[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdNqlvGIT53Q2OIFeHpF63GOrNMn8MHTavXYsJg2QEEc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":138,"fingerprints":209},"formidable-anti-spam","Formidable Anti-Spam","1.0","thomstark","https:\u002F\u002Fprofiles.wordpress.org\u002Fthomstark\u002F","\u003Cp>A lightweight Formidable Pro anti-spam add-on. No intrusion on the user, simply checks the time it takes to submit the form and generates an error when that time is under a certain threshold.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Formidable Pro 1.7+\u003C\u002Fli>\n\u003Cli>WordPress 3.7+\u003C\u002Fli>\n\u003Cli>PHP 5.2+\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight Formidable Pro anti-spam add-on that requires no interaction with the user.",70,2048,100,1,"2014-10-01T00:11:00.000Z","4.0.38","3.7","",[20,21,22,23,24],"anti-spam","bot","formidable","formidable-pro","spam","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformidable-anti-spam\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fformidable-anti-spam.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},5,130,30,84,"2026-04-04T19:19:01.813Z",[39,65,86,105,121],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":60,"download_link":61,"security_score":62,"vuln_count":63,"unpatched_count":28,"last_vuln_date":64,"fetched_at":30},"blackhole-bad-bots","Blackhole for Bad Bots","3.8","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cblockquote>\n\u003Cp>✨ Trap bad bots in a virtual black hole\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Do NOT use this plugin on sites with caching. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fimportant-do-not-use-on-sites-with-caching\u002F\" rel=\"ugc\">Learn more »\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👾 Bye bye bad bots..\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Bad bots are the worst. They do all sorts of nasty stuff and waste server resources. The Blackhole plugin helps to stop bad bots and save precious resources for legit visitors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👾 How does it work?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>First the plugin adds a hidden trigger link to the footer of your pages. You then add a line to your robots.txt file that forbids all bots from following the hidden link. Bots that then ignore or disobey your robots rules will crawl the link and fall into the trap. Once trapped, bad bots are denied further access to your WordPress site.\u003C\u002Fp>\n\u003Cp>I call it the “one-strike” rule: bots have one chance to obey your site’s robots.txt rule. Failure to comply results in immediate banishment. The best part is that the Blackhole only affects bad bots: human users never see the hidden link, and good bots obey the robots rules in the first place. Win-win! 🙂\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>✨ Add a blackhole trap to help stop bad bots\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Do NOT use this plugin on sites with caching. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fimportant-do-not-use-on-sites-with-caching\u002F\" rel=\"ugc\">Learn more »\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👾 Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to set up\u003C\u002Fli>\n\u003Cli>Squeaky clean code\u003C\u002Fli>\n\u003Cli>Focused and modular\u003C\u002Fli>\n\u003Cli>Lightweight, fast and flexible\u003C\u002Fli>\n\u003Cli>Built with the WordPress API\u003C\u002Fli>\n\u003Cli>Works with other security plugins\u003C\u002Fli>\n\u003Cli>Easy to reset the list of bad bots\u003C\u002Fli>\n\u003Cli>Easy to delete any bot from the list\u003C\u002Fli>\n\u003Cli>Regularly updated and “future proof”\u003C\u002Fli>\n\u003Cli>Blackhole link includes “nofollow” attribute\u003C\u002Fli>\n\u003Cli>Plugin options configurable via settings screen\u003C\u002Fli>\n\u003Cli>Works silently behind the scenes to protect your site\u003C\u002Fli>\n\u003Cli>Whitelists all major search engines to never block\u003C\u002Fli>\n\u003Cli>Focused on flexibility, performance, and security\u003C\u002Fli>\n\u003Cli>Email alerts with WHOIS lookup for blocked bots\u003C\u002Fli>\n\u003Cli>Complete inline documentation via the Help tab\u003C\u002Fli>\n\u003Cli>Provides setting to whitelist any IP addresses\u003C\u002Fli>\n\u003Cli>Customize the message displayed to bad bots 😉\u003C\u002Fli>\n\u003Cli>One-click restore the plugin default options\u003C\u002Fli>\n\u003Cli>Does NOT use or require any .htaccess rules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Blackhole for Bad Bots protects your site against bad bots, spammers, scrapers, scanners, and other automated threats.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>✨ Not using WordPress? Check out the \u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fblackhole-bad-bots\u002F\" rel=\"nofollow ugc\">standalone PHP version of Blackhole\u003C\u002Fa>!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>👾 Whitelist\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>By default, this plugin does NOT block any of the major search engines (user agents):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AOL.com\u003C\u002Fli>\n\u003Cli>Baidu\u003C\u002Fli>\n\u003Cli>Bingbot\u002FMSN\u003C\u002Fli>\n\u003Cli>DuckDuckGo\u003C\u002Fli>\n\u003Cli>Googlebot\u003C\u002Fli>\n\u003Cli>Teoma\u003C\u002Fli>\n\u003Cli>Yahoo!\u003C\u002Fli>\n\u003Cli>Yandex\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These search engines (and all of their myriad variations) are whitelisted via user agent. So are a bunch of other “useful” bots. They always are allowed full access to your site, even if they disobey your robots.txt rules. This list can be customized in the plugin settings. For a complete list of whitelisted bots, visit the Help tab in the plugin settings (under “Whitelist Settings”).\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>✨ Check out \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> and level up with advanced features!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>👾 Exclusive Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Option to disable for logged-in users\u003C\u002Fli>\n\u003Cli>Threshold control (number of allowed hits)\u003C\u002Fli>\n\u003Cli>Custom email alerts\u003C\u002Fli>\n\u003Cli>Custom messages for blocked bots\u003C\u002Fli>\n\u003Cli>Custom redirect for blocked bots\u003C\u002Fli>\n\u003Cli>Custom blackhole trigger links\u003C\u002Fli>\n\u003Cli>Complete inline documentation\u003C\u002Fli>\n\u003Cli>Block bots based on user agent\u003C\u002Fli>\n\u003Cli>Block bots based on IP address\u003C\u002Fli>\n\u003Cli>Whitelist\u002Fallow bots by user agent\u003C\u002Fli>\n\u003Cli>Whitelist\u002Fallow bots by IP address\u003C\u002Fli>\n\u003Cli>Redirect whitelisted bots\u003C\u002Fli>\n\u003Cli>Set custom HTTP Status Code\u003C\u002Fli>\n\u003Cli>Full-featured Bad Bot Log with paging, sorting, and field search\u003C\u002Fli>\n\u003Cli>Manually add bad bots to the Bad Bot Log\u003C\u002Fli>\n\u003Cli>Geo\u002FIP location lookups for each bad bot\u003C\u002Fli>\n\u003Cli>Logs number of blocked hits for each bot\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>..plus everything the free version can do and more.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>✨ Learn more and \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">get Blackhole Pro »\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>👾 Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Data:\u003C\u002Fstrong> This plugin automatically blocks bad bots. When bad bots fall into the trap, their IP address, user agent, and other request data are stored in the WP database. No other user data is collected by this plugin. At any time, the administrator may delete all saved data via the plugin settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Services:\u003C\u002Fstrong> This plugin does not connect to any third-party locations or services.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cookies:\u003C\u002Fstrong> This plugin does not set any cookies.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Credit:\u003C\u002Fstrong> Header Image Courtesy NASA\u002FJPL-Caltech.\u003C\u002Fp>\n\u003Cp>Blackhole for Bad Bots is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👾 Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Blackhole is a WordPress security plugin that detects and traps bad bots in a virtual black hole, where they are denied access to your entire site.",30000,863484,94,147,"2026-02-06T22:29:00.000Z","6.9.4","4.7","5.6.20",[20,56,57,58,59],"blackhole","bots","honeypot","security","https:\u002F\u002Fperishablepress.com\u002Fblackhole-bad-bots\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblackhole-bad-bots.3.8.zip",91,2,"2026-03-25 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":80,"tags":81,"homepage":18,"download_link":85,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"altcha-spam-protection","ALTCHA Spam Protection","1.26.3","Daniel","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielregeci\u002F","\u003Cp>\u003Cstrong>This is ALTCHA Plugin version 1.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>ALTCHA Plugin version 2 is now available, offering improved protection and enhanced reliability. An upgrade is recommended for all users.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fwordpress\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fwordpress\u002Finstall\" rel=\"nofollow ugc\">Installation guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fwordpress\u002Fmigrating-from-v1\u002F\" rel=\"nofollow ugc\">Migration guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>What’s new in version 2:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Effective\u003C\u002Fstrong>: blocks 99% of spam and abuse attempts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invisible for users\u003C\u002Fstrong>: frictionless protection, no puzzles or CAPTCHAs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works everywhere\u003C\u002Fstrong>: plugin-agnostic \u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fwordpress\u002Ffeatures\u002F#request-interceptor--works-everywhere\" rel=\"nofollow ugc\">Request Interceptor\u003C\u002Fa> integrates with any form plugin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Handles heavy traffic\u003C\u002Fstrong>: stay online with \u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fwordpress\u002Ffeatures\u002F#under-attack-mode--stay-online-under-pressure\" rel=\"nofollow ugc\">Under Attack Mode\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stops abuse at scale\u003C\u002Fstrong>: firewall and rate limiting included\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-first\u003C\u002Fstrong>: 100% GDPR-compliant and fully accessible\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited\u003C\u002Fstrong>: no external services, unlimited verifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about ALTCHA at \u003Ca href=\"https:\u002F\u002Faltcha.org\" rel=\"nofollow ugc\">altcha.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Faltcha.org\" rel=\"nofollow ugc\">ALTCHA\u003C\u002Fa> provides a free, open-source Captcha alternative utilizing a proof-of-work mechanism to safeguard your website against spam and unwanted content. Our anti-spam solution ensures robust spam protection without compromising user privacy.\u003C\u002Fp>\n\u003Cp>Unlike other solutions, ALTCHA is free, open-source, and self-hosted. It operates independently without external services, avoids the use of cookies and fingerprinting, refrains from user tracking, and maintains full compliance with GDPR regulations.\u003C\u002Fp>\n\u003Ch3>Free Mode\u003C\u002Fh3>\n\u003Cp>The free self-hosted mode is enabled by default after installation. No additional setup is required, except enabling the integrations you need in the plugin settings.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Ch4>No cookies, no tracking\u003C\u002Fh4>\n\u003Cp>ALTCHA prioritizes user privacy by avoiding the use of cookies and fingerprinting techniques.\u003C\u002Fp>\n\u003Ch4>No external service\u003C\u002Fh4>\n\u003Cp>Operating in Self-hosted mode (the default setting), this plugin remains fully contained within your WordPress installation, eliminating any reliance on external services. You can opt-in for our SaaS version to utilize the Spam Filter API. For more information visit https:\u002F\u002Faltcha.org.\u003C\u002Fp>\n\u003Ch3>Modes of Operation\u003C\u002Fh3>\n\u003Cp>This plugin operates in two modes, you can select which mode you want in the settings (see API Region):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Self-hosted – free, fully self-contained without external services.\u003C\u002Fli>\n\u003Cli>Custom or SaaS API – requires a server such as \u003Ca href=\"https:\u002F\u002Faltcha.org\u002Fdocs\u002Fv2\u002Fsentinel\u002F\" rel=\"nofollow ugc\">ALTCHA Sentinel\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>REST API\u003C\u002Fh3>\n\u003Cp>This plugin requires the WordPress REST API. If you are using any “Disable REST API” plugins, ensure that the endpoint \u003Ccode>\u002Faltcha\u002Fv1\u002Fchallenge\u003C\u002Fcode> is allowed.\u003C\u002Fp>\n\u003Ch3>Supported Integrations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>CoBlocks\u003C\u002Fli>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>Elementor Pro Forms\u003C\u002Fli>\n\u003Cli>Enfold Theme\u003C\u002Fli>\n\u003Cli>Formidable Forms\u003C\u002Fli>\n\u003Cli>Forminator\u003C\u002Fli>\n\u003Cli>GravityForms\u003C\u002Fli>\n\u003Cli>HTML Forms\u003C\u002Fli>\n\u003Cli>WPDiscuz\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>WP-Members\u003C\u002Fli>\n\u003Cli>WordPress Login, Register, Password reset\u003C\u002Fli>\n\u003Cli>WordPress Comments\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>Custom HTML (with a short code \u003Ccode>[altcha]\u003C\u002Fcode>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Source Code\u003C\u002Fh3>\n\u003Cp>All source code for the plugin, and the ALTCHA widget is available on GitHub. In the repository, you’ll also find versions of non-minified JavaScript and CSS assets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plugin: https:\u002F\u002Fgithub.com\u002Faltcha-org\u002Fwordpress-plugin\u003C\u002Fli>\n\u003Cli>ALTCHA Widget: https:\u002F\u002Fgithub.com\u002Faltcha-org\u002Faltcha\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Terms of Service And Privacy Policy for SaaS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Privacy Policy: https:\u002F\u002Faltcha.org\u002Fprivacy-policy\u003C\u002Fli>\n\u003Cli>Terms of Service: https:\u002F\u002Faltcha.org\u002Fterms-of-service\u003C\u002Fli>\n\u003C\u002Ful>\n","ALTCHA offers a free, open-source Captcha alternative, ensuring robust spam protection while respecting user privacy and GDPR compliance.",7000,48992,78,21,"2025-12-14T10:39:00.000Z","6.8.5","5.0","7.3",[82,83,20,84,24],"altcha","anti-bot","captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faltcha-spam-protection.1.26.3.zip",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":52,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":103,"download_link":104,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"en-spam","En Spam","1.1","hatul","https:\u002F\u002Fprofiles.wordpress.org\u002Fhatul\u002F","\u003Cp>“En Spam” blocks totally comments and form submissions of bots by cookies and javascript. Bots can’t use cookies and javascript and therefore will not be able to comment.\u003Cbr \u002F>\nUsers that blocking cookies or Javascript can to comment after transfer in special page.\u003C\u002Fp>\n\u003Cp>We protect Elementor Pro and Contact Form 7 (cf7) forms and default comments of WordPress.\u003C\u002Fp>\n\u003Cp>The plugin is transparent to your visitors, only bots will be blocked.\u003C\u002Fp>\n\u003Cp>You can see how many spambots blocked in dashboard widget.\u003C\u002Fp>\n\u003Cp>“En Spam” means “have not spam” in Hebrew.\u003C\u002Fp>\n","Block spam with cookies and JavaScript. All Spambots will remain away from your blog. Without settings or Captcha, install and forget the spam.",600,16567,82,7,"2025-11-30T08:38:00.000Z","2.0",[20,101,21,102,24],"block-spam","comment","http:\u002F\u002Fhatul.info\u002Fen-spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fen-spam.1.1.zip",{"slug":106,"name":107,"version":6,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":28,"num_ratings":28,"last_updated":114,"tested_up_to":115,"requires_at_least":79,"requires_php":116,"tags":117,"homepage":119,"download_link":120,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"gwp-captcha","GWP-Captcha","karlkiesinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fkarlkiesinger\u002F","\u003Cp>This is a simple captcha system. That you can setting how many letter you would like and pick on what form you would like it on. The captcha in a image with easy to read. It dose not  using any cookie to storing data. It send the code in a encryption to the file that makes the image. If you would like more features with this. Please go to my web site\u003C\u002Fp>\n","This will add letter captcha to your register form, login form, and lostpassword form. You can turn them on or off. If you only want it to be on for r …",200,1710,"2023-01-21T16:54:00.000Z","6.1.10","7.4",[118,84],"anti-spam-bots","http:\u002F\u002Fglobalwebplugin.com\u002Fcaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgwp-captcha.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":13,"downloaded":129,"rating":28,"num_ratings":28,"last_updated":130,"tested_up_to":78,"requires_at_least":18,"requires_php":131,"tags":132,"homepage":136,"download_link":137,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"exact-match-disallowed-comment-contact-forms","Exact Match Disallowed Comment & Contact Forms","1.3.1","Ryan Howard","https:\u002F\u002Fprofiles.wordpress.org\u002Fryhowa\u002F","\u003Cp>Change the default WordPress comment blocklist functionality to exact match and save entries marked as spam for review.\u003C\u002Fp>\n\u003Cp>The WordPress comment blocklist inside matches keywords, so for example, blocklisting a word such as “pasta” will automatically delete comments containing “pastaroni” or “anitpasta” (but not “chef boyardee”).\u003C\u002Fp>\n\u003Cp>If you try to use the WordPress comment blocklist for contact form entries, this can be hugely problematic. The first major issue is falsely identifying comments as spam so you risk blocking valid contact form entries.\u003C\u002Fp>\n\u003Cp>Additionally, there’s no moderation queue built into Formidable Forms, Contact Form 7, or Gravity Forms for entries marked as spam. This plugin fixes those issues.\u003C\u002Fp>\n\u003Ch4>Changing the default WordPress comment blocklist functionality\u003C\u002Fh4>\n\u003Cp>This plugin changes the default inside match blocklist functionality to exact match keywords, URLs, and ip addresses. If you add “karaoke” to your blocklist you’ll only be blocking “karaoke” and not “karaoke stars.”\u003C\u002Fp>\n\u003Ch4>Retaining Contact Form Entries\u003C\u002Fh4>\n\u003Cp>The plugin also retains contact form entries marked as spam in your database, so you can check them from the WordPress admin area.\u003C\u002Fp>\n\u003Ch4>Important Notes \u002F FAQ\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>For default comments in a post after submitting, if blocklisted, the comment will go to Spam status, whereas the default functionality would be to send that comment to the trash.\u003C\u002Fli>\n\u003Cli>We’re currently configured to work with Contact Form 7, Formidable Forms and Gravity Forms.\u003C\u002Fli>\n\u003Cli>Add keywords you want to block to the WordPress admin area under \u003Cstrong>Settings > Discussion > Disallowed Comment Keys\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Upon activation, the plugin will automatically populate three keywords by default in the “Disallowed Comment Keys” field in the WP Admin area. This is so you know things are working. We leave it to the user to control their specific blocklist keywords. If you want a list of we’ll known spam words as a starting point, check your preferred search engine for “ultimate comment blocklist” or “WordPress comment blocklist.”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CAUTION:\u003C\u002Fstrong> Even though this is a significantly less blunt approach than the default WordPress functionality, please be careful. If you add the word “appointment” to your blocklist, you will block any form fill with the word “appointment” from getting through to your inbox.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support the Plugin\u003C\u002Fh4>\n\u003Cp>If you love this plugin and want to support it, you can help us by linking to this page, leaving constructive feedback, or sending a monetary donation \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Fcompletewebresources\" rel=\"nofollow ugc\">paypal.me\u002Fcompletewebresources\u003C\u002Fa>.\u003C\u002Fp>\n","Change the default WordPress comment blocklist functionality to exact match and save entries marked as spam for review.",3539,"2025-11-17T17:52:00.000Z","7.0",[20,133,134,22,135],"blacklist","contact-form-7","gravity-forms","https:\u002F\u002Fwww.completewebresources.com\u002Fexact-match-disallowed-comment-contact-forms-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexact-match-disallowed-comment-contact-forms.1.3.1.zip",{"attackSurface":139,"codeSignals":174,"taintFlows":198,"riskAssessment":199,"analyzedAt":208},{"hooks":140,"ajaxHandlers":170,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":28,"unprotectedCount":28},[141,147,152,156,159,163,167],{"type":142,"name":143,"callback":144,"priority":145,"file":146,"line":97},"action","frm_entry_form","fields",10,"classes\\FrmAntiSpamActions.php",{"type":148,"name":149,"callback":150,"priority":151,"file":146,"line":151},"filter","frm_validate_field_entry","errors",8,{"type":142,"name":153,"callback":154,"priority":145,"file":155,"line":97},"frm_add_form_settings_section","section","classes\\FrmAntiSpamFormOptions.php",{"type":148,"name":157,"callback":158,"file":155,"line":151},"frm_setup_new_form_vars","vars",{"type":148,"name":160,"callback":161,"file":155,"line":162},"frm_setup_edit_form_vars","edit_vars",9,{"type":148,"name":164,"callback":165,"priority":166,"file":155,"line":145},"frm_form_options_before_update","update",15,{"type":142,"name":168,"callback":154,"file":169,"line":97},"frm_add_settings_section","classes\\FrmAntiSpamGlobalSettingsForm.php",[],[],[],[],{"dangerousFunctions":175,"sqlUsage":176,"outputEscaping":178,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":197},[],{"prepared":28,"raw":28,"locations":177},[],{"escaped":28,"rawEcho":151,"locations":179},[180,183,185,187,190,191,193,195],{"file":146,"line":181,"context":182},13,"raw output",{"file":146,"line":184,"context":182},18,{"file":146,"line":186,"context":182},20,{"file":188,"line":189,"context":182},"includes\\global-settings.php",12,{"file":188,"line":184,"context":182},{"file":188,"line":192,"context":182},24,{"file":188,"line":194,"context":182},32,{"file":188,"line":196,"context":182},33,[],[],{"summary":200,"deductions":201},"The 'formidable-anti-spam' plugin v1.0 currently exhibits a seemingly strong security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events that could serve as entry points for malicious actors. Furthermore, the code signals do not indicate the presence of dangerous functions, raw SQL queries, file operations, external HTTP requests, or unexploited taint flows. The absence of any known vulnerabilities in its history also contributes to a positive initial assessment.\n\nHowever, a significant concern arises from the complete lack of output escaping (0% properly escaped). This suggests that any output generated by the plugin could be vulnerable to Cross-Site Scripting (XSS) attacks, allowing attackers to inject malicious scripts into web pages viewed by other users. The absence of nonces and capability checks across all potential entry points, though currently minimal, also poses a future risk if the plugin's attack surface were to expand or if new vulnerabilities were discovered in its logic. While the current lack of vulnerabilities is a strength, the critical flaw in output escaping overshadows the other positive indicators, demanding immediate attention.",[202,204,206],{"reason":203,"points":151},"All output is unescaped",{"reason":205,"points":33},"No capability checks found",{"reason":207,"points":33},"No nonce checks found","2026-03-16T21:34:40.709Z",{"wat":210,"direct":218},{"assetPaths":211,"generatorPatterns":213,"scriptPaths":214,"versionParams":215},[212],"\u002Fwp-content\u002Fplugins\u002Fformidable-anti-spam\u002Fcss\u002Fstyle.css",[],[],[216,217],"formidable-anti-spam\u002Fcss\u002Fstyle.css?ver=","formidable-anti-spam.php?ver=",{"cssClasses":219,"htmlComments":220,"htmlAttributes":221,"restEndpoints":222,"jsGlobals":223,"shortcodeOutput":224},[],[],[],[],[],[]]