[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhYov4zI6EC2vHjV-mlXgY9bu6G0-PDHbAl_xWcxI0Bo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":129,"fingerprints":231},"honeypot-antispam","Honeypot Anti-Spam","1.0.5","RaiolaNetworks","https:\u002F\u002Fprofiles.wordpress.org\u002Fraiolanetworks\u002F","\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fraiolanetworks.com\u002Fblog\u002Fanti-spam-wordpress\u002F\" title=\"Información y soporte\" rel=\"nofollow ugc\">Información\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Honeypot Anti-Spam es un plugin antispam para WordPress que te permite proteger los formularios de comentarios mediante la técnica honeypot.\u003C\u002Fp>\n\u003Cp>El uso de la técnica honeypot implica que, si instalas Honeypot Anti-Spam, no necesitarás incluir un molesto captcha en tu WordPress. El motivo es que honeypot es completamente invisible para el visitante.\u003C\u002Fp>\n\u003Cp>La técnica antispam honeypot consiste en un campo oculto que se introduce mediante javascript en los formularios. Un visitante legítimo nunca llega a ver este campo ni, por lo tanto, a rellenarlo. En cambio, los spam bots lo detectan y lo rellenan, por lo que el comentario o envío se clasifica como SPAM de manera inmediata.\u003C\u002Fp>\n\u003Cp>Honeypot Anti-Spam NO tiene opciones ni configuración. Para hacer que empiece a funcionar solo tienes que instalar y activar. Nada más.\u003C\u002Fp>\n\u003Ch3>Instalación\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Instalar y activar el plugin desde el dahsboard de WordPress.\u003C\u002Fli>\n\u003Cli>¡Ya está! No tienes que hacer nada más.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Preguntas frecuentes\u003C\u002Fh3>\n\u003Ch4>¿Es efectiva la técnica honeypot para el spam?\u003C\u002Fh4>\n\u003Cp>Sí, es efectiva contra bots, aunque NO funciona contra el spam manual. De todas formas, en el 99,99% de los casos, el spam se realiza de forma automática mediante bots.\u003C\u002Fp>\n\u003Ch4>¿Afectará en algo a mi WordPress?\u003C\u002Fh4>\n\u003Cp>No, el sistema es completamente automático y no afecta al funcionamiento normal de WordPress: es transparente.\u003Cbr \u002F>\nEn casos muy raros, algún plugin puede dar problemas con el javascript usado para insertar el campo honeypot, pero ocurre muy pocas veces.\u003C\u002Fp>\n\u003Ch4>¿Puedo usar Honeypot Anti-Spam con Disqus o wpDisquz?\u003C\u002Fh4>\n\u003Cp>No, Honeypot Anti-Spam no es compatible con otros sistemas de comentarios que no sean los de WordPress.\u003C\u002Fp>\n\u003Ch3>Incluido por defecto en:\u003C\u002Fh3>\n\u003Cp>Servicio de hosting para WordPress de Raiola Networks.\u003C\u002Fp>\n","Protege WordPress del SPAM mediante honeypot.",10000,67253,94,12,"2024-08-01T15:32:00.000Z","6.6.5","3.3","5.6",[20,21,22,23,24],"antispam","comment","honeypot","security","spam","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhoneypot-antispam\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhoneypot-antispam.1.0.5.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"raiolanetworks",1,30,88,"2026-04-03T21:40:06.883Z",[39,60,81,98,115],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":11,"downloaded":47,"rating":48,"num_ratings":14,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":28,"last_vuln_date":59,"fetched_at":30},"cf7-antispam","AntiSpam for Contact Form 7","0.7.4","Erik","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodekraft\u002F","\u003Cp>Are you unsatisfied with your current antispam solution for Contact Form 7? It might be using an ineffective method to combat the specific type of bot attacks you’re facing. Fortunately, I have a solution for you!\u003Cbr \u002F>\nAntispam for Contact Form 7 is a simple yet highly effective plugin that protects your mailbox from bot flooding. Say goodbye to tedious configurations and captchas, which often lead to reduced conversions and inconvenience for genuine users. Our plugin utilizes a combination of on-page and off-page bot traps, along with an auto-learning mechanism powered by a statistical “Bayesian” spam filter called B8.\u003Cbr \u002F>\nCF7-AntiSpam seamlessly integrates with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflamingo\u002F\" rel=\"ugc\">Flamingo\u003C\u002Fa> and enhances its functionality. When both plugins are installed, Flamingo gains additional controls, and an extra dashboard widget is enabled.\u003C\u002Fp>\n\u003Ch3>SETUP\u003C\u002Fh3>\n\u003Cp>Basic – Install and go! No configuration, keys, or registrations are required to activate the antispam protection. In this case, some protections, such as fingerprinting, language checks, and honeypots, will be enabled.\u003Cbr \u002F>\nAdvanced – For CF7A to properly analyze the email content using its dictionary, it needs to parse the input message field of your form. To notify the antispam to check this field, you’ll need to add a “marker” to each contact form on your website. Simply add ‘flamingo_message: “[your-message]”‘ in the additional settings panel of each contact form you want to secure. This process follows the same method used with Flamingo. While this step may seem tedious, it is required for advanced text statistical analysis. Without it, the B8 filter cannot be enabled.\u003Cbr \u002F>\nGeoIP – (Optional) If you need to restrict which countries or languages can email you, you can enable this functionality. To enable GeoIP, you’ll need to agree to the GeoLite2 End User License Agreement and sign up for GeoLite2 Downloadable Databases. This will provide you with the required key to download the database. For detailed instructions, please refer to the dedicated section in the cf7-antispam plugin settings.\u003C\u002Fp>\n\u003Ch3>Antispam Available Tests\u003C\u002Fh3>\n\u003Cp>✅ Browser Fingerprinting\u003Cbr \u002F>\n✅ Language checks (Geo-ip, http headers and browser)\u003Cbr \u002F>\n✅ Honeypot\u003Cbr \u002F>\n️🆕 Honeyform*\u003Cbr \u002F>\n✅ Domain Name System Blackhole List (aka DNSBL)\u003Cbr \u002F>\n✅ blocklists (with automatic ban after N failed attempts, user defined ip exclusion list)\u003Cbr \u002F>\n✅ Hidden fields with encrypted unique hash\u003Cbr \u002F>\n✅ Time elapsed (with min\u002Fmax values)\u003Cbr \u002F>\n✅ Prohibited words in message\u002Femail and user agent\u003Cbr \u002F>\n✅ B8 statistical “Bayesian” spam filter\u003Cbr \u002F>\n✅ Identity protection\u003Cbr \u002F>\n✅ Webmail protection\u003C\u002Fp>\n\u003Ch3>Extends Flamingo and turns it into a spam manager!\u003C\u002Fh3>\n\u003Cp>With this plugin, you can now review emails and train B8 to identify spam and legitimate messages. This feature proves useful, especially during the initial stages when some spam emails may slip through.\u003Cbr \u002F>\nAlready using Flamingo? Even better! Just remember to add ‘flamingo_message: “[your-message]”‘ to the advanced settings (similar to other Flamingo labels) before activating the plugin. Alternatively, you can explore the advanced options and select “rebuild dictionary.”\u003Cbr \u002F>\nUpon activating CF7A, all previously collected emails will be parsed, and B8 will learn and develop its vocabulary. This pre-trained algorithm gives you a head start. How cool is that?\u003Cbr \u002F>\nAdditional Notes:\u003Cbr \u002F>\n– A new column has been added to the right side of the Flamingo inbound page, displaying the level of spaminess for each email.\u003Cbr \u002F>\n– If you unban an email on the Flamingo “inbound” page, the corresponding IP will be removed from the blocklist. However, marking an email as spam will not blocklist the IP again.\u003Cbr \u002F>\n– Before activating this plugin, please make sure to mark all spam emails as spam in the Flamingo inbound section. This auto-training process will help the B8 algorithm.\u003Cbr \u002F>\n– If you receive a spam message, please avoid deleting it from the “ham” section. Instead, place it in the spam section to teach B8 how to differentiate between spam and legitimate messages.\u003C\u002Fp>\n\u003Ch3>B8 statistical “Bayesian” Filter\u003C\u002Fh3>\n\u003Cp>Originally created by \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGary_Robinson\" rel=\"nofollow ugc\">Gary Robinson\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.linuxjournal.com\u002Farticle\u002F6467\" rel=\"nofollow ugc\">b8 is a statistical “Bayesian”\u003C\u002Fa> spam filter implemented in PHP.\u003Cbr \u002F>\nThe B8 filter is a foundational example of \u003Cstrong>Machine Learning (ML)\u003C\u002Fstrong> for text classification, representing an early, yet powerful, statistical approach in Natural Language Processing (NLP). This approach precedes feature-weighting methods like \u003Cstrong>TF-IDF\u003C\u002Fstrong>, which in turn paved the way for modern deep learning architectures, such as \u003Cstrong>Transformers\u003C\u002Fstrong> and \u003Cstrong>GPT\u003C\u002Fstrong>.\u003Cbr \u002F>\nThe filter tells you whether a text is spam or not, using statistical text analysis. What it does is: you give b8 a text and it returns a value between 0 and 1, saying it’s ham when it’s near 0 and saying it’s spam when it’s near 1. See \u003Ca href=\"https:\u002F\u002Fnasauber.de\u002Fopensource\u002Fb8\u002Freadme.html#how-does-it-work\" rel=\"nofollow ugc\">How does it work?\u003C\u002Fa> for details about this.\u003Cbr \u002F>\nTo be able to distinguish spam and ham (non-spam), b8 first has to learn some spam and some ham texts. If it makes mistakes when classifying unknown texts or the result is not distinct enough, b8 can be told what the text actually is, getting better with each learned text.\u003Cbr \u002F>\nThis takes place on your own server without relying on third-party services.\u003Cbr \u002F>\nMore info: \u003Ca href=\"https:\u002F\u002Fnasauber.de\u002Fopensource\u002Fb8\u002F\" rel=\"nofollow ugc\">nasauber.de\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Identity protection\u003C\u002Fh3>\n\u003Cp>To fully protect the forms, it may be necessary to enable a couple of additional controls, because bots use the public data of the website to spam on it.\u003Cbr \u002F>\n– The first is user related and denies those who are not logged in the possibility of asking (sensitive) information about the user via wp-api and the protection for the xmlrpc exploit wordpress.\u003Cbr \u002F>\n– The second one is the WordPress protection that will obfuscate sensitive WordPress and server data, adding some headers in order to enhance security against xss and so on.\u003Cbr \u002F>\nWill be hidden the WordPress and WooCommerce version (wp_generator, woo_version), pingback (X-Pingback), server (nginx|apache|…) and php version (X-Powered-By), enabled xss protection headers (X-XSS-Protection), removes rest api link from header (but it will only continue to work if the link is not made public).\u003C\u002Fp>\n\u003Ch3>Mailbox Protection (Multiple Send)\u003C\u002Fh3>\n\u003Cp>Enhance email security by enabling the “Multiple Send” feature, which prevents consecutive email submissions to the user’s mailbox. This measure is effective in thwarting automated spam attempts and ensures a secure communication environment.\u003C\u002Fp>\n\u003Ch3>Security & Privacy: A Local-First Approach\u003C\u002Fh3>\n\u003Cp>AntiSpam for Contact Form 7 is built with your security and privacy as the \u003Cstrong>top priority\u003C\u002Fstrong>. Unlike many modern anti-spam solutions that rely on external cloud services or third-party subscriptions, our plugin is designed to run \u003Cstrong>entirely on your own WordPress installation\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% Local Processing:\u003C\u002Fstrong> All anti-spam logic, checks, and data processing are performed directly on your server. \u003Cstrong>No data is ever sent to, or stored by, any external third-party service\u003C\u002Fstrong> (including ours).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Not a Software as a Service (SaaS):\u003C\u002Fstrong> This plugin is a standalone, self-contained software solution, not an interface to a paid or subscription-based external service. Once installed, it works autonomously.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security:\u003C\u002Fstrong> Since there is \u003Cstrong>no central server or external API endpoint\u003C\u002Fstrong> to communicate with, your website is immune to potential risks associated with centralized services, such as Single Point of Failure or data breach risks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You retain complete control and ownership over the security of your Contact Form 7 submissions.\u003C\u002Fp>\n\u003Ch3>Privacy Notices\u003C\u002Fh3>\n\u003Cp>AntiSpam for Contact Form 7 only processes the IP but doesn’t store any personal data directly from the user input. However, it creates a dictionary of spam and ham (non-spam) words in the WordPress database.\u003Cbr \u002F>\nThis dictionary is built from words found in the submitted messages, meaning it \u003Cstrong>may contain words that were part of the user’s e-mail message or personal data\u003C\u002Fstrong>. This data is “degenerated,” which means the words might be normalized or altered before being stored.\u003Cbr \u002F>\nThe sole purpose of this word collecting is to build a dictionary used for local, decentralized spam detection.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Community support: via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontact-form-7-antispam\u002F\" rel=\"ugc\">support forums\u003C\u002Fa> on wordpress.org\u003Cbr \u002F>\nBug reporting (preferred): file an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ferikyo\u002Fcontact-form-7-antispam\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>We love your input! We want to make contributing to this project as easy and transparent as possible, whether it’s:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reporting a bug\u003C\u002Fli>\n\u003Cli>Testing the plugin with different user agent and report fingerprinting failures\u003C\u002Fli>\n\u003Cli>Discussing the current state, features, improvements\u003C\u002Fli>\n\u003Cli>Submitting a fix or a new feature\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We use GitHub to host code, to track issues and feature requests, as well as accept pull requests.\u003Cbr \u002F>\nBy contributing, you agree that your contributions will be licensed under its GPLv2 License.\u003C\u002Fp>\n\u003Cp>My goal is to create an antispam that protects cf7 definitively without relying on external services. And free for everyone.\u003Cbr \u002F>\nif you want to help me, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ferikyo\u002Fcontact-form-7-antispam\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> is the right place 😉\u003C\u002Fp>\n\u003Ch3>copyright\u003C\u002Fh3>\n\u003Cp>AntiSpam for Contact Form 7, Copyright 2021 Codekraft Studio\u003Cbr \u002F>\nAntiSpam for Contact Form 7 is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software: you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation, either version 3 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003Cbr \u002F>\nSee the LICENSE file for more details.\u003C\u002Fp>\n\u003Ch4>Resources\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contact Form 7 and Flamingo © 2021 Takayuki Miyoshi,\u003Ca href=\"https:\u002F\u002Fit.wordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\" rel=\"nofollow ugc\">LGPLv3 or later\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>B8 https:\u002F\u002Fnasauber.de\u002Fopensource\u002Fb8\u002F, © 2021 Tobias Leupold, \u003Ca href=\"https:\u002F\u002Fgitlab.com\u002Fl3u\u002Fb8\u002F-\u002Ftree\u002Fab26daa6b293e6aa059d24ce7cf77af6c8b9b052\u002FLICENSES\" rel=\"nofollow ugc\">LGPLv3 or later\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>GeoLite2 \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Fgeolite2\u002Feula\" rel=\"nofollow ugc\">license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>GeoIP2 PHP API \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmaxmind\u002FGeoIP2-php\" rel=\"nofollow ugc\">GeoIP2-php\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>chart.js https:\u002F\u002Fwww.chartjs.org\u002F, © 2021 Chart.js \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchartjs\u002FChart.js\u002Fgraphs\u002Fcontributors\" rel=\"nofollow ugc\">contributors\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchartjs\u002FChart.js\u002Fblob\u002Fmaster\u002FLICENSE.md\" rel=\"nofollow ugc\">MIT\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Sudden Shower in the Summer, Public domain, Wikimedia Commons https:\u002F\u002Fcommons.wikimedia.org\u002Fwiki\u002FFile:Sudden_Shower_in_the_Summer_(5759500422).jpg\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contibutions\u003C\u002Fh3>\n\u003Cp>Mirek Długosz – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ferikyo\u002Fcf7-antispam\u002Fpull\u002F30\" rel=\"nofollow ugc\">#30\u003C\u002Fa> fixes a crash that occurred when analysing flamingo metadata\u003Cbr \u002F>\nMeliEve – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-blocks\u002Fcf7-antispam\u002Fpull\u002F42\" rel=\"nofollow ugc\">#42\u003C\u002Fa> Fix “internal_server_error” when message is empty\u003Cbr \u002F>\nMeliEve – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-blocks\u002Fcf7-antispam\u002Fpull\u002F61\" rel=\"nofollow ugc\">#61\u003C\u002Fa>  Handle deferrer script loading\u003Cbr \u002F>\nZodiac1978 – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-blocks\u002Fcf7-antispam\u002Fpull\u002F67\" rel=\"nofollow ugc\">#67\u003C\u002Fa> Remove warning for unsafe email configuration w\u002Fo protection\u003Cbr \u002F>\nJohnHooks – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-blocks\u002Fcf7-antispam\u002Fpull\u002F61\" rel=\"nofollow ugc\">#66\u003C\u002Fa> Readme + plugin env\u003Cbr \u002F>\nsdellenb – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-blocks\u002Fcf7-antispam\u002Fpull\u002F163\" rel=\"nofollow ugc\">#66\u003C\u002Fa> Fix $reason parameter for calling cf7a_ban_by_ip\u003C\u002Fp>\n\u003Ch3>Special thanks\u003C\u002Fh3>\n\u003Cp>This project is tested with BrowserStack. \u003Ca href=\"https:\u002F\u002Fwww.browserstack.com\u002F\" rel=\"nofollow ugc\">Browserstack\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>MaxMind GeoIP2\u003C\u002Fh3>\n\u003Cp>This plugin on demand can enable GeoLite2 created by MaxMind, available from \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.maxmind.com\u003C\u002Fa>\u003Cbr \u002F>\nWhile enabled you may \u003Cstrong>have to mention it in the privacy policy\u003C\u002Fstrong> of your site, depending on the law regulating privacy in your state!\u003Cbr \u002F>\n* GeoIP2 databases \u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Faccounts\u002Fcurrent\u002Fgeoip\u002Fdownloads\" rel=\"nofollow ugc\">GeoLite2 Country\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>DNSBL servers privacy policies\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>dnsbl-1.uceprotect.net \u003Ca href=\"http:\u002F\u002Fwww.uceprotect.net\u002Fen\u002Findex.php?m=13&s=0\" rel=\"nofollow ugc\">www.uceprotect.net license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>dnsbl-2.uceprotect.net \u003Ca href=\"http:\u002F\u002Fwww.uceprotect.net\u002Fen\u002Findex.php?m=13&s=0\" rel=\"nofollow ugc\">www.uceprotect.net license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>dnsbl-3.uceprotect.net \u003Ca href=\"http:\u002F\u002Fwww.uceprotect.net\u002Fen\u002Findex.php?m=13&s=0\" rel=\"nofollow ugc\">www.uceprotect.net license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>dnsbl.sorbs.net \u003Ca href=\"http:\u002F\u002Fwww.sorbs.net\u002Finformation\u002Ffaq\u002F\" rel=\"nofollow ugc\">sorbs.net license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>zen.spamhaus.org \u003Ca href=\"https:\u002F\u002Fwww.spamhaus.org\u002Forganization\u002Fdnsblusage\u002F\" rel=\"nofollow ugc\">spamhaus.org license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>bl.spamcop.net \u003Ca href=\"https:\u002F\u002Fwww.spamcop.net\u002Ffom-serve\u002Fcache\u002F297.html\" rel=\"nofollow ugc\">spamcop.net license\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>b.barracudacentral.org \u003Ca href=\"https:\u002F\u002Fwww.barracuda.com\u002Fcompany\u002Flegal\u002Ftrust-center\u002Fdata-privacy\u002Fprivacy-policy\" rel=\"nofollow ugc\">barracudacentral.org privacy-policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>dnsbl.dronebl.org \u003Ca href=\"https:\u002F\u002Fdronebl.org\u002Fdocs\u002Ffaq\" rel=\"nofollow ugc\">dronebl.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>all.spamrats.com \u003Ca href=\"https:\u002F\u002Fspamrats.com\u002Ftos.php\" rel=\"nofollow ugc\">spamrats.com tos\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>bl.ipv6.spameatingmonkey.net \u003Ca href=\"https:\u002F\u002Fspameatingmonkey.com\u002Ffaq\" rel=\"nofollow ugc\">spameatingmonkey.net\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Inspirations, links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Nikolai Tschacher \u003Ca href=\"https:\u002F\u002Fincolumitas.com\u002Fpages\u002FBotOrNot\u002F\" rel=\"nofollow ugc\">incolumitas.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Antoine Vastel \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantoinevastel\u002Ffpscanner\" rel=\"nofollow ugc\">fp-scanner\u003C\u002Fa>\u002F\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantoinevastel\u002Ffp-collect\" rel=\"nofollow ugc\">fp-collect\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Niespodd \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fniespodd\u002Fbrowser-fingerprinting\" rel=\"nofollow ugc\">niespodd\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Thomas Breuss \u003Ca href=\"https:\u002F\u002Fgist.github.com\u002Ftbreuss\u002F74da96ff5f976ce770e6628badbd7dfc\" rel=\"nofollow ugc\">tbreuss\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Domain Name System-based blackhole list \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FDomain_Name_System-based_blackhole_list\" rel=\"nofollow ugc\">wiki\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>dnsbl list \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FComparison_of_DNS_blacklists\" rel=\"nofollow ugc\">wiki\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A trustworthy antispam plugin for Contact Form 7. Wave goodbye to spam and keep your inbox clean!",81497,84,"2026-01-30T21:39:00.000Z","6.9.4","6.2","7.4",[20,54,22,23],"geoip","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-antispam.0.7.4.zip",98,2,"2025-07-16 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":58,"last_updated":71,"tested_up_to":72,"requires_at_least":55,"requires_php":18,"tags":73,"homepage":55,"download_link":79,"security_score":80,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"honeypot-woocommerce-wp-antispam","Honeypot WooCommerce – WordPress AntiSpam","1.3.7","Camilo","https:\u002F\u002Fprofiles.wordpress.org\u002Fcamilo517\u002F","\u003Cp>This plugin activates a honeypot (Anti-Spam and anti-bot) in the following sites:\u003Cbr \u002F>\n-WooCommerce login form\u003Cbr \u002F>\n-WooCommerce registration form\u003Cbr \u002F>\n-Comments box of the post\u003Cbr \u002F>\n-WordPress registration form\u003Cbr \u002F>\n-WordPress login form\u003C\u002Fp>\n\u003Cp>It is highly optimized, so that the performance of your website is not affected\u003C\u002Fp>\n","This plugin activates a honeypot (Anti-Spam and anti-bot) in the following sites:",200,4193,100,"2020-08-24T23:20:00.000Z","5.5.18",[74,75,76,77,78],"antispam-woocommerce","antispam-wordpress","honeypot-woocommerce","security-woocommerce","seguridad","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhoneypot-woocommerce-wp-antispam.1.3.7.zip",85,{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":70,"downloaded":89,"rating":28,"num_ratings":28,"last_updated":90,"tested_up_to":50,"requires_at_least":91,"requires_php":52,"tags":92,"homepage":96,"download_link":97,"security_score":70,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"spamjam","SpamJam","2.1.0","Matt Biscay","https:\u002F\u002Fprofiles.wordpress.org\u002Fskyminds\u002F","\u003Cp>\u003Cstrong>Tired of deleting spam comments every day?\u003C\u002Fstrong> SpamJam is a lightweight, invisible anti-spam solution that blocks automated spam before it hits your database—without annoying your legitimate users with captchas or verification steps.\u003C\u002Fp>\n\u003Ch4>Why SpamJam?\u003C\u002Fh4>\n\u003Cp>Unlike traditional anti-spam plugins that rely on third-party services or frustrating captchas, SpamJam uses \u003Cstrong>intelligent honeypot techniques\u003C\u002Fstrong> and \u003Cstrong>behavioral analysis\u003C\u002Fstrong> to silently eliminate spam bots. Your real visitors won’t see any difference, but spam bots will be stopped cold.\u003C\u002Fp>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cp>✅ \u003Cstrong>Honeypot Protection\u003C\u002Fstrong> – Invisible fields that trap spam bots\u003Cbr \u002F>\n✅ \u003Cstrong>Referrer Validation\u003C\u002Fstrong> – Blocks direct form submissions\u003Cbr \u002F>\n✅ \u003Cstrong>Nonce Security\u003C\u002Fstrong> – CSRF protection for all comment forms\u003Cbr \u002F>\n✅ \u003Cstrong>Smart Blocklist\u003C\u002Fstrong> – Filters common spam keywords\u003Cbr \u002F>\n✅ \u003Cstrong>Zero Configuration\u003C\u002Fstrong> – Works immediately after activation\u003Cbr \u002F>\n✅ \u003Cstrong>No Captchas\u003C\u002Fstrong> – Never annoy your real users\u003Cbr \u002F>\n✅ \u003Cstrong>Lightweight\u003C\u002Fstrong> – Minimal impact on site performance\u003Cbr \u002F>\n✅ \u003Cstrong>WooCommerce Compatible\u003C\u002Fstrong> – Works with HPOS\u003C\u002Fp>\n\u003Ch4>Pro Features (Premium)\u003C\u002Fh4>\n\u003Cp>🚀 \u003Cstrong>Registration Spam Protection\u003C\u002Fstrong> – Protect user registration forms with email verification\u003Cbr \u002F>\n🚀 \u003Cstrong>Premium Blocklist\u003C\u002Fstrong> – Auto-updating list of 15,000+ spam terms\u003Cbr \u002F>\n🚀 \u003Cstrong>Custom Blocklist\u003C\u002Fstrong> – Add your own keywords and patterns to block\u003Cbr \u002F>\n🚀 \u003Cstrong>Geographic Blocking\u003C\u002Fstrong> – Block comments from specific countries\u003Cbr \u002F>\n🚀 \u003Cstrong>IP Blocking\u003C\u002Fstrong> – Block specific IP addresses or ranges\u003Cbr \u002F>\n🚀 \u003Cstrong>Rate Limiting\u003C\u002Fstrong> – Prevent spam floods with configurable limits\u003Cbr \u002F>\n🚀 \u003Cstrong>Email Whitelist\u003C\u002Fstrong> – Always allow trusted email addresses\u003Cbr \u002F>\n🚀 \u003Cstrong>Spam Logging & Analytics\u003C\u002Fstrong> – Track and analyze blocked spam attempts\u003Cbr \u002F>\n🚀 \u003Cstrong>Content Validation\u003C\u002Fstrong> – Set minimum comment length and maximum links\u003Cbr \u002F>\n🚀 \u003Cstrong>Contact Form Protection\u003C\u002Fstrong> – Protect Contact Form 7, WPForms, Gravity Forms\u003Cbr \u002F>\n🚀 \u003Cstrong>User Enumeration Blocking\u003C\u002Fstrong> – Enhanced security against attacks\u003Cbr \u002F>\n🚀 \u003Cstrong>Priority Support\u003C\u002Fstrong> – Get help when you need it\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Futopique.net\u002Fproducts\u002Fspamjam\u002F\" rel=\"nofollow ugc\">Upgrade to SpamJam Pro \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blogs with active comment sections\u003C\u002Fli>\n\u003Cli>Membership sites\u003C\u002Fli>\n\u003Cli>WooCommerce stores\u003C\u002Fli>\n\u003Cli>Community websites\u003C\u002Fli>\n\u003Cli>Any WordPress site tired of spam\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>SpamJam uses multiple layers of protection:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Honeypot Fields\u003C\u002Fstrong> – Hidden form fields that only bots fill out\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript Validation\u003C\u002Fstrong> – Ensures forms are submitted by real browsers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Referrer Checking\u003C\u002Fstrong> – Verifies submissions come from your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hash Validation\u003C\u002Fstrong> – Cryptographic verification of form integrity\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keyword Filtering\u003C\u002Fstrong> – Blocks known spam patterns\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>All of this happens \u003Cstrong>invisibly\u003C\u002Fstrong> in the background. Your legitimate users never see a captcha or verification step.\u003C\u002Fp>\n\u003Ch4>Privacy First\u003C\u002Fh4>\n\u003Cp>SpamJam doesn’t send your data to third-party services. Everything happens on your server, keeping your users’ information private and your site GDPR-compliant.\u003C\u002Fp>\n","Stop 99% of spam comments and registrations automatically. Zero captchas, zero hassle. Your visitors won't even notice it's there.",2818,"2026-02-12T21:28:00.000Z","5.2",[93,22,94,23,95],"comment-spam","registration-spam","spam-protection","https:\u002F\u002Futopique.net\u002Fproducts\u002Fspamjam\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspamjam.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":28,"num_ratings":28,"last_updated":108,"tested_up_to":50,"requires_at_least":109,"requires_php":52,"tags":110,"homepage":113,"download_link":114,"security_score":70,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ghosttrap","GhostTrap","1.0.3","LaughterOnWater","https:\u002F\u002Fprofiles.wordpress.org\u002Flaughteronwater\u002F","\u003Cp>\u003Cstrong>GhostTrap\u003C\u002Fstrong> provides sophisticated invisible spam protection using a comprehensive 5-layer detection system. Legitimate users comment normally while automated spam is silently blocked through advanced timing analysis, cryptographic validation, and behavioral detection.\u003C\u002Fp>\n\u003Ch4>5-Layer Protection System\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Timing Analysis\u003C\u002Fstrong> – Detects submissions too fast for human interaction\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cryptographic Signatures\u003C\u002Fstrong> – Prevents replay attacks and form manipulation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Year Validation\u003C\u002Fstrong> – JavaScript-enhanced field verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript Detection\u003C\u002Fstrong> – Ensures legitimate browser interaction\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Honeypot Fields\u003C\u002Fstrong> – Multiple hidden traps catch automated bots\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Professional Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Enhanced Admin Interface\u003C\u002Fstrong> – Professional statistics dashboard with custom branding\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Statistics\u003C\u002Fstrong> – Track protection effectiveness with detailed blocking metrics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Timing\u003C\u002Fstrong> – Adjust detection sensitivity from 5-300 seconds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress 6.4+ Compatible\u003C\u002Fstrong> – Full support for block themes and FSE\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Bar Integration\u003C\u002Fstrong> – Quick spam statistics for administrators\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Screen Options Control\u003C\u002Fstrong> – User-configurable interface elements\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Zero User Friction\u003C\u002Fh4>\n\u003Cp>All protection operates invisibly – no captcha, no puzzles, no delays. Users with JavaScript enabled see normal comment forms, while those with disabled JavaScript get simple year validation. Protection effectiveness remains high in both scenarios.\u003C\u002Fp>\n\u003Ch4>Performance Optimized\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight JavaScript\u003C\u002Fstrong> – Only 2KB, loads exclusively on comment pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Script Loading\u003C\u002Fstrong> – Conditional loading based on comment form presence\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Minimal Database Impact\u003C\u002Fstrong> – Efficient storage with optional spam archiving\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser Compatibility\u003C\u002Fstrong> – Works across all modern browsers with graceful degradation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GDPR Compliant\u003C\u002Fh4>\n\u003Cp>No external services, no tracking, no personal data collection beyond standard WordPress comment processing. All spam detection happens locally on your server.\u003C\u002Fp>\n\u003Ch4>Attribution\u003C\u002Fh4>\n\u003Cp>Built upon the original Anti-spam plugin foundation by webvitaly, with comprehensive modernization, enhanced detection layers, and professional admin interface for current WordPress compatibility.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>GhostTrap operates with privacy-first design principles:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>No External Services\u003C\u002Fstrong> – All spam detection processing occurs on your server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Personal Data Collection\u003C\u002Fstrong> – Uses only standard WordPress comment data for protection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Tracking or Analytics\u003C\u002Fstrong> – Zero data sharing with third parties or external systems\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Fully Compliant\u003C\u002Fstrong> – Minimal data processing with transparent, local-only operation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional Spam Storage\u003C\u002Fstrong> – Blocked comments stored locally only if explicitly enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced Configuration\u003C\u002Fh3>\n\u003Ch4>Timing Threshold Recommendations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>High Security Sites:\u003C\u002Fstrong> 10-15 seconds (stricter protection)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>General Purpose Sites:\u003C\u002Fstrong> 15-20 seconds (balanced protection)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessibility-Focused Sites:\u003C\u002Fstrong> 25-30 seconds (accommodates slower interaction)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reading-Heavy Sites:\u003C\u002Fstrong> 30+ seconds (allows time for content review)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin Interface Customization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Bar Statistics\u003C\u002Fstrong> – Toggle spam counter visibility in admin bar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Screen Options\u003C\u002Fstrong> – Control information panel display on comments page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dashboard Integration\u003C\u002Fstrong> – Spam statistics in “At a Glance” widget\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contextual Help\u003C\u002Fstrong> – Comprehensive protection information in WordPress help system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Technical Requirements\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Server Environment:\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress 5.0 or higher\u003Cbr \u002F>\n* PHP 7.4 or higher\u003Cbr \u002F>\n* Standard WordPress hosting with wp_options table access\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Browser Support:\u003C\u002Fstrong>\u003Cbr \u002F>\n* All modern browsers (Chrome, Firefox, Safari, Edge)\u003Cbr \u002F>\n* Internet Explorer 11+ with graceful degradation\u003Cbr \u002F>\n* Mobile browsers with full functionality\u003Cbr \u002F>\n* JavaScript-disabled browsers with fallback protection\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance Specifications:\u003C\u002Fstrong>\u003Cbr \u002F>\n* JavaScript payload: ~2KB minified and compressed\u003Cbr \u002F>\n* Database impact: Single option row with minimal queries\u003Cbr \u002F>\n* Server processing: Sub-millisecond detection analysis\u003Cbr \u002F>\n* Memory usage: Negligible footprint during comment processing\u003C\u002Fp>\n","Advanced 5-layer invisible spam protection for comments. No captcha, no user friction - professional spam blocking.",20,272,"2026-02-08T16:30:00.000Z","5.0",[20,111,112,23,24],"comments","protection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fghosttrap\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fghosttrap.1.0.3.zip",{"slug":116,"name":117,"version":84,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":28,"num_ratings":28,"last_updated":124,"tested_up_to":50,"requires_at_least":109,"requires_php":52,"tags":125,"homepage":127,"download_link":128,"security_score":70,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"honeypot-guard-silent-anti-spam","Honeypot Guard – Silent Anti-Spam","MDigital","https:\u002F\u002Fprofiles.wordpress.org\u002Fmantasdigital\u002F","\u003Cp>\u003Cstrong>Honeypot Guard\u003C\u002Fstrong> is a powerful, privacy-focused anti-spam solution that protects your WordPress forms without annoying your visitors with CAPTCHAs. Using invisible detection techniques, it blocks spam bots while maintaining a seamless user experience.\u003C\u002Fp>\n\u003Ch4>Why Choose Honeypot Guard?\u003C\u002Fh4>\n\u003Cp>Unlike CAPTCHA-based solutions that frustrate users and hurt conversions (studies show CAPTCHAs reduce form submissions by 10-40%), Honeypot Guard provides \u003Cstrong>superior spam protection\u003C\u002Fstrong> with \u003Cstrong>zero user friction\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>Honeypot Guard uses multiple layers of intelligent detection to catch spam automatically:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Invisible Honeypot Fields\u003C\u002Fstrong> – Hidden fields that real users never see, but bots fill out automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dynamic Field Rotation\u003C\u002Fstrong> – Constantly changing field names make it harder for sophisticated bots to adapt\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Timestamp Validation\u003C\u002Fstrong> – Detects instant submissions (bots can’t read like humans)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Gibberish Detection\u003C\u002Fstrong> – Catches keyboard mashing and random text patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Heuristic Analysis\u003C\u002Fstrong> – Pattern-based detection of common spam characteristics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Character Script Filtering\u003C\u002Fstrong> – Optionally block submissions containing specific character scripts (Cyrillic, Chinese, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cookie Verification\u003C\u002Fstrong> – Proves JavaScript execution in a real browser environment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero User Friction\u003C\u002Fstrong> – Completely invisible protection, no annoying puzzles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-Focused\u003C\u002Fstrong> – All processing on your server, no third-party tracking by default\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Blacklisting\u003C\u002Fstrong> – Block by email, domain, IP address, or keywords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rate Limiting\u003C\u002Fstrong> – Prevent spam floods with configurable submission limits\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Spam Logs\u003C\u002Fstrong> – View blocked submissions with one-click IP blocking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-Language Admin\u003C\u002Fstrong> – Available in 9 languages (English, German, Spanish, Italian, Lithuanian, Swedish, Polish, Estonian, Spanish-Mexico)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant\u003C\u002Fstrong> – No data sent to external services (unless you enable optional AI detection)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works Automatically\u003C\u002Fstrong> – Integrates seamlessly with popular form plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Form Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Formidable Forms\u003C\u002Fli>\n\u003Cli>WordPress Registration Forms\u003C\u002Fli>\n\u003Cli>WordPress Comments\u003C\u002Fli>\n\u003Cli>WooCommerce Checkout & Registration\u003C\u002Fli>\n\u003Cli>bbPress Forums\u003C\u002Fli>\n\u003Cli>Any HTML form with minimal configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Protection Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>AI-Powered Gibberish Detection\u003C\u002Fstrong> (Optional) – Use OpenAI or Anthropic APIs for advanced content analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Meta Pixel Protection\u003C\u002Fstrong> – Block form submission tracking until verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Honeypot Field Names\u003C\u002Fstrong> – Define your own field names for added security\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Trusted Users\u003C\u002Fstrong> – Bypass checks for logged-in users or specific IPs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy & Performance\u003C\u002Fh4>\n\u003Cp>Honeypot Guard is designed with privacy and performance in mind:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong> – Adds virtually zero latency to your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No External Calls\u003C\u002Fstrong> – Basic protection requires no API calls\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache Compatible\u003C\u002Fstrong> – Works with WP Super Cache, W3 Total Cache, WP Rocket, LiteSpeed, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Cookies Required\u003C\u002Fstrong> – Core functionality works without cookies (optional cookie verification available)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Professional Support\u003C\u002Fh4>\n\u003Cp>Need help? Visit \u003Ca href=\"https:\u002F\u002Fwww.mantasdigital.com\u002Fhoneypot-guard\u002F\" rel=\"nofollow ugc\">mantasdigital.com\u002Fhoneypot-guard\u003C\u002Fa> for documentation and support.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Honeypot Guard collects and stores:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>IP addresses of form submissions (for spam detection and blocking)\u003C\u002Fli>\n\u003Cli>Form submission data flagged as spam (for review and pattern detection)\u003C\u002Fli>\n\u003Cli>Timestamps of submissions (for rate limiting)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This data is stored in your WordPress database and is \u003Cstrong>never sent to external services\u003C\u002Fstrong> unless you enable optional AI-powered detection.\u003C\u002Fp>\n\u003Cp>You can configure automatic deletion of spam logs in Settings > Honeypot Guard.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin can optionally connect to external AI services for advanced gibberish detection. These services are \u003Cstrong>disabled by default\u003C\u002Fstrong> and must be explicitly enabled by the administrator.\u003C\u002Fp>\n\u003Ch4>OpenAI API (Optional)\u003C\u002Fh4>\n\u003Cp>When AI gibberish detection is enabled and configured with an OpenAI API key:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Analyzes suspicious form field content to detect nonsensical or spam text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> Only the specific text field being analyzed (not the entire form submission)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When sent:\u003C\u002Fstrong> Only when a submission is flagged as potentially suspicious and AI detection is enabled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service provider:\u003C\u002Fstrong> OpenAI, L.L.C.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of use:\u003C\u002Fstrong> https:\u002F\u002Fopenai.com\u002Fpolicies\u002Fterms-of-use\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy policy:\u003C\u002Fstrong> https:\u002F\u002Fopenai.com\u002Fpolicies\u002Fprivacy-policy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Anthropic API (Optional)\u003C\u002Fh4>\n\u003Cp>When AI gibberish detection is enabled and configured with an Anthropic API key:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Analyzes suspicious form field content to detect nonsensical or spam text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent:\u003C\u002Fstrong> Only the specific text field being analyzed (not the entire form submission)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When sent:\u003C\u002Fstrong> Only when a submission is flagged as potentially suspicious and AI detection is enabled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service provider:\u003C\u002Fstrong> Anthropic, PBC\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of use:\u003C\u002Fstrong> https:\u002F\u002Fwww.anthropic.com\u002Flegal\u002Fconsumer-terms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy policy:\u003C\u002Fstrong> https:\u002F\u002Fwww.anthropic.com\u002Flegal\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> These services are entirely optional. Honeypot Guard provides effective spam protection without any external services using its built-in detection methods.\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.mantasdigital.com\u002Fhoneypot-guard\u002F\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.mantasdigital.com\u002Fhoneypot-guard\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.mantasdigital.com\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmantasdigital\u002Fhoneypot-guard\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Anti-spam protection for forms, signups, and comments using advanced honeypot techniques. No CAPTCHAs, no user friction.",10,168,"2026-02-05T21:01:00.000Z",[20,126,22,23,95],"contact-form-7","https:\u002F\u002Fwww.mantasdigital.com\u002Fhoneypot-guard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhoneypot-guard-silent-anti-spam.2.1.0.zip",{"attackSurface":130,"codeSignals":186,"taintFlows":218,"riskAssessment":219,"analyzedAt":230},{"hooks":131,"ajaxHandlers":182,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":28,"unprotectedCount":28},[132,138,143,147,150,155,158,161,166,170,174,178],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_notices","antispam_admin_notice","honeypot-antispam-info.php",32,{"type":139,"name":140,"callback":141,"file":136,"line":142},"filter","screen_layout_columns","antispam_display_screen_option",67,{"type":133,"name":144,"callback":145,"file":136,"line":146},"admin_head","antispam_register_screen_option",70,{"type":133,"name":148,"callback":149,"file":136,"line":48},"admin_init","antispam_update_screen_option",{"type":133,"name":151,"callback":152,"file":153,"line":154},"admin_menu","antispam_menu","honeypot-antispam-settings.php",15,{"type":133,"name":148,"callback":156,"file":153,"line":157},"antispam_admin_init",27,{"type":133,"name":148,"callback":159,"file":153,"line":160},"antispam_settings_init",35,{"type":133,"name":162,"callback":163,"file":164,"line":165},"wp_enqueue_scripts","antispam_enqueue_script","honeypot-antispam.php",34,{"type":133,"name":167,"callback":168,"file":164,"line":169},"init","antispam_load_textdomain",36,{"type":133,"name":171,"callback":172,"file":164,"line":173},"comment_form","antispam_form_part",64,{"type":139,"name":175,"callback":176,"priority":34,"file":164,"line":177},"preprocess_comment","antispam_check_comment",99,{"type":139,"name":179,"callback":180,"priority":122,"file":164,"line":181},"plugin_row_meta","antispam_plugin_meta",115,[],[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":217},[],{"prepared":28,"raw":28,"locations":189},[],{"escaped":191,"rawEcho":192,"locations":193},3,13,[194,197,198,200,202,204,206,207,209,210,212,214,216],{"file":136,"line":195,"context":196},22,"raw output",{"file":136,"line":195,"context":196},{"file":136,"line":199,"context":196},24,{"file":136,"line":201,"context":196},56,{"file":153,"line":203,"context":196},54,{"file":153,"line":205,"context":196},55,{"file":153,"line":201,"context":196},{"file":153,"line":208,"context":196},74,{"file":153,"line":208,"context":196},{"file":153,"line":211,"context":196},76,{"file":164,"line":213,"context":196},48,{"file":164,"line":215,"context":196},50,{"file":164,"line":201,"context":196},[],[],{"summary":220,"deductions":221},"The \"honeypot-antispam\" plugin v1.0.5 presents a generally positive security posture based on the static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the code signals indicate a responsible approach to database interactions, with all SQL queries utilizing prepared statements.  The lack of file operations and external HTTP requests also reduces potential vectors for compromise.\n\nHowever, a notable concern arises from the low percentage of properly escaped output (19%). This suggests that user-supplied data or dynamic content might be rendered in the browser without adequate sanitization, potentially exposing the plugin to Cross-Site Scripting (XSS) vulnerabilities. The absence of nonces and capability checks across all entry points, while less critical given the limited attack surface, means that any future expansion or unintended exposure of functionality could be exploited without proper authorization or integrity checks.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs, indicating a strong track record. This, combined with the absence of critical taint flows and dangerous functions, points to a well-developed codebase. The key weakness lies in output escaping, which requires attention to prevent potential XSS attacks. Overall, the plugin is promising, but the output escaping needs significant improvement to achieve a robust security profile.",[222,225,228],{"reason":223,"points":224},"Low percentage of properly escaped output (19%)",8,{"reason":226,"points":227},"Missing nonce checks on all entry points",5,{"reason":229,"points":227},"Missing capability checks on all entry points","2026-03-16T17:40:06.950Z",{"wat":232,"direct":239},{"assetPaths":233,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[234],"\u002Fwp-content\u002Fplugins\u002Fhoneypot-antispam\u002Fjs\u002Fhoneypot-antispam.js",[],[234],[238],"honeypot-antispam\u002Fjs\u002Fhoneypot-antispam.js?ver=",{"cssClasses":240,"htmlComments":249,"htmlAttributes":252,"restEndpoints":259,"jsGlobals":260,"shortcodeOutput":262},[241,242,243,244,245,246,247,248],"antispam-group","antispam-group-q","antispam-group-e","antispam-control","antispam-control-a","antispam-control-q","antispam-control-e","antispam-panel-info",[250,251],"\u003C!-- Honeypot Antispam plugin v.","-->",[253,254,255,256,257,258],"name=\"antspm-a\"","class=\"antispam-control antispam-control-a\"","name=\"antspm-q\"","class=\"antispam-control antispam-control-q\"","name=\"antspm-e-email-url-website\"","class=\"antispam-control antispam-control-e\"",[],[261],"jQuery",[]]