[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXP1lXhraQDw88krceFkMzkwc9_PIa2UbsIeoad9VP-k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":138,"fingerprints":307},"grecaptcha","GreCAPTCHA","1.4","Beherit","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeherit\u002F","\u003Cp>Plugin protects WordPress website forms from spam and brute-force attacks with Google reCAPTCHA. There is no additional user-unfriendly options, just choose captcha version, enter keys and optionally set captcha theme, size or badge position – nothing more!\u003C\u002Fp>\n\u003Ch4>What forms are protected with reCAPTCHA?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Reset password form\u003C\u002Fli>\n\u003Cli>New password form\u003C\u002Fli>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Comment form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flite-contact-form\u002F\" rel=\"ugc\">Lite Contact Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The reCAPTCHA verification will be required only for not logged in users.\u003C\u002Fp>\n","Protects WordPress website forms from spam and brute-force attacks with Google reCAPTCHA.",20,3063,0,"2021-03-23T16:49:00.000Z","5.7.15","4.9","7.0",[19,20,21,22],"bot","captcha","recaptcha","spam","https:\u002F\u002Fbeherit.pl\u002Fen\u002Fwordpress\u002Fgrecaptcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrecaptcha.1.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":25,"computed_at":35},"beherit",7,420,87,30,"2026-04-04T05:06:05.419Z",[37,61,78,96,113],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"simple-no-bot","Invisible Anti Spam for Contact Form 7 (Simple No-Bot)","2.2.5","lilaeamedia","https:\u002F\u002Fprofiles.wordpress.org\u002Flilaeamedia\u002F","\u003Cp>Simple No-Bot uses javascript to detect if Contact Form 7 is being submitted by a spam bot.\u003C\u002Fp>\n\u003Cp>We wrote this when clients were reporting hundreds of bogus contact forms were getting past Honeypot, but did not want to add a captcha that would impact conversions.\u003C\u002Fp>\n\u003Cp>This lightweight script has been extremely effective for eliminating spam messages from Contact Form 7 (and other forms) submissions. It does not pretend to be a complete anti spam solution.\u003C\u002Fp>\n\u003Ch3>IMPORTANT\u003C\u002Fh3>\n\u003Cp>SNB REJECTS SUBMISSIONS UNLESS THE USER INTERACTS WITH THE FORM. In earlier versions of SNB, the submit button was disabled until this threshold was met. You can now set this option in wp-config.php (see below).\u003C\u002Fp>\n\u003Cp>In most cases it will be enabled after the user starts typing in the first field. It has not broken your form.\u003C\u002Fp>\n\u003Cp>Please report any feedback and false negatives\u002Fpositives on our support form at http:\u002F\u002Fwww.lilaeamedia.com\u002Fcontact\u002F before posting a crappy review. Thanks.\u003C\u002Fp>\n\u003Ch3>New! Improved!\u003C\u002Fh3>\n\u003Cp>You can now hook Simple No Bot into any form. The filter below will return TRUE if bots are detected.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$is_spam = FALSE; \u002F\u002F you can use whatever flag is being used by your plugin. \n$is_spam = apply_filters( 'snb_test_spam', $is_spam );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>We have added additional analysis to detect pesky bots that can mimic browsers and run scripts.\u003C\u002Fp>\n\u003Cp>SNB now keeps a list of IPs as they are flagged as spam and automatically fails them. The oldest IPs are pruned when it reaches 100 (or SNB_MAX_SPAM_IPS, see below). You can pass ?snb_flush=true as Admin to flush all spam IPs.\u003C\u002Fp>\n\u003Cp>You can disable the submit button until the event threshold is reached by adding the following flag to wp-config.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'SNB_DISABLE_SUBMIT', TRUE );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Other configurable options:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'SNB_SPAM_THRESHOLD', 2 ); \u002F\u002F maximum score before being considered spam\ndefine( 'SNB_MIN_EVENTS', 2 ); \u002F\u002F minimum number of events required to fetch token\ndefine( 'SNB_BLOCK_SPAM_IPS', TRUE ); \u002F\u002F use IP blocking on hard fails\ndefine( 'SNB_SPAM_IP_LIFESPAN', 60 * 60 * 24 * 30 ); \u002F\u002F time before spam ips expire - default 30 days\ndefine( 'SNB_MAX_SPAM_IPS', 100 ); \u002F\u002F max number of IPs to store before rotating\ndefine( 'SNB_SESSION_LIFESPAN', 60 * 30 ); \u002F\u002F time token is valid to send message - default 30 minutes\u003Ch3>Support\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Please report any feedback and false negatives\u002Fpositives on our support form at http:\u002F\u002Fwww.lilaeamedia.com\u002Fcontact\u002F\u003C\u002Fp>\n\u003Cp>(c)2019 Lilaea Media\u003C\u002Fp>\n","Simple, lightweight, no captcha, no configuration. Just works.",200,3093,46,3,"2020-01-12T18:05:00.000Z","5.3.21","5.2","5.6",[54,55,56,57,58],"auto-captcha","bot-blocker","contact-form-7","invisible-recaptcha","spam-blocker","http:\u002F\u002Fwww.lilaeamedia.com\u002Fsimple-no-bot\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-no-bot.2.2.5.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":13,"downloaded":69,"rating":13,"num_ratings":13,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":76,"download_link":77,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"mws-click-to-reveal","MWS Click-to-reveal","1.0.3","Modern Web Services","https:\u002F\u002Fprofiles.wordpress.org\u002Fmodernwebservices\u002F","\u003Cp>The plugin leverages Google’s invisible reCaptcha technology. These keys must be input via the plugin’s admin integrations page.\u003C\u002Fp>\n\u003Cp>The main admin page enables admins to manage a list of key\u002Fvalue pairs, where the key is the name of the pair, and the value is the protected value that should only be revealed once a user has proved they are human.\u003C\u002Fp>\n\u003Cp>When editing post\u002Fpage content, a TinyMCE integration enables the post author to click a button to generate a shortcode.\u003Cbr \u002F>\nThe author will be prompted to select the pair they wish to render, along with a initial value to display.\u003C\u002Fp>\n\u003Cp>When the page is rendered, the initial value is rendered into the page. Users can click the initial value to reveal the protected value.\u003C\u002Fp>\n","Prevent spam-bots from harvesting your email address or other sensitive information form your website by requiring users to click to reveal the inform &hellip;",1117,"2018-10-14T12:23:00.000Z","4.9.29","4.0","",[75],"spambot-recaptcha","https:\u002F\u002Fgithub.com\u002Fandrewryantech\u002Fwp-plugin-recaptcha-click-to-reveal","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmws-click-to-reveal.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":13,"downloaded":86,"rating":13,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":73,"tags":90,"homepage":94,"download_link":95,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"ultimate-captcha","Ultimate Captcha reCAPTCHA Plugin for WordPress","1.0.5","ExpressTech Systems","https:\u002F\u002Fprofiles.wordpress.org\u002Fexpresstech\u002F","\u003Cp>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002F' rel=\"nofollow ugc\">Ultimate Captcha\u003C\u002Fa> helps you to protect your website by controlling fake accounts, spam comments. This plugin prevents brute force logins on your WordPress website, also you can avoid fake accounts created by robots.\u003C\u002Fp>\n\u003Cp>The plugin uses reCAPTCHA and it’s totally free. You can protect the following pages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Login Page\u003C\u002Fli>\n\u003Cli>WordPress Registration Page\u003C\u002Fli>\n\u003Cli>WordPress Password Reset Page\u003C\u002Fli>\n\u003Cli>WooCommerce Login Page\u003C\u002Fli>\n\u003Cli>WooCommerce Registration Page\u003C\u002Fli>\n\u003Cli>WooCommerce Password Reset Page\u003C\u002Fli>\n\u003Cli>Post Comments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>DOCUMENTATION\u003C\u002Fh4>\n\u003Cp>\u003Ca href='http:\u002F\u002Fdocs.ultimatecaptcha.com\u002Finstalling-recaptcha\u002F' rel=\"nofollow ugc\">CLICK HERE\u003C\u002Fa> to check the documentation.\u003C\u002Fp>\n\u003Ch4>GET SUPPORT AND PRO FEATURES\u003C\u002Fh4>\n\u003Cp>Get professional support from our experts and pro features to take your site’s security to the next level with \u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Findex.php#pricing-comparasion' rel=\"nofollow ugc\">Ultimate Captcha WordPress Security\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>PRO FEATURES\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Please note:\u003C\u002Fstrong> Using Ultimate Captcha is free, reCAPTCHA is a Google product, we’re not charging for the integration with reCAPTCHA. The following features are improvements and they’re optional.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Fextensions\u002Fpassword-strength\u002F' rel=\"nofollow ugc\">Password Strength\u003C\u002Fa> – This add-on helps you to protect your users’ accounts by managing and monitoring the strength of their passwords.\u003C\u002Fli>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Fextensions\u002Faweber\u002F' rel=\"nofollow ugc\">AWeber\u003C\u002Fa> – This will help you to start with your e-mail marketing campaign. It will add a checkbox to the registration form and ask users to register for your newsletter\u002Fe-mail list.\u003C\u002Fli>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Fextensions\u002Fcustom-pages\u002F' rel=\"nofollow ugc\">Custom Registration & Login Pages\u003C\u002Fa> – This allows you to create custom registration, login and password reset pages. You can also override the default WP pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CUSTOM REGISTRATION AND LOGIN PAGES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Ftesting\u002Fregistration-page\u002F' rel=\"nofollow ugc\">WordPress Custom Registration Page\u003C\u002Fa> – You can take additional information from your users, even you can ask them to input a password.\u003C\u002Fli>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Ftesting\u002Flogin-page\u002F' rel=\"nofollow ugc\">WordPress Custom Login Page\u003C\u002Fa> – This is a custom login page which can be used to override the default WordPress login page.\u003C\u002Fli>\n\u003Cli>\u003Ca href='https:\u002F\u002Fultimatecaptcha.com\u002Ftesting\u002Fpassword-recover\u002F' rel=\"nofollow ugc\">Custom Password Reset Page\u003C\u002Fa> – You can also override the default WP reset link.\u003C\u002Fli>\n\u003C\u002Ful>\n","This is a free plugin to protect your WordPress website.",1409,"2021-10-05T16:56:00.000Z","5.8.13","3.0.1",[91,20,21,92,93],"bots","registration","spam-control","https:\u002F\u002Fultimatecaptcha.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-captcha.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":16,"requires_php":73,"tags":110,"homepage":73,"download_link":112,"security_score":106,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,100,89,"2025-04-15T22:52:00.000Z","6.7.5",[56,111,21,22],"contact-form-7-recaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":133,"download_link":134,"security_score":135,"vuln_count":136,"unpatched_count":13,"last_vuln_date":137,"fetched_at":27},"advanced-nocaptcha-recaptcha","CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress","7.6.0","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Ch4>IMPORTANT NOTICE\u003C\u002Fh4>\n\u003Cp>CAPTCHA 4WP has been acquired by WPKube. \u003Ca href=\"https:\u002F\u002Fmelapress.com\u002Fcaptcha-4-wp-plugin-acquired-by-wpkube\u002F\" rel=\"nofollow ugc\">Read the announcement\u003C\u002Fa> for more information.\u003Cbr \u002F>\nWe, at Melapress, would like to take this opportunity to thank everyone who has used and supported CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>A free and easy-to-use CAPTCHA plugin for WordPress\u003C\u002Fh3>\n\u003Cp>Protect your WordPress forms and login pages from spam and automated attacks with \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP\u003C\u002Fa>. Choose from multiple ReCAPTCHA versions and strike the right balance between security and user experience.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get the Premium!\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Use the CAPTCHA 4WP plugin to add CAPTCHA checks to WordPress forms and logins. Choose from V2 (I’m not a robot), V2 Invisible, and V3 noCAPTCHA to ensure the best user experience at all times without compromosing security. Avoid false positives falling through the crack with V3 failover to ensure humans can still pass the test even if the result comes back below the passmark.\u003C\u002Fp>\n\u003Ch3>CAPTCHA 4WP key plugin features and capabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add CAPTCHA to WordPress native forms such as login pages, user registration and comments forms etc\u003C\u002Fli>\n\u003Cli>Supports multiple ReCAPTCHA versions\u003C\u002Fli>\n\u003Cli>User-friendly wizards for easy, hassle-free setup\u003C\u002Fli>\n\u003Cli>Set ReCAPTCHA V3 passmark score \u003C\u002Fli>\n\u003Cli>ReCAPTCHA failover configuration (ensure no prospect is incorrectly marked as spam)\u003C\u002Fli>\n\u003Cli>Plugin automatically detects visitors’ language and shows CAPTCHA in that language\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade to CAPTCHA 4WP Premium and get even more\u003C\u002Fh3>\n\u003Cp>With the premium edition of CAPTCHA 4WP, you can choose from a wider range of CAPTCHA service providers, 1-click WooCommerce and other 3rd party plugin support, whitelisting, and much more.\u003C\u002Fp>\n\u003Ch3>Premium features list\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Everything in the free version\u003C\u002Fli>\n\u003Cli>Add CAPTCHA from hCaptcha and Cloudflare Turnstile on your websites, both free and GDPR compliant\u003C\u002Fli>\n\u003Cli>Add Geoblocking on forms and WordPress comments form (block \u002F limit form submissions or comment posting by country)\u003C\u002Fli>\n\u003Cli>Customization options for the CAPTCHA checks text, visual and position on the forms\u003C\u002Fli>\n\u003Cli>One-click integration with WooCommerce\u003C\u002Fli>\n\u003Cli>One-click integration with Contact Form 7, Gravity Forms, WPForms, BuddyPress & other plugins\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Refer to the \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP plugin features and benefits page\u003C\u002Fa> to learn more about the benefits of upgrading to the Premium version of CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>Free and premium support\u003C\u002Fh3>\n\u003Cp>Support for CAPTCHA 4WP is free through the WordPress support forums.\u003C\u002Fp>\n\u003Cp>Premium support for paid customer support is provided via one-to-one email. Upgrade to Premium to benefit from premium support.\u003C\u002Fp>\n\u003Cp>For any other queries, feedback, or if you simply want to get in touch with us, please use our \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">contact form\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>As featured on:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fplugins\u002Fhow-to-add-captcha-in-wordpress-login-and-registration-form\u002F\" rel=\"nofollow ugc\">WP Beginner\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fwordpress\u002Fwordpress-captcha\" rel=\"nofollow ugc\">Elegant Themes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.isitwp.com\u002Fbest-wordpress-captcha-plugins\u002F\" rel=\"nofollow ugc\">IsItWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwplift.com\u002Fbest-wordpress-captcha-plugins\" rel=\"nofollow ugc\">WPLift\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftesterwp.com\u002Fbest-free-captcha-wordpress-plugins\u002F\" rel=\"nofollow ugc\">TesterWP\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Related links and documentation:\u003C\u002Fh3>\n\u003Cp>You can find more detailed information about CAPTCHA tests and the benefits you can take advantage of, and the plugin in the links below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fwhy-need-captcha-wordpress-website\u002F\" rel=\"nofollow ugc\">Why you need CAPTCHA on your WordPress website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdifferent-types-captcha-checks-wordpress\u002F\" rel=\"nofollow ugc\">The different types of CAPTCHA for websites\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fcaptcha-recaptcha-nocaptcha-differences\u002F\" rel=\"nofollow ugc\">What is the difference between CAPTCHA, ReCAPTCHA, and NoCAPTCHA?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting started with CAPTCHA 4WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-to-woocommerce-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WooCommerce forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-wpforms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-gravity-forms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-show-captcha-on-failed-logins\u002F\" rel=\"nofollow ugc\">How to show CAPTCHA on failed logins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">Official Melapress website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installing CAPTCHA 4WP\u003C\u002Fh3>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to “Plugins”page and click the “Add New” button\u003C\u002Fli>\n\u003Cli>Search for “CAPTCHA 4WP”\u003C\u002Fli>\n\u003Cli>Cick install and after that activate the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the plugin from the WordPress plugins repository\u003C\u002Fli>\n\u003Cli>Unzip the zip file and upload the folder to the \u002Fwp-content\u002Fplugins\u002F directory\u003C\u002Fli>\n\u003Cli>Activate CAPTCHA 4WP through the “Plugins” menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","Use CAPTCHA to stop spam and allow customers & users to interact with your website easily. Block fake accounts and orders. Avoid false positives.",100000,3577096,64,268,"2025-06-11T07:53:00.000Z","6.8.5","5.5","7.4",[130,20,131,132,21],"antispam-protection","cloudflare-turnstile","hcaptcha","https:\u002F\u002Fcaptcha4wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-nocaptcha-recaptcha.7.6.0.zip",99,1,"2022-06-29 00:00:00",{"attackSurface":139,"codeSignals":244,"taintFlows":265,"riskAssessment":293,"analyzedAt":306},{"hooks":140,"ajaxHandlers":240,"restRoutes":241,"shortcodes":242,"cronEvents":243,"entryPointCount":13,"unprotectedCount":13},[141,147,153,157,161,165,168,172,176,180,183,187,190,192,195,200,204,208,212,216,220,224,226,230,234,237],{"type":142,"name":143,"callback":144,"priority":135,"file":145,"line":146},"action","comment_form_after_fields","grecaptcha_comments_field","includes\\comments.php",14,{"type":148,"name":149,"callback":150,"priority":151,"file":145,"line":152},"filter","comment_form_submit_button","grecaptcha_comments_form_submit_button",10,23,{"type":142,"name":154,"callback":155,"file":145,"line":156},"wp_print_footer_scripts","grecaptcha_comments_enqueue_inline_scripts",31,{"type":148,"name":158,"callback":159,"priority":151,"file":145,"line":160},"pre_comment_approved","grecaptcha_comments_verify",43,{"type":148,"name":162,"callback":163,"file":164,"line":146},"lcf_after_fields","grecaptcha_lcf_add_tag","includes\\lcf.php",{"type":142,"name":154,"callback":166,"file":164,"line":167},"grecaptcha_lcf_enqueue_inline_scripts",35,{"type":142,"name":169,"callback":170,"file":164,"line":171},"lcf_enqueue_scripts","grecaptcha_lcf_enqueue_scripts",37,{"type":148,"name":173,"callback":174,"priority":151,"file":164,"line":175},"lcf_validate_g-recaptcha-response","grecaptcha_lcf_validate",48,{"type":142,"name":177,"callback":178,"file":179,"line":146},"login_enqueue_scripts","grecaptcha_enqueue_login_scripts","includes\\login.php",{"type":142,"name":181,"callback":182,"file":179,"line":167},"login_footer","grecaptcha_enqueue_login_inline_scripts",{"type":142,"name":184,"callback":185,"priority":135,"file":179,"line":186},"login_form","grecaptcha_login_field",41,{"type":142,"name":188,"callback":185,"priority":135,"file":179,"line":189},"lostpassword_form",42,{"type":142,"name":191,"callback":185,"priority":135,"file":179,"line":160},"resetpass_form",{"type":142,"name":193,"callback":185,"priority":135,"file":179,"line":194},"register_form",44,{"type":148,"name":196,"callback":197,"priority":198,"file":179,"line":199},"authenticate","grecaptcha_validate_login_form",25,59,{"type":142,"name":201,"callback":202,"file":179,"line":203},"lostpassword_post","grecaptcha_validate_password_form",70,{"type":148,"name":205,"callback":206,"priority":135,"file":179,"line":207},"registration_errors","grecaptcha_validate_register_form",82,{"type":142,"name":209,"callback":210,"file":211,"line":11},"admin_init","grecaptcha_register_settings","includes\\settings.php",{"type":142,"name":213,"callback":214,"file":211,"line":215},"admin_menu","grecaptcha_add_settings",39,{"type":148,"name":217,"callback":218,"file":219,"line":146},"wpcf7_verify_nonce","grecaptcha_wpcf7_verify_nonce","includes\\wpcf7.php",{"type":148,"name":221,"callback":222,"file":219,"line":223},"wpcf7_load_js","grecaptcha_wpcf7_fix_loading",24,{"type":148,"name":225,"callback":222,"file":219,"line":198},"wpcf7_load_css",{"type":148,"name":227,"callback":228,"priority":151,"file":219,"line":229},"wpcf7_validate_grecaptcha","grecaptcha_wpcf7_validate",34,{"type":142,"name":231,"callback":232,"file":219,"line":233},"wpcf7_init","grecaptcha_wpcf7_add_tag",36,{"type":142,"name":154,"callback":235,"file":219,"line":236},"grecaptcha_wpcf7_enqueue_inline_scripts",57,{"type":142,"name":238,"callback":239,"file":219,"line":199},"wpcf7_enqueue_scripts","grecaptcha_wpcf7_enqueue_scripts",[],[],[],[],{"dangerousFunctions":245,"sqlUsage":246,"outputEscaping":248,"fileOperations":13,"externalRequests":136,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":264},[],{"prepared":13,"raw":13,"locations":247},[],{"escaped":136,"rawEcho":249,"locations":250},6,[251,254,257,258,260,262],{"file":145,"line":252,"context":253},12,"raw output",{"file":255,"line":256,"context":253},"includes\\core.php",122,{"file":179,"line":215,"context":253},{"file":211,"line":259,"context":253},105,{"file":211,"line":261,"context":253},111,{"file":211,"line":263,"context":253},146,[],[266,285],{"entryPoint":267,"graph":268,"unsanitizedCount":136,"severity":284},"grecaptcha_verify (includes\\core.php:156)",{"nodes":269,"edges":281},[270,275],{"id":271,"type":272,"label":273,"file":255,"line":274},"n0","source","$_SERVER",169,{"id":276,"type":277,"label":278,"file":255,"line":279,"wp_function":280},"n1","sink","wp_remote_post() [SSRF]",175,"wp_remote_post",[282],{"from":271,"to":276,"sanitized":283},false,"medium",{"entryPoint":286,"graph":287,"unsanitizedCount":136,"severity":284},"\u003Ccore> (includes\\core.php:0)",{"nodes":288,"edges":291},[289,290],{"id":271,"type":272,"label":273,"file":255,"line":274},{"id":276,"type":277,"label":278,"file":255,"line":279,"wp_function":280},[292],{"from":271,"to":276,"sanitized":283},{"summary":294,"deductions":295},"The \"grecaptcha\" plugin version 1.4 exhibits a mixed security posture. On one hand, the static analysis reveals an absence of direct attack surface points like AJAX handlers, REST API routes, shortcodes, or cron events, which is a positive sign for reducing initial exploit vectors. Furthermore, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries, indicating a strong defense against SQL injection.  However, significant concerns arise from the output escaping and taint analysis.  A very low percentage of output is properly escaped (14%), suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities where user-supplied data could be rendered directly in the browser.  The taint analysis revealing two flows with unsanitized paths, even without critical or high severity assignments, points to potential weaknesses in how data is handled and could be exploited in conjunction with the poor output escaping.",[296,299,302,304],{"reason":297,"points":298},"Low output escaping percentage",8,{"reason":300,"points":301},"Unsanitized paths found in taint analysis",5,{"reason":303,"points":301},"No nonce checks",{"reason":305,"points":301},"No capability checks","2026-03-16T23:07:42.345Z",{"wat":308,"direct":313},{"assetPaths":309,"generatorPatterns":310,"scriptPaths":311,"versionParams":312},[],[],[],[],{"cssClasses":314,"htmlComments":319,"htmlAttributes":320,"restEndpoints":332,"jsGlobals":333,"shortcodeOutput":336},[315,316,317,318],"grecaptcha_version","grecaptcha_version v2_checkbox","grecaptcha_version v2_invisible","grecaptcha_version v3",[],[321,322,323,324,325,326,327,328,329,330,331],"id=\"grecaptcha_version\"","name=\"grecaptcha_version\"","id=\"grecaptcha_site_key\"","name=\"grecaptcha_site_key\"","id=\"grecaptcha_secret_key\"","name=\"grecaptcha_secret_key\"","id=\"grecaptcha_v2_size\"","name=\"grecaptcha_v2_size\"","id=\"grecaptcha_v2_badge\"","name=\"grecaptcha_v2_badge\"","name=\"grecaptcha_v3_threshold\"",[],[334,335],"document.querySelector('#grecaptcha_version')","document.querySelectorAll('.grecaptcha_version')",[]]