Does Captcha Spam Blocker have any unpatched vulnerabilities?

No. All known vulnerabilities in Captcha Spam Blocker have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Captcha Spam Blocker compatible with WordPress 6.8.5?

According to WordPress.org data, Captcha Spam Blocker 3.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Captcha Spam Blocker compatible with PHP 5.4+?

Captcha Spam Blocker requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Captcha Spam Blocker updated?

Captcha Spam Blocker was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Captcha Spam Blocker's security score?

Captcha Spam Blocker has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Captcha Spam Blocker Security & Risk Analysis

wordpress.org/plugins/captcha-spam-blocker

Enhance your site’s security with dynamic CAPTCHA, blocking spam and bot access on forms. GDPR-compliant.

50 active installs v3.0.0 PHP 5.4+ WP 4.0+ Updated Unknown

antispamcaptchasecurityspam-protection

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Captcha Spam Blocker Safe to Use in 2026?

Generally Safe

Score 100/100

Captcha Spam Blocker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "captcha-spam-blocker" plugin v3.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries, has no recorded vulnerabilities or CVEs, and performs output escaping on a high percentage of outputs. The absence of file operations and external HTTP requests also reduces potential attack vectors. However, there are significant concerns regarding its attack surface. Two AJAX handlers lack authentication checks, presenting a direct risk of unauthorized access or execution of plugin functionalities. The taint analysis showing zero flows is encouraging but can also be interpreted as limited analysis scope if not comprehensive. The plugin's history of no vulnerabilities could indicate robust development or simply a lack of targeted exploitation thus far. Overall, while the core coding practices are generally sound, the unprotected AJAX endpoints are a notable weakness that needs immediate attention.

Key Concerns

AJAX handlers without authentication checks
Large attack surface with unprotected entry points

Vulnerabilities

None known

Captcha Spam Blocker Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Captcha Spam Blocker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

55 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

74% escaped74 total outputs

Attack Surface

2 unprotected

Captcha Spam Blocker Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_csb_botezatu_generate_captchacaptcha-spam-blocker.php:88

noprivwp_ajax_csb_botezatu_generate_captchacaptcha-spam-blocker.php:89

Shortcodes 1

[csb_botezatu_captcha_spam_blocker] captcha-spam-blocker.php:164

WordPress Hooks 31

actionplugins_loadedcaptcha-spam-blocker.php:83

actioninitcaptcha-spam-blocker.php:84

actionadmin_menucaptcha-spam-blocker.php:85

actionwp_loadedcaptcha-spam-blocker.php:86

actiontemplate_redirectcaptcha-spam-blocker.php:113

actionlogin_formcaptcha-spam-blocker.php:117

filterauthenticatecaptcha-spam-blocker.php:118

filtercomment_form_field_commentcaptcha-spam-blocker.php:124

actioncomment_form_after_fieldscaptcha-spam-blocker.php:126

actioncomment_formcaptcha-spam-blocker.php:128

filterpreprocess_commentcaptcha-spam-blocker.php:129

actionregister_formcaptcha-spam-blocker.php:132

actionregister_postcaptcha-spam-blocker.php:133

actionlostpassword_formcaptcha-spam-blocker.php:136

actionlostpassword_postcaptcha-spam-blocker.php:137

actionwoocommerce_login_formcaptcha-spam-blocker.php:141

filterwp_authenticate_usercaptcha-spam-blocker.php:142

actionwoocommerce_register_formcaptcha-spam-blocker.php:146

filterwoocommerce_registration_errorscaptcha-spam-blocker.php:147

actionwoocommerce_lostpassword_formcaptcha-spam-blocker.php:150

actionlostpassword_postcaptcha-spam-blocker.php:151

actionwoocommerce_review_order_before_submitcaptcha-spam-blocker.php:154

actionwoocommerce_after_checkout_validationcaptcha-spam-blocker.php:155

filterxmlrpc_enabledcaptcha-spam-blocker.php:159

filterwpcf7_form_elementscaptcha-spam-blocker.php:163

filterwpcf7_feedback_responsecaptcha-spam-blocker.php:165

actionwpcf7_initcaptcha-spam-blocker.php:166

filterwpcf7_validatecaptcha-spam-blocker.php:167

actionwp_enqueue_scriptscaptcha-spam-blocker.php:172

actionadmin_enqueue_scriptscaptcha-spam-blocker.php:173

actionlogin_enqueue_scriptscaptcha-spam-blocker.php:174

Maintenance & Trust

Captcha Spam Blocker Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version5.4

Downloads918

Community Trust

Rating90/100

Number of ratings2

Active installs50

Alternatives

Captcha Spam Blocker Alternatives

Captcha by BestWebSoft – Advanced Spam Protection, Math & OCR-Friendly Captcha for Site Forms

captcha-bws

1 The Ultimate Spam Protection Plugin Using Captcha for WordPress Forms.

10K 2 CVEs

CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress

advanced-nocaptcha-recaptcha

Use CAPTCHA to stop spam and allow customers & users to interact with your website easily. Block fake accounts and orders. Avoid false positives.

100K 1 CVE

reCaptcha by BestWebSoft

google-captcha

Protect WordPress website forms from spam entries with Google reCAPTCHA.

100K 3 CVEs

reCAPTCHA in WP comments form

recaptcha-in-wp-comments-form

reCAPTCHA in WP comments form is an ANTISPAM tool that adds a Google reCAPTCHA to the comments form and protects your site from the spam robots threat …

9K No CVEs

$WP Advanced Math Captcha$

WP Advanced Math Captcha

wp-advanced-math-captcha

100

Protect your WordPress site with a powerful and user-friendly Math Captcha. Now with seamless WooCommerce, WPForms, and Formidable Forms integration!

7K No CVEs

Developer Profile

Captcha Spam Blocker Developer Profile

botezatu

1 plugin · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Captcha Spam Blocker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/captcha-spam-blocker/assets/js/captcha-spam-blocker.js/wp-content/plugins/captcha-spam-blocker/assets/css/captcha-spam-blocker.css

Script Paths

assets/js/captcha-spam-blocker.js

Version Parameters

captcha-spam-blocker/assets/css/captcha-spam-blocker.css?ver=captcha-spam-blocker/assets/js/captcha-spam-blocker.js?ver=

HTML / DOM Fingerprints

CSS Classes

csb_botezatu_captcha_wrapper

HTML Comments

Data Attributes

data-csb-noncedata-csb-id

JS Globals

csb_botezatu_ajax_object

REST Endpoints

/wp-json/csb-botezatu/v1/generate

Shortcode Output

[csb_botezatu_captcha_spam_blocker]

FAQ