forms on site.",10,3950,0,"2013-07-24T07:32:00.000Z","3.5.2","3.0.1","",[19,20,21,22],"forms","realperson-plugin","recaptcha","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-for-widgets.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"simonailie",4,60,30,84,"2026-04-04T11:43:13.426Z",[36,55,72,90,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":13,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":17,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"lukacodes-comment-shield","LukaCodes AntiSpam Shield","1.1.3","LukaCodes","https:\u002F\u002Fprofiles.wordpress.org\u002Fluka2013\u002F","\u003Cp>\u003Cstrong>LukaCodes AntiSpam Shield\u003C\u002Fstrong> is a lightweight, no-bloat plugin that protects your WordPress comment section \u003Cstrong>and contact forms\u003C\u002Fstrong> from spam. Five independent tools, one settings page. \u003Ca href=\"https:\u002F\u002Flukacodes.com\u002Fcomment-shield-docs\u002F\" rel=\"nofollow ugc\">Read the full documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable Website Field\u003C\u002Fstrong> — Removes the URL\u002Fwebsite field from the comment form. Works with all themes, including those that hardcode the field (CSS fallback included).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strip Links from Comments\u003C\u002Fstrong> — Automatically removes all \u003Ccode>\u003Ca href>\u003C\u002Fcode> hyperlinks from comment content — both on display and before saving to the database. Spammers get zero benefit from posting links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>reCAPTCHA v3\u003C\u002Fstrong> — Adds Google’s invisible bot-score protection. No checkbox, no puzzle, no friction for real users. Bots are silently blocked server-side.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> — A privacy-friendly CAPTCHA alternative. Mutually exclusive with reCAPTCHA v3 — enabling one automatically disables the other.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Shield\u003C\u002Fstrong> — Adds CAPTCHA to the WordPress login form (\u003Ccode>wp-login.php\u003C\u002Fcode>). Stops brute-force bots silently.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registration Shield\u003C\u002Fstrong> — Adds CAPTCHA to the WordPress registration form. Blocks bot account creation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPForms Integration\u003C\u002Fstrong> — Apply the same CAPTCHA protection to WPForms Lite — using the same keys you already configured, no extra setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All features are \u003Cstrong>independent\u003C\u002Fstrong> — enable only what you need.\u003C\u002Fp>\n\u003Ch4>Login & Registration Shield\u003C\u002Fh4>\n\u003Cp>Version 1.1.2 adds CAPTCHA protection to \u003Ccode>wp-login.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login Shield\u003C\u002Fstrong> — Hooks into \u003Ccode>wp_authenticate_user\u003C\u002Fcode> for server-side verification after credentials are checked. Returns a \u003Ccode>WP_Error\u003C\u002Fcode> if CAPTCHA fails — WordPress displays it as a normal login error.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registration Shield\u003C\u002Fstrong> — Hooks into \u003Ccode>registration_errors\u003C\u002Fcode> to add CAPTCHA validation during registration. Works alongside all other WordPress registration validations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Both are independently togglable in the settings panel. Admins already logged in are never affected.\u003C\u002Fp>\n\u003Ch4>WPForms Integration\u003C\u002Fh4>\n\u003Cp>Version 1.1.0 introduces CAPTCHA protection for \u003Cstrong>WPForms Lite\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hooks into \u003Ccode>wpforms_display_submit_before\u003C\u002Fcode> to inject the CAPTCHA widget before the submit button.\u003C\u002Fli>\n\u003Cli>Hooks into \u003Ccode>wpforms_process\u003C\u002Fcode> for server-side token verification.\u003C\u002Fli>\n\u003Cli>Works with both reCAPTCHA v3 (invisible) and Cloudflare Turnstile (visible widget).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: WPForms Pro includes its own native CAPTCHA integration — this feature is intended for \u003Cstrong>WPForms Lite\u003C\u002Fstrong> users only.\u003C\u002Fp>\n\u003Ch4>Why AntiSpam Shield?\u003C\u002Fh4>\n\u003Cp>Most anti-spam plugins are heavy, require accounts, or add ugly CAPTCHAs. LukaCodes AntiSpam Shield is different:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>~30 KB total — no external libraries, no jQuery dependency\u003C\u002Fli>\n\u003Cli>Settings page with \u003Cstrong>live key testing\u003C\u002Fstrong> — verify your reCAPTCHA or Turnstile keys before enabling\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Link stripping preview\u003C\u002Fstrong> — paste any comment text and see exactly what gets removed\u003C\u002Fli>\n\u003Cli>Graceful fallback: if Google’s or Cloudflare’s API is unreachable, comments are held for moderation (never lost)\u003C\u002Fli>\n\u003Cli>Trusted users (administrators) bypass CAPTCHA checks automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mutual exclusion\u003C\u002Fstrong>: reCAPTCHA v3 and Cloudflare Turnstile cannot be active at the same time\u003C\u002Fli>\n\u003Cli>WP Coding Standards compliant — fully escaped output, nonce-protected AJAX\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>reCAPTCHA v3 — How it works\u003C\u002Fh4>\n\u003Cp>When a visitor submits a form, JavaScript silently requests a score token from Google. The token is sent with the submission and verified server-side against your minimum score threshold (configurable from 0.1 to 1.0). No user interaction required.\u003C\u002Fp>\n\u003Ch4>Cloudflare Turnstile — How it works\u003C\u002Fh4>\n\u003Cp>A Turnstile widget is rendered inside the form. When the visitor completes the challenge, a token is submitted and verified server-side against the Cloudflare API.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin optionally uses the following third-party services:\u003C\u002Fp>\n\u003Ch4>Google reCAPTCHA v3\u003C\u002Fh4>\n\u003Cp>A service provided by Google LLC.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Detects bots and spam on your comment form and contact forms without user interaction.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent:\u003C\u002Fstrong> Only when reCAPTCHA v3 is enabled. A token is sent to \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fsiteverify\u003C\u002Fcode> on each form submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent:\u003C\u002Fstrong> The visitor’s IP address and a reCAPTCHA token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Cloudflare Turnstile\u003C\u002Fh4>\n\u003Cp>A service provided by Cloudflare, Inc.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Presents a privacy-friendly CAPTCHA widget on comment and contact forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent:\u003C\u002Fstrong> Only when Cloudflare Turnstile is enabled. A token is sent to \u003Ccode>https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fcode> on each form submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent:\u003C\u002Fstrong> The visitor’s IP address and a Turnstile token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fwww.cloudflare.com\u002Fwebsite-terms\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Both services are entirely optional. If you do not enter API keys or enable either CAPTCHA, no data is sent to any third party.\u003C\u002Fp>\n","Block comment spam, brute-force logins and bot registrations with reCAPTCHA v3 or Cloudflare Turnstile. Lightweight, no bloat.",252,"2026-03-15T00:09:00.000Z","6.9.4","6.0","8.0",[50,21,22,51,52],"anti-spam","turnstile","wpforms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flukacodes-comment-shield.1.1.3.zip",100,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":13,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":46,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":70,"download_link":71,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"simons-simple-contact-form","Simon's Simple Contact Form","1.0.3","Simon Ward","https:\u002F\u002Fprofiles.wordpress.org\u002Fsi000777\u002F","\u003Cp>\u003Cstrong>Simon’s Simple Contact Form\u003C\u002Fstrong> is a fast, lightweight contact form plugin built for people who want a clean, modern form that “just works” — without the bloat.\u003C\u002Fp>\n\u003Cp>It includes \u003Cstrong>18 built-in themes\u003C\u002Fstrong>, optional \u003Cstrong>SMTP\u003C\u002Fstrong> for better deliverability, and spam protection via \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong> or a simple \u003Cstrong>internal captcha\u003C\u002Fstrong>. You can switch themes instantly from the admin panel and get a beautiful front-end form in minutes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect for:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Business websites & service pages\u003Cbr \u002F>\n– Portfolio sites\u003Cbr \u002F>\n– Landing pages\u003Cbr \u002F>\n– Blogs & small shops that just need a reliable contact form\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>✅ \u003Cstrong>18 Included Themes\u003C\u002Fstrong>\u003Cbr \u002F>\n– One-click theme switching in the admin (AJAX)\u003Cbr \u002F>\n– Clean, modern styles with readable inputs\u003Cbr \u002F>\n– Mobile responsive\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>SMTP (Optional)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Enable SMTP for improved email deliverability\u003Cbr \u002F>\n– Host, port, encryption (TLS\u002FSSL), username & password\u003Cbr \u002F>\n– Leave password blank to keep your saved password\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Spam Protection\u003C\u002Fstrong>\u003Cbr \u002F>\n– Choose \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong> (v2\u002Fv3 compatible) or the \u003Cstrong>internal captcha\u003C\u002Fstrong>\u003Cbr \u002F>\n– Internal captcha is simple and user-friendly\u003Cbr \u002F>\n– reCAPTCHA keys are stored in settings and verified server-side\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Email Control\u003C\u002Fstrong>\u003Cbr \u002F>\n– Set a custom \u003Cstrong>Sender (From)\u003C\u002Fstrong> address (optional)\u003Cbr \u002F>\n– Set a \u003Cstrong>Reply-To override\u003C\u002Fstrong> (optional) or use the visitor’s email\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Addon System\u003C\u002Fstrong>\u003Cbr \u002F>\n– Upload addon ZIPs from the plugin admin area (optional feature)\u003Cbr \u002F>\n– Addons can include \u003Cstrong>Theme Packs\u003C\u002Fstrong> and a \u003Cstrong>Theme Editor\u003C\u002Fstrong> (if installed)\u003Cbr \u002F>\n– “Purchase Addons” button links to your addon shop page (your site)\u003C\u002Fp>\n\u003Ch3>Addons (Theme Packs + Theme Editor)\u003C\u002Fh3>\n\u003Cp>Want even more styles and full control?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Theme Packs:\u003C\u002Fstrong> expand your theme library with additional collections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme Editor:\u003C\u002Fstrong> create your own themes (background images, overlay strength, button gradients, border radius, shadows).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Addon shop:\u003Cbr \u002F>\nhttps:\u002F\u002Fsimonward.net\u002Fproduct-category\u002Fplugin-addons\u002F\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Add the contact form to any post or page using the shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[sscfp_contact_form]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Backwards compatibility: if you were using the old shortcode, it still works:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[simple_contact_form]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>After adding the shortcode:\u003Cbr \u002F>\n– Pick your preferred theme under the \u003Cstrong>Themes\u003C\u002Fstrong> tab.\u003Cbr \u002F>\n– Configure SMTP (optional) under \u003Cstrong>Settings\u003C\u002Fstrong>.\u003Cbr \u002F>\n– Choose captcha type (Internal captcha or Google reCAPTCHA).\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin can optionally connect to \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong> to help prevent spam submissions.\u003C\u002Fp>\n\u003Cp>When Google reCAPTCHA is enabled in the plugin settings:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The visitor’s browser loads Google’s reCAPTCHA JavaScript from google.com when the form is displayed.\u003C\u002Fli>\n\u003Cli>On form submission, the plugin sends the reCAPTCHA token (and, if available, the visitor’s IP address) to Google’s verification endpoint to validate the challenge.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Google reCAPTCHA is provided by Google LLC.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Terms: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003Cli>Privacy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Does this plugin require SMTP?\u003C\u002Fh4>\n\u003Cp>No. SMTP is optional. You can use your default WordPress mail configuration, or enable SMTP for better deliverability.\u003C\u002Fp>\n\u003Ch4>Which captcha options are available?\u003C\u002Fh4>\n\u003Cp>You can choose:\u003Cbr \u002F>\n– \u003Cstrong>Internal Captcha\u003C\u002Fstrong> (simple “solve the sum” style)\u003Cbr \u002F>\n– \u003Cstrong>Google reCAPTCHA\u003C\u002Fstrong> (v2\u002Fv3 compatible)\u003C\u002Fp>\n\u003Ch4>How do I change the email sender \u002F reply-to?\u003C\u002Fh4>\n\u003Cp>In \u003Cstrong>Settings\u003C\u002Fstrong>, you can configure:\u003Cbr \u002F>\n– \u003Cstrong>Sender (From)\u003C\u002Fstrong> address (optional)\u003Cbr \u002F>\n– \u003Cstrong>Reply-To override\u003C\u002Fstrong> (optional)\u003Cbr \u002F>\nIf Reply-To is blank, it will default to the visitor’s email.\u003C\u002Fp>\n\u003Ch4>How many themes are included?\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>18 included themes\u003C\u002Fstrong> are built into the plugin. You can also extend with theme pack addons.\u003C\u002Fp>\n\u003Ch4>Can I add more themes?\u003C\u002Fh4>\n\u003Cp>Yes — via the \u003Cstrong>Addons\u003C\u002Fstrong> tab (if you use theme pack addons). You can also use the \u003Cstrong>Theme Editor addon\u003C\u002Fstrong> (if installed) to make your own.\u003C\u002Fp>\n\u003Ch4>Will it work on mobile?\u003C\u002Fh4>\n\u003Cp>Yes. The form themes are designed to be responsive.\u003C\u002Fp>\n\u003Ch4>Where are addon ZIPs installed?\u003C\u002Fh4>\n\u003Cp>Addons are extracted into:\u003Cbr \u002F>\n    \u002Fwp-content\u002Fuploads\u002Fsscfp-addons\u002F\u003C\u002Fp>\n\u003Ch4>Is this plugin GDPR friendly?\u003C\u002Fh4>\n\u003Cp>The plugin does not add tracking. If you enable Google reCAPTCHA, Google may process user data per their policies. If you want to avoid third-party services, use the internal captcha.\u003C\u002Fp>\n","A lightweight WordPress contact form plugin with 18 themes, SMTP support, Google reCAPTCHA or internal captcha, and instant theme switching.",174,"2026-03-01T15:53:00.000Z","5.6","7.4",[50,68,19,21,69],"contact-form","smtp","https:\u002F\u002Fsimonward.net\u002Fsimons-simple-contact-form\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimons-simple-contact-form.1.0.3.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":54,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":17,"download_link":89,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,89,"2025-04-15T22:52:00.000Z","6.7.5","4.9",[87,88,21,22],"contact-form-7","contact-form-7-recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":66,"tags":105,"homepage":110,"download_link":111,"security_score":112,"vuln_count":113,"unpatched_count":13,"last_vuln_date":114,"fetched_at":26},"advanced-nocaptcha-recaptcha","CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress","7.6.0","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Ch4>IMPORTANT NOTICE\u003C\u002Fh4>\n\u003Cp>CAPTCHA 4WP has been acquired by WPKube. \u003Ca href=\"https:\u002F\u002Fmelapress.com\u002Fcaptcha-4-wp-plugin-acquired-by-wpkube\u002F\" rel=\"nofollow ugc\">Read the announcement\u003C\u002Fa> for more information.\u003Cbr \u002F>\nWe, at Melapress, would like to take this opportunity to thank everyone who has used and supported CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>A free and easy-to-use CAPTCHA plugin for WordPress\u003C\u002Fh3>\n\u003Cp>Protect your WordPress forms and login pages from spam and automated attacks with \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP\u003C\u002Fa>. Choose from multiple ReCAPTCHA versions and strike the right balance between security and user experience.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get the Premium!\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Use the CAPTCHA 4WP plugin to add CAPTCHA checks to WordPress forms and logins. Choose from V2 (I’m not a robot), V2 Invisible, and V3 noCAPTCHA to ensure the best user experience at all times without compromosing security. Avoid false positives falling through the crack with V3 failover to ensure humans can still pass the test even if the result comes back below the passmark.\u003C\u002Fp>\n\u003Ch3>CAPTCHA 4WP key plugin features and capabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add CAPTCHA to WordPress native forms such as login pages, user registration and comments forms etc\u003C\u002Fli>\n\u003Cli>Supports multiple ReCAPTCHA versions\u003C\u002Fli>\n\u003Cli>User-friendly wizards for easy, hassle-free setup\u003C\u002Fli>\n\u003Cli>Set ReCAPTCHA V3 passmark score \u003C\u002Fli>\n\u003Cli>ReCAPTCHA failover configuration (ensure no prospect is incorrectly marked as spam)\u003C\u002Fli>\n\u003Cli>Plugin automatically detects visitors’ language and shows CAPTCHA in that language\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade to CAPTCHA 4WP Premium and get even more\u003C\u002Fh3>\n\u003Cp>With the premium edition of CAPTCHA 4WP, you can choose from a wider range of CAPTCHA service providers, 1-click WooCommerce and other 3rd party plugin support, whitelisting, and much more.\u003C\u002Fp>\n\u003Ch3>Premium features list\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Everything in the free version\u003C\u002Fli>\n\u003Cli>Add CAPTCHA from hCaptcha and Cloudflare Turnstile on your websites, both free and GDPR compliant\u003C\u002Fli>\n\u003Cli>Add Geoblocking on forms and WordPress comments form (block \u002F limit form submissions or comment posting by country)\u003C\u002Fli>\n\u003Cli>Customization options for the CAPTCHA checks text, visual and position on the forms\u003C\u002Fli>\n\u003Cli>One-click integration with WooCommerce\u003C\u002Fli>\n\u003Cli>One-click integration with Contact Form 7, Gravity Forms, WPForms, BuddyPress & other plugins\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Refer to the \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP plugin features and benefits page\u003C\u002Fa> to learn more about the benefits of upgrading to the Premium version of CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>Free and premium support\u003C\u002Fh3>\n\u003Cp>Support for CAPTCHA 4WP is free through the WordPress support forums.\u003C\u002Fp>\n\u003Cp>Premium support for paid customer support is provided via one-to-one email. Upgrade to Premium to benefit from premium support.\u003C\u002Fp>\n\u003Cp>For any other queries, feedback, or if you simply want to get in touch with us, please use our \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">contact form\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>As featured on:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fplugins\u002Fhow-to-add-captcha-in-wordpress-login-and-registration-form\u002F\" rel=\"nofollow ugc\">WP Beginner\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fwordpress\u002Fwordpress-captcha\" rel=\"nofollow ugc\">Elegant Themes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.isitwp.com\u002Fbest-wordpress-captcha-plugins\u002F\" rel=\"nofollow ugc\">IsItWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwplift.com\u002Fbest-wordpress-captcha-plugins\" rel=\"nofollow ugc\">WPLift\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftesterwp.com\u002Fbest-free-captcha-wordpress-plugins\u002F\" rel=\"nofollow ugc\">TesterWP\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Related links and documentation:\u003C\u002Fh3>\n\u003Cp>You can find more detailed information about CAPTCHA tests and the benefits you can take advantage of, and the plugin in the links below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fwhy-need-captcha-wordpress-website\u002F\" rel=\"nofollow ugc\">Why you need CAPTCHA on your WordPress website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdifferent-types-captcha-checks-wordpress\u002F\" rel=\"nofollow ugc\">The different types of CAPTCHA for websites\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fcaptcha-recaptcha-nocaptcha-differences\u002F\" rel=\"nofollow ugc\">What is the difference between CAPTCHA, ReCAPTCHA, and NoCAPTCHA?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting started with CAPTCHA 4WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-to-woocommerce-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WooCommerce forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-wpforms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-gravity-forms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-show-captcha-on-failed-logins\u002F\" rel=\"nofollow ugc\">How to show CAPTCHA on failed logins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">Official Melapress website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installing CAPTCHA 4WP\u003C\u002Fh3>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to “Plugins”page and click the “Add New” button\u003C\u002Fli>\n\u003Cli>Search for “CAPTCHA 4WP”\u003C\u002Fli>\n\u003Cli>Cick install and after that activate the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the plugin from the WordPress plugins repository\u003C\u002Fli>\n\u003Cli>Unzip the zip file and upload the folder to the \u002Fwp-content\u002Fplugins\u002F directory\u003C\u002Fli>\n\u003Cli>Activate CAPTCHA 4WP through the “Plugins” menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","Use CAPTCHA to stop spam and allow customers & users to interact with your website easily. Block fake accounts and orders. Avoid false positives.",100000,3577096,64,268,"2025-06-11T07:53:00.000Z","6.8.5","5.5",[106,107,108,109,21],"antispam-protection","captcha","cloudflare-turnstile","hcaptcha","https:\u002F\u002Fcaptcha4wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-nocaptcha-recaptcha.7.6.0.zip",99,1,"2022-06-29 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":98,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":46,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":17,"download_link":133,"security_score":112,"vuln_count":134,"unpatched_count":13,"last_vuln_date":135,"fetched_at":26},"captcha-code-authentication","Captcha Code","3.3","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>Adds GDPR compatible captcha code anti-spam protection to WordPress forms – comments form, registration form, lost password form, and login form. In order to post comments or register, users have to type in the code shown on the image. This prevents spam from automated bots & adds security. No external services (like Google ReCaptcha) are used. No API keys are needed, and no user-identifiable data is used so it’s GDPR compatible.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Captcha position – comments form, login form, registration form, or lost password form.\u003C\u002Fli>\n\u003Cli>Letters type – capital letters, small letters, or captial & small letters.\u003C\u002Fli>\n\u003Cli>Captcha type – alphanumeric, alphabets or numbers.\u003C\u002Fli>\n\u003Cli>Translation enabled.\u003C\u002Fli>\n\u003C\u002Fol>\n","GDPR compatible captcha anti-spam protection for login form, comments form, registration form & lost password form. Eliminate spam with captcha.",678917,76,34,"2025-12-03T18:21:00.000Z","3.0","5.2",[107,130,131,132,21],"comments-spam","form-captcha","login-captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-code-authentication.3.3.zip",2,"2023-11-24 00:00:00",{"attackSurface":137,"codeSignals":184,"taintFlows":202,"riskAssessment":203,"analyzedAt":215},{"hooks":138,"ajaxHandlers":153,"restRoutes":180,"shortcodes":181,"cronEvents":182,"entryPointCount":183,"unprotectedCount":183},[139,145,149],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_menu","captcha_for_widgets_options_submenu","captcha-for-widgets.php",70,{"type":140,"name":146,"callback":147,"file":143,"line":148},"admin_enqueue_scripts","captcha_for_widgets_admin_scripts",103,{"type":140,"name":150,"callback":151,"file":143,"line":152},"wp_enqueue_scripts","captcha_for_widgets_scripts",147,[154,160,162,166,169,172,174,178],{"action":155,"nopriv":156,"callback":157,"hasNonce":158,"hasCapCheck":158,"file":143,"line":159},"cfw_validate_captcha",true,"cfw_validate_captcha_func",false,167,{"action":155,"nopriv":158,"callback":157,"hasNonce":158,"hasCapCheck":158,"file":143,"line":161},169,{"action":163,"nopriv":156,"callback":164,"hasNonce":158,"hasCapCheck":158,"file":143,"line":165},"tab_recaptcha","cfw_must_login",187,{"action":163,"nopriv":158,"callback":167,"hasNonce":158,"hasCapCheck":158,"file":143,"line":168},"cfw_load_tab_content",188,{"action":170,"nopriv":156,"callback":164,"hasNonce":158,"hasCapCheck":158,"file":143,"line":171},"tab_realperson",189,{"action":170,"nopriv":158,"callback":167,"hasNonce":158,"hasCapCheck":158,"file":143,"line":173},190,{"action":175,"nopriv":156,"callback":176,"hasNonce":158,"hasCapCheck":158,"file":143,"line":177},"cfw_validate_realperson","cfw_validate_realperson_func",209,{"action":175,"nopriv":158,"callback":176,"hasNonce":158,"hasCapCheck":158,"file":143,"line":179},210,[],[],[],8,{"dangerousFunctions":185,"sqlUsage":186,"outputEscaping":188,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":201},[],{"prepared":13,"raw":13,"locations":187},[],{"escaped":13,"rawEcho":189,"locations":190},6,[191,194,196,197,198,199],{"file":192,"line":100,"context":193},"admin\\options.php","raw output",{"file":192,"line":195,"context":193},87,{"file":192,"line":195,"context":193},{"file":192,"line":195,"context":193},{"file":192,"line":195,"context":193},{"file":143,"line":200,"context":193},40,[],[],{"summary":204,"deductions":205},"The \"captcha-for-widgets\" v0.1 plugin exhibits a concerning security posture primarily due to its extensive unprotected entry points. All 8 identified AJAX handlers lack authentication checks, creating a significant attack surface. This means any authenticated user, or potentially even unauthenticated users depending on WordPress context, could trigger these handlers without proper authorization, leading to unintended actions or information disclosure.\n\nThe static analysis reveals a concerning lack of output escaping. With 6 outputs identified and 0% properly escaped, this suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. Any data processed or displayed through these handlers without proper escaping could be injected with malicious scripts. While the plugin avoids dangerous functions and uses prepared statements for its SQL queries, this does not mitigate the immediate risks posed by the unprotected AJAX endpoints and the unescaped output.\n\nThe plugin's vulnerability history is currently clean, with no recorded CVEs. This could indicate either a very recent release, limited usage, or a genuinely well-maintained codebase in terms of known external vulnerabilities. However, the absence of past vulnerabilities does not negate the immediate risks identified in the static analysis. The combination of a large, unprotected attack surface and pervasive output escaping issues presents a substantial risk that requires urgent attention.",[206,208,210,213],{"reason":207,"points":183},"Unprotected AJAX handlers",{"reason":209,"points":189},"No output escaping",{"reason":211,"points":212},"No nonce checks on AJAX",5,{"reason":214,"points":212},"No capability checks","2026-03-17T01:15:59.926Z",{"wat":217,"direct":238},{"assetPaths":218,"generatorPatterns":227,"scriptPaths":228,"versionParams":230},[219,220,221,222,223,224,225,226],"\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fjquery.mycaptcha.js","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fcfw-custom-script.min.js","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fnew.jquery.realperson.min.js","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fjquery.realperson.min.js","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fnew.jquery.realperson.min.css","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fjs\u002Fjquery.realperson.min.css","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fadmin\u002Fjs\u002Fadmin-custom-script.min.js","\u002Fwp-content\u002Fplugins\u002Fcaptcha-for-widgets\u002Fadmin\u002Fcss\u002Fcustom-style.min.css",[],[229],"http:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fjs\u002Frecaptcha_ajax.js",[231,232,233,234,235,236,237],"captcha-for-widgets\u002Fadmin\u002Fcss\u002Fcustom-style.min.css?ver=","captcha-for-widgets\u002Fjs\u002Fnew.jquery.realperson.min.js","captcha-for-widgets\u002Fjs\u002Fjquery.realperson.min.js","captcha-for-widgets\u002Fjs\u002Fnew.jquery.realperson.min.css","captcha-for-widgets\u002Fjs\u002Fjquery.realperson.min.css","captcha-for-widgets\u002Fjs\u002Fjquery.mycaptcha.js","captcha-for-widgets\u002Fjs\u002Fcfw-custom-script.min.js",{"cssClasses":239,"htmlComments":240,"htmlAttributes":259,"restEndpoints":267,"jsGlobals":269,"shortcodeOutput":271},[],[241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,255,258],"Copyright 2013  Ilie Simona (email: simonailie@gmail.com)","This program is free software; you can redistribute it and\u002For modify","it under the terms of the GNU General Public License, version 2, as","published by the Free Software Foundation.","This program is distributed in the hope that it will be useful,","but WITHOUT ANY WARRANTY; without even the implied warranty of","MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the","GNU General Public License for more details.","You should have received a copy of the GNU General Public License","along with this program; if not, write to the Free Software","Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA","DEBUGGING method","CONSTANTS DEFINITIONS","Make sure we don't expose any info if called directly","insert the options javascript","javascript for admin","styles for admin","javascript for front",[260,261,262,263,264,265,266],"admin_ajax_url","activeTab","plugin_url","site_url","cfw_options","page_id","captcha_api",[268],"\u002Fwp-json\u002Fadmin-ajax.php",[270],"Vars",[]]