Does Human Presence – Stop Form Spam Without ReCaptcha have any unpatched vulnerabilities?

No. All known vulnerabilities in Human Presence – Stop Form Spam Without ReCaptcha have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Human Presence – Stop Form Spam Without ReCaptcha compatible with WordPress 6.4.8?

According to WordPress.org data, Human Presence – Stop Form Spam Without ReCaptcha 3.4.51 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

What is Human Presence – Stop Form Spam Without ReCaptcha's security score?

Human Presence – Stop Form Spam Without ReCaptcha has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Human Presence – Stop Form Spam Without ReCaptcha Security & Risk Analysis

wordpress.org/plugins/ellipsis-human-presence-technology

The #1 Plugin for Blocking Form Spam on WordPress

1K active installs v3.4.51 PHP + WP 3.0+ Updated Feb 23, 2024

anti-spamantispamcaptchacomment-spamform-spam

B · Generally Safe

CVEs total1

Unpatched0

Last CVESep 11, 2019

Plugin page Download

Safety Verdict

Is Human Presence – Stop Form Spam Without ReCaptcha Safe to Use in 2026?

Mostly Safe

Score 84/100

Human Presence – Stop Form Spam Without ReCaptcha is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Sep 11, 2019Updated 2yr ago

Risk Assessment

The ellipsis-human-presence-technology v3.4.51 plugin exhibits a generally positive security posture with several good practices in place. The plugin demonstrates robust SQL query handling with 100% usage of prepared statements and a high percentage (90%) of properly escaped output, mitigating common web vulnerabilities. The presence of nonces and capability checks on several entry points further indicates an awareness of security best practices. However, some concerns remain.

The static analysis revealed a potentially dangerous function 'assert' and a taint flow with an unsanitized path, which could present a risk if exploited. While the plugin has a history of one high-severity vulnerability, it is currently patched, suggesting that past issues have been addressed. The attack surface is minimal, with only one AJAX handler and no direct REST API routes or shortcodes exposed, which is a strength. The plugin also avoids bundling external libraries, reducing the risk of outdated dependencies.

Overall, the plugin has strong fundamentals, but the identified 'assert' function and unsanitized path require careful consideration. The history of a high-severity vulnerability, though patched, serves as a reminder of the need for continued vigilance. The low number of entry points and the emphasis on prepared statements and output escaping are commendable strengths that outweigh the identified weaknesses, making the plugin moderately secure with areas for improvement.

Key Concerns

Dangerous function 'assert' found
Flow with unsanitized path identified
One high severity vulnerability historically

Vulnerabilities

Human Presence – Stop Form Spam Without ReCaptcha Security Vulnerabilities

CVEs by Year

1 CVE in 2019

2019

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-33e010dd-d9b2-410c-8397-638def946fbe-ellipsis-human-presence-technologyhigh · 7.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Human Presence – Stop Form Spam Without ReCaptcha < 2.0.9 - Reflected Cross-Site Scripting

Sep 11, 2019 Patched in 2.0.9 (1595d)

Code Analysis

Analyzed Mar 16, 2026

Human Presence – Stop Form Spam Without ReCaptcha Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

72 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

assertassert(strlen($data) == 16);classes\class-hpres-utils.php:142

Output Escaping

90% escaped80 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

process_save_settings (classes\class-hpres-settings.php:47)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Human Presence – Stop Form Spam Without ReCaptcha Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_hpres_form_enabled_changeclasses\class-hpres-settings.php:17

WordPress Hooks 81

filterhuman_presence_activation_hook_fileclasses\class-convesio.php:19

filterhuman_presence_partnerclasses\class-convesio.php:20

actionadmin_enqueue_scriptsclasses\class-hpres-settings.php:18

actionadmin_initclasses\class-hpres-settings.php:19

actionadmin_initclasses\class-hpres-settings.php:25

actionhp_upgradeclasses\class-hpres-settings.php:26

actionadmin_initclasses\class-hpres-settings.php:27

actionadmin_noticesclasses\class-hpres-utils.php:73

actionadmin_noticesclasses\class-hpres-utils.php:120

filterhumanpresence_forms_listintegrations\contact-form-7-forms.php:13

filterwpcf7_spamintegrations\contact-form-7-forms.php:14

actionhumanpresence_autoprotect_formsintegrations\contact-form-7-forms.php:15

actionwpcf7_after_createintegrations\contact-form-7-forms.php:20

actionwpcf7_after_updateintegrations\contact-form-7-forms.php:21

actionplugins_loadedintegrations\contact-form-7-forms.php:108

filterhumanpresence_forms_listintegrations\elementor-forms.php:14

actionelementor_pro/forms/validationintegrations\elementor-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\elementor-forms.php:16

actionplugins_loadedintegrations\elementor-forms.php:112

filterhumanpresence_forms_listintegrations\fluent-forms.php:14

filterfluentform/validation_errorsintegrations\fluent-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\fluent-forms.php:16

actionplugins_loadedintegrations\fluent-forms.php:105

filterhumanpresence_forms_listintegrations\formidable-forms.php:14

filterfrm_validate_entryintegrations\formidable-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\formidable-forms.php:16

actionfrm_update_formintegrations\formidable-forms.php:23

actionfrm_after_duplicate_formintegrations\formidable-forms.php:24

actionplugins_loadedintegrations\formidable-forms.php:113

filterhumanpresence_forms_listintegrations\gravity-forms.php:13

filtergform_validationintegrations\gravity-forms.php:14

actionhumanpresence_autoprotect_formsintegrations\gravity-forms.php:15

filtergform_validation_messageintegrations\gravity-forms.php:16

actiongform_after_save_formintegrations\gravity-forms.php:21

actiongform_after_duplicate_formintegrations\gravity-forms.php:22

actionplugins_loadedintegrations\gravity-forms.php:130

filterhumanpresence_forms_listintegrations\happy-forms.php:14

filterhappyforms_validate_submissionintegrations\happy-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\happy-forms.php:16

actionplugins_loadedintegrations\happy-forms.php:114

actionadmin_noticesintegrations\ninja-forms.php:16

filterhumanpresence_forms_listintegrations\ninja-forms.php:27

filterninja_forms_submit_dataintegrations\ninja-forms.php:28

actionhumanpresence_autoprotect_formsintegrations\ninja-forms.php:29

actionninja_forms_save_formintegrations\ninja-forms.php:34

actionplugins_loadedintegrations\ninja-forms.php:138

filterhumanpresence_forms_listintegrations\quform-forms.php:14

filterquform_post_validateintegrations\quform-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\quform-forms.php:16

actionplugins_loadedintegrations\quform-forms.php:102

filterhumanpresence_forms_listintegrations\we-forms.php:13

filterweforms_before_entry_submissionintegrations\we-forms.php:14

actionhumanpresence_autoprotect_formsintegrations\we-forms.php:15

actionplugins_loadedintegrations\we-forms.php:258

actionweforms_after_save_formintegrations\we-forms.php:260

filterweforms-get-form-settingsintegrations\we-forms.php:261

filterweforms-get-form-fieldsintegrations\we-forms.php:262

actionweforms_humanpresence_global_settings_formintegrations\we-forms.php:263

filterhumanpresence_forms_listintegrations\wordpress-comments.php:13

actionwp_insert_commentintegrations\wordpress-comments.php:14

actionhumanpresence_autoprotect_formsintegrations\wordpress-comments.php:15

actionplugins_loadedintegrations\wordpress-comments.php:84

filterhumanpresence_forms_listintegrations\wp-forms.php:14

filterwpforms_process_initial_errorsintegrations\wp-forms.php:15

actionhumanpresence_autoprotect_formsintegrations\wp-forms.php:16

actionwpforms_create_formintegrations\wp-forms.php:23

actionwpforms_save_formintegrations\wp-forms.php:24

actionplugins_loadedintegrations\wp-forms.php:105

filterhumanpresence_forms_listintegrations\ws-form.php:13

filterwsf_action_humanpresence_checkintegrations\ws-form.php:14

actionhumanpresence_autoprotect_formsintegrations\ws-form.php:15

actionplugins_loadedintegrations\ws-form.php:110

actionwp_loadedwp-human-presence.php:183

actionadmin_menuwp-human-presence.php:287

actionadmin_enqueue_scriptswp-human-presence.php:294

filtercron_scheduleswp-human-presence.php:296

actionhuman_presence_autoprotect_scanwp-human-presence.php:299

actionwp_enqueue_scriptswp-human-presence.php:302

filterscript_loader_tagwp-human-presence.php:303

filterscript_loader_tagwp-human-presence.php:304

actionwp_loadedwp-human-presence.php:592

Scheduled Events 1

human_presence_autoprotect_scan

Maintenance & Trust

Human Presence – Stop Form Spam Without ReCaptcha Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedFeb 23, 2024

PHP min version

Downloads33K

Community Trust

Rating94/100

Number of ratings15

Active installs1K

Alternatives

Human Presence – Stop Form Spam Without ReCaptcha Alternatives

WP Armour – Honeypot Anti Spam

honeypot

Fastest growing Anti Spam plugin. No API calls, subscriptions, captcha or puzzle. Full GDPR complaint. For comments, contact form, login, registration

300K 2 CVEs

reCaptcha by BestWebSoft

google-captcha

Protect WordPress website forms from spam entries with Google reCAPTCHA.

100K 3 CVEs

WPBruiser {no- Captcha anti-Spam}

goodbye-captcha

An extremely powerful antispam plugin that blocks spam-bots without annoying captcha images.

10K No CVEs

Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant

gdpr-compliant-recaptcha-for-all-forms

Anti-spam - CAPTCHA that protects all forms against spam and brute-force. Invisible and GDPR-compliant.

4K 1 CVE

WP referrer spam blacklist (fight 2040+ Referrer Spammers in (Google/Matomo) Analytics)

wp-referrer-spam-blacklist

WordPress plugin to fight with 2040+ referrer spammers (like semalt, buttons-for-website and many more).

700 No CVEs

Developer Profile

Human Presence – Stop Form Spam Without ReCaptcha Developer Profile

humanpresence

1 plugin · 1K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

1595 days

View full developer profile

Detection Fingerprints

How We Detect Human Presence – Stop Form Spam Without ReCaptcha

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ellipsis-human-presence-technology/assets/css/hpres-styles.css/wp-content/plugins/ellipsis-human-presence-technology/assets/js/hpres-scripts.js

Script Paths

/wp-content/plugins/ellipsis-human-presence-technology/assets/js/hpres-scripts.js

Version Parameters

ellipsis-human-presence-technology/assets/css/hpres-styles.css?ver=ellipsis-human-presence-technology/assets/js/hpres-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

hpres-settings-wrapperhuman-presence-protectionhpres-field-wrapper

Data Attributes

data-hpres-form-iddata-hpres-options

JS Globals

HumanPresenceAPIhpresSettings

FAQ