[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffgPL5RTC20eHoapP__DSyjFGRTZV_jmQiO8i3uC2zDY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":133,"fingerprints":174},"kp-fastest-cf7-recaptcha","KP Fastest Contact Form 7 Recaptcha V3","1.0.0","Kreativo Pro","https:\u002F\u002Fprofiles.wordpress.org\u002Fkreativopro\u002F","\u003Cp>We at \u003Ca href=\"https:\u002F\u002Fwww.kreativopro.com\u002F\" rel=\"nofollow ugc\">Kreativo Pro\u003C\u002Fa> specialize in speeding up WordPress websites. But in 2019 we ran into a new challenge when Contact Form 7 started using Recaptcha V3 and Recaptcha started slowing down our client sites.\u003C\u002Fp>\n\u003Ch4>Why to Google Recaptcha?\u003C\u002Fh4>\n\u003Cp>There are automated bots that scrape sites from Google, find Contact Form 7 forms and submit them with spam data for promotions.\u003C\u002Fp>\n\u003Cp>An average site gets 5+ SPAM submissions per day. This is confusing and frustrating for most website owners. Reading SPAM submissions also wastes your time.\u003C\u002Fp>\n\u003Ch4>Why this plugin?\u003C\u002Fh4>\n\u003Cp>A lot of Our customers wanted to use Contact Form 7 Recaptcha V3 and still wanted a very fast website. This is when our team got together one Sunday to discuss a possible solution and we found a great idea.\u003C\u002Fp>\n\u003Cp>This plugin is a result of that idea. For more than a year, we kept this plugin within our own company and used only for our own customers. But we realized that we could help a lot more WordPress users by just realising it publicly.\u003C\u002Fp>\n\u003Cp>And giving back to WordPress community has always been our  objective. So, here we present you our secret idea 🙂\u003C\u002Fp>\n\u003Cp>If you want to use Contact Form 7 Recaptcha V3 and still want a very fast WordPress website, then just use this plugin.\u003C\u002Fp>\n\u003Ch4>How KP Fastest Contact Form 7 Recaptcha V3 compares with other Recaptcha plugins?\u003C\u002Fh4>\n\u003Cp>There is a plugin that converts Recaptcha V3 into Recaptcha V2 in Contact Form 7. It’s great but it lacks the speed angle with V3 that we are hitting with our plugin.\u003C\u002Fp>\n\u003Cp>Ultimately, as a website owner, you want Fast website with no SPAM. Contact Form 7 recommends Recaptcha V3. So with our plugin we have tried to keep Recaptcha V3 and also speed up your website.\u003C\u002Fp>\n\u003Cp>You can use our plugin and check your website speed using GTMetrix or Pingdom or Google Pagespeed Insights. The speed (load time) and scores with our plugin are higher.\u003C\u002Fp>\n\u003Cp>The great thing is that our codes can be combined and minified by Popular caching plugins like WP Fastest Cache, Autoptimze, WP Rocket, W3 Total Cache, Swift Performance etc.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>Copyright 2018-20 Kreativo Pro\n\nThis program is free software; you can redistribute it and\u002For modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation; either version 2 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Speeds up websites that use Contact Form 7 Recaptcha V3. Built by Kreativo Pro WordPress Speed Specialists.",100,3421,1,"2020-11-04T11:03:00.000Z","5.5.18","3.2","5.2.4",[19,20,21,22],"contact-form-7","contact-form-7-recaptcha","recaptcha","spam","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkp-fastest-cf7-recaptcha.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"kreativopro",3,210,30,84,"2026-04-05T16:36:43.154Z",[38,54,77,94,116],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":11,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":23,"tags":52,"homepage":23,"download_link":53,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,89,"2025-04-15T22:52:00.000Z","6.7.5","4.9",[19,20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":23,"tags":69,"homepage":23,"download_link":73,"security_score":74,"vuln_count":75,"unpatched_count":26,"last_vuln_date":76,"fetched_at":28},"contact-form-7-simple-recaptcha","Contact Form 7 Captcha","0.1.7","LukasApps","https:\u002F\u002Fprofiles.wordpress.org\u002F247wd\u002F","\u003Cp>Protect your Contact Form 7 forms with \u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong>, \u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong>, \u003Cstrong>hCAPTCHA\u003C\u002Fstrong>, or \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Easy integration and supports multiple forms on a single page.\u003C\u002Fp>\n\u003Ch3>Four CAPTCHA Options\u003C\u002Fh3>\n\u003Cp>Choose the CAPTCHA provider that works best for you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong> — The industry-standard “I’m not a robot” checkbox, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong> — The industry-standard invisible score-based verification, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>hCAPTCHA\u003C\u002Fstrong> — A privacy-first alternative that offers robust bot protection while keeping user data secure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> — A modern CAPTCHA that verifies users in the background, only requiring a simple click if the visitor appears suspicious.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Simple Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Sign up with your chosen CAPTCHA provider and grab your Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Paste them into \u003Cstrong>CF7 Captcha\u003C\u002Fstrong> in your WordPress admin.\u003C\u002Fli>\n\u003Cli>Add protection to any CF7 form in seconds using the shortcode provided in the same settings page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Customizable Appearance\u003C\u002Fh3>\n\u003Cp>Each CAPTCHA widget supports customization options directly from the shortcode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Size\u003C\u002Fstrong> — Choose between normal and compact to fit your form layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme\u003C\u002Fstrong> — Switch between light and dark themes (or auto for Turnstile) to match your site’s design.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Language\u003C\u002Fstrong> — Force any CAPTCHA to render in a specific language for your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All options are combinable, so you can mix and match to get the exact look you need.\u003C\u002Fp>\n\u003Ch3>Submission Insights (NEW in v0.1.7)\u003C\u002Fh3>\n\u003Cp>Go beyond just blocking spam. Submission Insights gives you full visibility into every form submission:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Sender IP\u003C\u002Fstrong> — See the IP address of the person who contacted you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Source Page\u003C\u002Fstrong> — Know exactly which page on your site the form was filled out on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Device & Browser\u003C\u002Fstrong> — Get technical details about the sender’s setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Want More? Upgrade to CF7 Captcha Pro\u003C\u002Fh3>\n\u003Cp>This free version gives you solid CAPTCHA protection. But the smartest bots are already solving CAPTCHAs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CF7 Captcha Pro\u003C\u002Fstrong> adds six extra layers of invisible spam defense on top of what you already have here, plus a full set of tools to capture and act on every lead your forms collect.\u003C\u002Fp>\n\u003Ch3>What you get with Pro\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>6-Layer Spam Defense\u003C\u002Fstrong> — stops 99.9% of spam without ever bothering your visitors:\u003Cbr \u002F>\n– \u003Cstrong>Advanced Honeypot\u003C\u002Fstrong> — invisible trap fields with names that regenerate every 24 hours.\u003Cbr \u002F>\n– \u003Cstrong>Time Limit Validation\u003C\u002Fstrong> — bots submit in 0.2 seconds. Humans take 15–30. This blocks anything that moves too fast (or stays too long).\u003Cbr \u002F>\n– \u003Cstrong>Rate Limiting\u003C\u002Fstrong> — caps submissions per IP so bot networks can’t flood your inbox or burn through your email quota.\u003Cbr \u002F>\n– \u003Cstrong>Geographic Blocking\u003C\u002Fstrong> — whitelist only the countries you serve, or blacklist known spam regions.\u003Cbr \u002F>\n– \u003Cstrong>IP Pattern Blocking\u003C\u002Fstrong> — block single IPs, wildcards, CIDR ranges, or entire subnets when you know exactly where an attack is coming from.\u003Cbr \u002F>\n– \u003Cstrong>Word Filter\u003C\u002Fstrong> — scans every submission for spam keywords, phishing URLs, and known scam phrases before it reaches you.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lead Recovery\u003C\u002Fstrong> — 70% of people who start filling out a form never submit it. Pro captures their data in real-time as they type, so you can follow up on leads that would otherwise vanish.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Database Storage & Export\u003C\u002Fstrong> — every submission is saved with full metadata (IP, browser, referrer, timestamp). Export to CSV, Excel, JSON, or PDF whenever you need it. No more lost leads if your email fails.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Webhooks\u003C\u002Fstrong> — send form data instantly to any URL. Connect to Zapier, Salesforce, Slack, Google Sheets, or any custom API. Multiple webhooks per form, with retry logic built in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mailchimp Integration\u003C\u002Fstrong> — submissions automatically added to your Mailchimp lists. Field mapping, tags, opt-in handling.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Twilio SMS\u003C\u002Fstrong> — receive instant alerts for every submission or send automated SMS replies to your clients.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Comprehensive Logging\u003C\u002Fstrong> — every spam block, webhook call, and integration event is logged. Debug any issue in minutes instead of hours.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Flukasapps.de\u002Fwordpress\u002Fplugins\u002Fcf7-captcha-pro\u002F\" rel=\"nofollow ugc\">Get CF7 Captcha Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect your Contact Form 7 forms with Google reCAPTCHA V2, Google reCAPTCHA V3, hCAPTCHA, or Cloudflare Turnstile.",100000,1042756,82,48,"2026-02-01T21:19:00.000Z","6.9.4","4.1.2",[70,19,71,21,72],"captcha","hcaptcha","spam-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-simple-recaptcha.zip",99,2,"2022-06-27 00:00:00",{"slug":78,"name":79,"version":6,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":75,"last_updated":87,"tested_up_to":50,"requires_at_least":88,"requires_php":23,"tags":89,"homepage":91,"download_link":92,"security_score":93,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"text-captcha-contact-form-7","Contact Form 7 Text CAPTCHA","Saurav Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fsauravhny\u002F","\u003Cp>Secure your website Contact Form 7 forms from bots and hackers using plugin Contact Form 7 Text CAPTCHA. Just place shortcode \u003Ccode>[captchacf7* input-captcha-cf7 id:input-captcha-cf7]\u003C\u002Fcode> in your form where you want to show captcha. It protects your website from spams and abuse.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZgcTMZIhVio?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple setup.\u003C\u002Fli>\n\u003Cli>Add Shortcode\u003C\u002Fli>\n\u003Cli>It will display in your form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support : \u003Ca href=\"https:\u002F\u002Fphpesperto.com\u002Fcontact\" rel=\"nofollow ugc\">https:\u002F\u002Fphpesperto.com\u002Fcontact\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>Place shortcode [captchacf7* input-captcha-cf7 id:input-captcha-cf7] in contact form 7 form, where you want to display captcha.\u003C\u002Fp>\n","Secure your website Contact Form 7 forms from bots and hackers using plugin Contact Form 7 Text CAPTCHA. Just place shortcode [captchacf7* input-captc …",2000,7915,90,"2024-12-21T11:20:00.000Z","6.0.2",[70,19,21,72,90],"text-captcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftext-captcha-contact-form-7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftext-captcha-contact-form-7.2.0.0.zip",92,{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":32,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":114,"download_link":115,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"simple-no-bot","Invisible Anti Spam for Contact Form 7 (Simple No-Bot)","2.2.5","lilaeamedia","https:\u002F\u002Fprofiles.wordpress.org\u002Flilaeamedia\u002F","\u003Cp>Simple No-Bot uses javascript to detect if Contact Form 7 is being submitted by a spam bot.\u003C\u002Fp>\n\u003Cp>We wrote this when clients were reporting hundreds of bogus contact forms were getting past Honeypot, but did not want to add a captcha that would impact conversions.\u003C\u002Fp>\n\u003Cp>This lightweight script has been extremely effective for eliminating spam messages from Contact Form 7 (and other forms) submissions. It does not pretend to be a complete anti spam solution.\u003C\u002Fp>\n\u003Ch3>IMPORTANT\u003C\u002Fh3>\n\u003Cp>SNB REJECTS SUBMISSIONS UNLESS THE USER INTERACTS WITH THE FORM. In earlier versions of SNB, the submit button was disabled until this threshold was met. You can now set this option in wp-config.php (see below).\u003C\u002Fp>\n\u003Cp>In most cases it will be enabled after the user starts typing in the first field. It has not broken your form.\u003C\u002Fp>\n\u003Cp>Please report any feedback and false negatives\u002Fpositives on our support form at http:\u002F\u002Fwww.lilaeamedia.com\u002Fcontact\u002F before posting a crappy review. Thanks.\u003C\u002Fp>\n\u003Ch3>New! Improved!\u003C\u002Fh3>\n\u003Cp>You can now hook Simple No Bot into any form. The filter below will return TRUE if bots are detected.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$is_spam = FALSE; \u002F\u002F you can use whatever flag is being used by your plugin. \n$is_spam = apply_filters( 'snb_test_spam', $is_spam );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>We have added additional analysis to detect pesky bots that can mimic browsers and run scripts.\u003C\u002Fp>\n\u003Cp>SNB now keeps a list of IPs as they are flagged as spam and automatically fails them. The oldest IPs are pruned when it reaches 100 (or SNB_MAX_SPAM_IPS, see below). You can pass ?snb_flush=true as Admin to flush all spam IPs.\u003C\u002Fp>\n\u003Cp>You can disable the submit button until the event threshold is reached by adding the following flag to wp-config.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'SNB_DISABLE_SUBMIT', TRUE );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Other configurable options:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'SNB_SPAM_THRESHOLD', 2 ); \u002F\u002F maximum score before being considered spam\ndefine( 'SNB_MIN_EVENTS', 2 ); \u002F\u002F minimum number of events required to fetch token\ndefine( 'SNB_BLOCK_SPAM_IPS', TRUE ); \u002F\u002F use IP blocking on hard fails\ndefine( 'SNB_SPAM_IP_LIFESPAN', 60 * 60 * 24 * 30 ); \u002F\u002F time before spam ips expire - default 30 days\ndefine( 'SNB_MAX_SPAM_IPS', 100 ); \u002F\u002F max number of IPs to store before rotating\ndefine( 'SNB_SESSION_LIFESPAN', 60 * 30 ); \u002F\u002F time token is valid to send message - default 30 minutes\u003Ch3>Support\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Please report any feedback and false negatives\u002Fpositives on our support form at http:\u002F\u002Fwww.lilaeamedia.com\u002Fcontact\u002F\u003C\u002Fp>\n\u003Cp>(c)2019 Lilaea Media\u003C\u002Fp>\n","Simple, lightweight, no captcha, no configuration. Just works.",200,3093,46,"2020-01-12T18:05:00.000Z","5.3.21","5.2","5.6",[110,111,19,112,113],"auto-captcha","bot-blocker","invisible-recaptcha","spam-blocker","http:\u002F\u002Fwww.lilaeamedia.com\u002Fsimple-no-bot\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-no-bot.2.2.5.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":26,"num_ratings":26,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":23,"tags":129,"homepage":131,"download_link":132,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"show-recaptcha-where-nedeed","Show Recaptcha Where Nedeed","1.3.0","Ermald Billa","https:\u002F\u002Fprofiles.wordpress.org\u002Fermaldbilla\u002F","\u003Cp>This plugin ensures that Contact Form 7’s Recaptcha v3 only appears on pages with contact forms, improving performance and reducing unnecessary load.\u003C\u002Fp>\n","This plugin fixes Contact Form 7's Recaptcha v3 so it only appears on pages with contact forms.",50,1512,"2025-11-17T11:11:00.000Z","6.8.5","5.0",[19,21,130,22],"security","https:\u002F\u002Fwww.getwebsolution.it\u002Fmostra-recaptcha-dove-necessario\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshow-recaptcha-where-nedeed.1.2.3.zip",{"attackSurface":134,"codeSignals":156,"taintFlows":166,"riskAssessment":167,"analyzedAt":173},{"hooks":135,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":26,"unprotectedCount":26},[136,143,148],{"type":137,"name":138,"callback":139,"priority":140,"file":141,"line":142},"filter","plugin_action_links","kpfcf7r_setting_links",10,"kp-fastest-cf7-recaptcha.php",43,{"type":144,"name":145,"callback":146,"file":141,"line":147},"action","setup_theme","kpfrecap_wpcf7_manage_hooks",51,{"type":144,"name":149,"callback":150,"file":141,"line":151},"wp_footer","kp_fastest_cf7_recaptcha",77,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":165},[],{"prepared":26,"raw":26,"locations":159},[],{"escaped":26,"rawEcho":13,"locations":161},[162],{"file":141,"line":163,"context":164},70,"raw output",[],[],{"summary":168,"deductions":169},"The \"kp-fastest-cf7-recaptcha\" plugin, version 1.0.0, exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded CVEs and the lack of dangerous functions or SQL queries are positive indicators. The plugin also shows no file operations or external HTTP requests, further minimizing potential attack vectors.  However, a significant concern arises from the complete lack of output escaping. This means that any data processed by the plugin and subsequently displayed to users could be vulnerable to cross-site scripting (XSS) attacks if not properly sanitized before reaching the output stage.  While the attack surface appears minimal and devoid of immediate vulnerabilities, this single unescaped output presents a tangible risk that should be addressed. The vulnerability history is clean, suggesting a well-maintained or at least unexploited codebase, but the lack of output escaping is a fundamental security practice that is not being followed and could lead to critical vulnerabilities.",[170],{"reason":171,"points":172},"Unescaped output detected",5,"2026-03-17T05:37:43.323Z",{"wat":175,"direct":180},{"assetPaths":176,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[],[],[],[],{"cssClasses":181,"htmlComments":183,"htmlAttributes":184,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":189},[182],"wpcf7",[],[],[],[187,188],"kpdetectcf7form","kpfastestcf7recaptcha",[]]