Does drCaptcha have any unpatched vulnerabilities?

No. All known vulnerabilities in drCaptcha have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is drCaptcha compatible with WordPress 6.4.8?

According to WordPress.org data, drCaptcha 1.0.2 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is drCaptcha compatible with PHP 5.6+?

drCaptcha requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is drCaptcha updated?

drCaptcha was last updated on Apr 17, 2024. Frequent updates are generally a positive security signal.

What is drCaptcha's security score?

drCaptcha has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

drCaptcha Security & Risk Analysis

wordpress.org/plugins/drcaptcha

Simple Captcha antispam and antibot with led number style to Login, Register and Recovery

20 active installs v1.0.2 PHP 5.6+ WP 5.0+ Updated Apr 17, 2024

captchaloginlostpasswordrecoveryregister

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is drCaptcha Safe to Use in 2026?

Generally Safe

Score 92/100

drCaptcha has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The drcaptcha v1.0.2 plugin exhibits a very strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the attack surface. Furthermore, the code signals indicate excellent security practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all output being properly escaped. The presence of a nonce check is also a positive sign. Taint analysis revealed no issues, further bolstering confidence in the code's security. The plugin also has no recorded vulnerability history, which suggests a consistent track record of secure development. The primary strength of this plugin lies in its minimal attack surface and robust implementation of secure coding practices. There are no apparent weaknesses identified in the provided static analysis or vulnerability history.

Vulnerabilities

None known

drCaptcha Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

drCaptcha Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped13 total outputs

Attack Surface

drCaptcha Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionregister_formdrcaptcha.php:117

filterregistration_errorsdrcaptcha.php:118

actionwoocommerce_login_formdrcaptcha.php:121

actionlogin_formdrcaptcha.php:121

filterauthenticatedrcaptcha.php:122

actionlostpassword_formdrcaptcha.php:125

filterlostpassword_errorsdrcaptcha.php:126

actioninitdrcaptcha.php:174

Maintenance & Trust

drCaptcha Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedApr 17, 2024

PHP min version5.6

Downloads730

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

drCaptcha Alternatives

UsersWP – ReCaptcha

userswp-recaptcha

100

ReCaptcha addon for UsersWP.

4K No CVEs

DX Login Register

dx-login-register

Custom login and registration. 自定义登录注册。

300 No CVEs

Frontend Dashboard Captcha

frontend-dashboard-captcha

Frontend Dashboard Captcha WordPress plugin is a supportive plugin for Frontend Dashboard to protect against spam in Login and Register form.

90 No CVEs

Addonify – reCaptcha For EDD

addonify-recaptcha-for-edd

Addonify reCAPTCHA for EDD is a simple plugin that adds Google reCaptcha in Easy Digital Downloads login and registration forms.

70 No CVEs

ThinkCaptcha – Login Captcha, Register Captcha & Checkout reCAPTCHA

thinkcaptcha

100

Secure WordPress & WooCommerce forms with Google reCAPTCHA. Stop spam, bots, and brute-force attacks effectively.

40 No CVEs

Developer Profile

drCaptcha Developer Profile

digireturn

7 plugins · 350 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect drCaptcha

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/drcaptcha/css/drcaptcha.css/wp-content/plugins/drcaptcha/js/drcaptcha.js

HTML / DOM Fingerprints

CSS Classes

drcaptcha-boxdrcaptcha-leddrcaptcha_led-ondrcaptcha-brdrcaptcha-containerdrcaptcha-val

Data Attributes

name="drcaptcha-val"class="drcaptcha-val"name="drcaptcha-check"type="hidden"

Shortcode Output

<div class="drcaptcha-container"><input name="drcaptcha-val" value="" type="text" class="drcaptcha-val" /><input name="drcaptcha-check" value="

FAQ