[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuosZCpUfjz3f5uGxpiHXZAen7svh5Sd2BEoo0Bhh200":3,"$fkS7_C_AqpA8L9qIrjwYcprrXYQIsyYkRzILap8UoeS0":236,"$f54lIQb8WKYXSUJfvN-U2qsbFC8IDZNi-SifnJVvfgc0":241},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":35,"analysis":137,"fingerprints":219},"login-form-integration-with-recaptcha-v2","Login form integration with Recaptcha V2","1.0","Rajat","https:\u002F\u002Fprofiles.wordpress.org\u002Frajatdev\u002F","\u003Cp>Adding Google Recaptcha V2 in Login Form helps to protect against bot attacks, prevent account takeover, and guard against fraudulent activities. The use of this reCAPTCHA plugin in login forms enhances security and user experience by protecting user accounts and sensitive information from automated attacks.\u003C\u002Fp>\n\u003Cp>This plugin integrates Google reCAPTCHA v2 on the WordPress login form. When enabled, it adds a reCAPTCHA challenge that users must complete to log in, thereby preventing automated login attempts.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin uses Google reCAPTCHA for validating login attempts. Data is sent to the Google reCAPTCHA service for verification.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002F\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fintro\u002Fv3.html\" rel=\"nofollow ugc\">Google reCAPTCHA Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google reCAPTCHA Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adding Google Recaptcha V2 in Login Form",0,872,100,1,"2024-07-20T10:04:00.000Z","6.6.5","5.0.1","",[20,21],"google-recaptcha","recaptcha-v2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-form-integration-with-recaptcha-v2.1.0.zip",92,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"rajatdev",3,87,30,85,"2026-05-19T22:54:54.930Z",[36,54,77,96,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":18,"requires_php":18,"tags":49,"homepage":18,"download_link":53,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"easy-recaptcha-shortcodes","Easy reCaptcha Shortcodes","1.0.0","Zeljko Ivanovic","https:\u002F\u002Fprofiles.wordpress.org\u002Fzivanovic\u002F","\u003Cp>Easy reCaptcha Shortcodes lets you add reCAPTCHA v2 via shortcodes, while reCAPTCHA v3 runs automatically, protecting your site from spam and bots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Supports Google reCAPTCHA v2 (shortcodes) and v3 (automatic)\u003Cbr \u002F>\n– Simple settings panel for API key configuration\u003Cbr \u002F>\n– Works with any WordPress theme\u003Cbr \u002F>\n– No coding required\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How It Works:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Install and activate the plugin.\u003Cbr \u002F>\n2. Navigate to \u003Cstrong>Easy reCaptcha Shortcodes\u003C\u002Fstrong> in the admin menu.\u003Cbr \u002F>\n3. Enter your \u003Cstrong>reCAPTCHA v2 or v3 API keys\u003C\u002Fstrong>.\u003Cbr \u002F>\n4. For \u003Cstrong>reCAPTCHA v2\u003C\u002Fstrong>, use the provided shortcode in your forms.\u003Cbr \u002F>\n5. For \u003Cstrong>reCAPTCHA v3\u003C\u002Fstrong>, it runs automatically on your site after setup.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Example Shortcodes (for reCAPTCHA v2 only):\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ccode>[ercs_keys_v2]\u003C\u002Fcode> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Displays reCAPTCHA v2 checkbox inside your form.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support and feedback, please visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Feasy-recaptcha-shortcodes\" rel=\"ugc\">plugin support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with Google reCAPTCHA to provide spam protection for forms.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name\u003C\u002Fstrong>: Google reCAPTCHA\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used to verify human users and prevent spam or automated abuse on websites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>For reCAPTCHA v2: When a user interacts with a form containing reCAPTCHA v2, Google may collect device and browser-related information (such as cookies, IP address, and user behavior).\u003C\u002Fli>\n\u003Cli>For reCAPTCHA v3: Google reCAPTCHA v3 runs in the background and collects user interactions to generate a score indicating the likelihood of the user being a bot.\u003C\u002Fli>\n\u003Cli>Validation requests are sent to Google’s verification API (\u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fsiteverify\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When Data is Sent\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>reCAPTCHA v2: Data is sent when a user submits a form that contains the reCAPTCHA widget.\u003C\u002Fli>\n\u003Cli>reCAPTCHA v3: Data is sent automatically in the background when visiting a page where reCAPTCHA v3 is enabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Service Provider\u003C\u002Fstrong>: Google LLC\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By using this plugin, you agree to Google’s terms and policies regarding reCAPTCHA.\u003C\u002Fp>\n","Easy reCaptcha Shortcodes lets you add Google reCAPTCHA v2 to forms via shortcodes, while reCAPTCHA v3 runs automatically once configured.",40,661,2,"2025-04-07T19:41:00.000Z","6.7.5",[50,20,51,21,52],"captcha","recaptcha","recaptcha-v3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-recaptcha-shortcodes.1.0.0.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":75,"vuln_count":30,"unpatched_count":11,"last_vuln_date":76,"fetched_at":25},"advanced-google-recaptcha","Advanced Google reCAPTCHA","1.34","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetwpcaptcha.com\u002F\" rel=\"nofollow ugc\">Advanced Google reCAPTCHA\u003C\u002Fa> protects your WordPress site from spam comments & brute force login attacks using captcha. This captcha plugin, quickly adds Google reCAPTCHA and other captcha tests to WordPress comment form, login form, and other forms.\u003C\u002Fp>\n\u003Cp>Using Advanced Google reCAPTCHA (most popular captcha on the market), you’ll be safe from spam comments and protect user accounts, WooCommerce, Easy Digital Downloads, BuddyPress and other forms from brute-force login attacks.\u003C\u002Fp>\n\u003Cp>reCaptcha works for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login Form\u003C\u002Fli>\n\u003Cli>Registration Form\u003C\u002Fli>\n\u003Cli>Reset Password Form\u003C\u002Fli>\n\u003Cli>Comment Form\u003C\u002Fli>\n\u003Cli>BuddyPress Form\u003C\u002Fli>\n\u003Cli>WooCommerce Form\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads (EDD) Login Form\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads (EDD) Registration Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Captcha uses these 3rd party libs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chart.js, 2017 Nick Downie, MIT\u003C\u002Fli>\n\u003Cli>DataTables, 2008-2017 SpryMedia Ltd, MIT\u003C\u002Fli>\n\u003Cli>moment.js, Tim Wood, Iskren Chernev, MIT\u003C\u002Fli>\n\u003Cli>SweetAlert 2, github.com\u002FSweetalert2\u002FSweetalert2, MIT\u003C\u002Fli>\n\u003Cli>tooltipster, www.heteroclito.fr\u002Fmodules\u002Ftooltipster\u002F, MIT\u003C\u002Fli>\n\u003C\u002Ful>\n","Captcha protection against spam comments & brute force login attacks using Google reCAPTCHA.",200000,2777323,96,428,"2026-04-09T19:09:00.000Z","7.0","4.9","5.2",[50,71,20,72,51],"comment-recaptcha","login-recaptcha","https:\u002F\u002Fgetwpcaptcha.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-google-recaptcha.1.34.zip",98,"2025-03-27 19:32:14",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":13,"num_ratings":30,"last_updated":87,"tested_up_to":48,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":94,"download_link":95,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"recaptcha-for-asgaros-forum","reCAPTCHA (v2 & v3) for Asgaros Forum","1.0.8","Hitesh Chandwani","https:\u002F\u002Fprofiles.wordpress.org\u002Fhiteshchandwani\u002F","\u003Cp>\u003Cstrong>reCAPTCHA (v2 & v3) for Asgaros Forum\u003C\u002Fstrong> is a free plugin\u002Fadd-on for Asgaros Forum, that allow you to easily add \u003Cstrong>Google reCAPTCHA v2\u003C\u002Fstrong> or \u003Cstrong>Google reCAPTCHA v3\u003C\u002Fstrong> on your Asgaros Forum.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>reCAPTCHA (v2 & v3) for Asgaros Forum\u003C\u002Fstrong> prevent spam from creating new topics or replies. This plugin is built to integrate seamlessly with your Asgaros Forum enabled WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>reCAPTCHA (v2 & v3) for Asgaros Forum\u003C\u002Fstrong> is very easy to use and work for \u003Cstrong>guest users\u003C\u002Fstrong> as well as \u003Cstrong>Logged-in users\u003C\u002Fstrong>.\u003C\u002Fp>\n","A free plugin (add-on) for Asgaros Forum that allow you to easily add Google reCAPTCHA v2 or Google reCAPTCHA v3 on your Asgaros Forum.",5000,64632,"2024-12-06T23:19:00.000Z","4.7",[90,91,92,93,78],"asgaros-forum","asgaros-forum-captcha-add-on","asgaros-forum-recaptcha","asgaros-forum-recaptcha-v2","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecaptcha-for-asgaros-forum\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecaptcha-for-asgaros-forum.1.0.4.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":18,"download_link":116,"security_score":33,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"cf7-google-captcha-load-after-page","CF7 Google Captcha Load After Page","3.0.1","Amit bhalani","https:\u002F\u002Fprofiles.wordpress.org\u002Famit648\u002F","\u003Cp>This plugins use for your website speed improvement and decrease your page request. When you have used contact form 7 and insert you Google Captcha( v3 ) after this plugin active. When a user scrolls the page, then loading google captcha code.\u003C\u002Fp>\n\u003Cp>How to use this plugin?\u003C\u002Fp>\n\u003Col>\n\u003Cli>Download this Free CF7 Google Captcha Load After Page WordPress Plugin from above link.\u003C\u002Fli>\n\u003Cli>Connect to your WordPress dashboard (wp-admin) and navigate to Plugins >> Add New Plugin >> Upload Plugin >> Now upload the downloaded (CF7 Google Captcha Load After Page.zip) file >> Click on  Install Now.\u003C\u002Fli>\n\u003Cli>Once you install this plugin successfully, click on  Activate Plugin .\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Now you visit your site and scroll your site.\u003C\u002Fp>\n","This plugins use for your website speed improvement and decrease your page request. When you have used contact form 7 and insert you Google Captcha( v &hellip;",2000,21346,86,6,"2021-08-09T06:01:00.000Z","5.8.13","3.5",[112,113,114,20,115],"cf7","cf7-google-captcha","google-captcha","google-recaptcha-v3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-google-captcha-load-after-page.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":13,"num_ratings":30,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":135,"download_link":136,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25},"power-captcha-recaptcha","Power Captcha reCAPTCHA","1.1.0","Denis Alemán","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenisaleman\u002F","\u003Cp>Protect your WordPress, WooCommerce, and Contact Form 7 forms from spam, brute-force attacks, and fake accounts using Google reCAPTCHA.\u003C\u002Fp>\n\u003Cp>Power Captcha reCAPTCHA supports 3 Google reCAPTCHA types integrated into 6 common WordPress forms, including login and comment forms, 7 WooCommerce forms, and Contact Form 7.\u003C\u002Fp>\n\u003Ch3>3 CAPTCHA Types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Score-based (v3) CAPTCHA.\u003C\u002Fstrong> Seamless detection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“I’m not a robot” CAPTCHA checkbox.\u003C\u002Fstrong> Verification requests with a challenge.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invisible reCAPTCHA.\u003C\u002Fstrong> Improved, challenge-based CAPTCHA without a checkbox.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6 WordPress Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7 WooCommerce Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Review form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact Form 7\u003C\u002Fh3>\n\u003Cp>As of version 1.0.7, Power Captcha reCAPTCHA integrates with Contact Form 7. You can easily add the Power Captcha reCAPTCHA field to your Contact Form 7 forms.\u003C\u002Fp>\n\u003Ch3>Activity Report\u003C\u002Fh3>\n\u003Cp>The Activity Report feature for the plugin provides users with a detailed overview of captcha interactions. It tracks and displays the number of solved, failed, and empty captchas, offering a daily breakdown to monitor performance trends. Stay informed with clear insights into your captcha performance.\u003C\u002Fp>\n","Protect WordPress\u002FWooCommerce\u002FContact Form 7 forms from spam, brute-force attacks, fake comments, accounts, or registrations with Google reCAPTCHA.",1000,6309,"2025-03-09T01:27:00.000Z","6.8.0","5.0","5.5",[132,50,133,20,134],"anti-spam-security","comment-form","login-security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpower-captcha-recaptcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpower-captcha-recaptcha.1.1.0.zip",{"attackSurface":138,"codeSignals":170,"taintFlows":178,"riskAssessment":206,"analyzedAt":218},{"hooks":139,"ajaxHandlers":166,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":11,"unprotectedCount":11},[140,145,149,154,158,161],{"type":141,"name":142,"callback":143,"file":144,"line":46},"action","admin_menu","recap_v2_menu","admin-menu.php",{"type":141,"name":146,"callback":147,"file":144,"line":148},"admin_init","recapv2_settings_fields",31,{"type":141,"name":150,"callback":151,"file":152,"line":153},"admin_notices","recpv2_admin_notice_error","login-form-integration-with-recaptcha-v2.php",26,{"type":141,"name":155,"callback":156,"file":152,"line":157},"login_enqueue_scripts","recpv2_login_style",34,{"type":141,"name":159,"callback":160,"file":152,"line":44},"login_form","recpv2_add_recaptcha_on_login_page",{"type":141,"name":162,"callback":163,"priority":164,"file":152,"line":165},"wp_authenticate_user","recpv2_captcha_login_check",10,66,[],[],[],[],{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":174,"fileOperations":11,"externalRequests":14,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":177},[],{"prepared":11,"raw":11,"locations":173},[],{"escaped":175,"rawEcho":11,"locations":176},13,[],[],[179,198],{"entryPoint":180,"graph":181,"unsanitizedCount":14,"severity":197},"recpv2_captcha_login_check (login-form-integration-with-recaptcha-v2.php:42)",{"nodes":182,"edges":194},[183,188],{"id":184,"type":185,"label":186,"file":152,"line":187},"n0","source","$_POST",46,{"id":189,"type":190,"label":191,"file":152,"line":192,"wp_function":193},"n1","sink","wp_remote_get() [SSRF]",48,"wp_remote_get",[195],{"from":184,"to":189,"sanitized":196},false,"medium",{"entryPoint":199,"graph":200,"unsanitizedCount":14,"severity":197},"\u003Clogin-form-integration-with-recaptcha-v2> (login-form-integration-with-recaptcha-v2.php:0)",{"nodes":201,"edges":204},[202,203],{"id":184,"type":185,"label":186,"file":152,"line":187},{"id":189,"type":190,"label":191,"file":152,"line":192,"wp_function":193},[205],{"from":184,"to":189,"sanitized":196},{"summary":207,"deductions":208},"The plugin \"login-form-integration-with-recaptcha-v2\" v1.0 demonstrates a generally good security posture based on the provided static analysis. The absence of dangerous functions, file operations, and the exclusive use of prepared statements for SQL queries are positive indicators. Furthermore, all identified outputs are properly escaped, and there are no known CVEs associated with this plugin, suggesting a history of secure development or infrequent discovery of vulnerabilities. The plugin also appears to have a very small attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events directly exposed, and importantly, no unprotected entry points identified.\n\nHowever, the analysis does raise some concerns. The presence of two \"flows with unsanitized paths\" in the taint analysis, even if not classified as critical or high severity, warrants attention. While the plugin doesn't appear to have a large attack surface, the lack of capability checks and nonce checks on any potential entry points (if they were to exist or be implicitly used) is a notable weakness. The single external HTTP request is also a minor point of potential concern, depending on its destination and purpose, as it could be a vector for certain types of attacks if not handled securely. The absence of explicit authentication checks on AJAX and REST API routes, although there are none listed, means that if any were introduced in future versions without proper security considerations, they could become vulnerabilities.\n\nOverall, the plugin appears to be developed with security in mind, particularly regarding common web vulnerabilities like SQL injection and XSS. The lack of historical vulnerabilities is a strong point. However, the taint analysis findings, along with the absence of capability and nonce checks, suggest that while the current version may be relatively safe, there are areas that could be further hardened to prevent potential future issues, especially if the plugin's functionality evolves or its integration points are expanded. Further investigation into the nature of the unsanitized paths would be beneficial.",[209,211,214,216],{"reason":210,"points":164},"Flows with unsanitized paths found",{"reason":212,"points":213},"No nonce checks implemented",8,{"reason":215,"points":213},"No capability checks implemented",{"reason":217,"points":30},"External HTTP requests present","2026-04-16T14:25:37.963Z",{"wat":220,"direct":226},{"assetPaths":221,"generatorPatterns":222,"scriptPaths":223,"versionParams":225},[],[],[224],"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi.js",[],{"cssClasses":227,"htmlComments":229,"htmlAttributes":230,"restEndpoints":232,"jsGlobals":233,"shortcodeOutput":234},[228],"brochure__form__captcha",[],[231],"data-sitekey",[],[],[235],"\u003Cdiv class=\"g-recaptcha brochure__form__captcha\" data-sitekey=\"",{"error":237,"url":238,"statusCode":239,"statusMessage":240,"message":240},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Flogin-form-integration-with-recaptcha-v2\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":242},[243],{"version":6,"download_url":22,"svn_tag_url":244,"released_at":24,"has_diff":196,"diff_files_changed":245,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":246,"is_current":237},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Flogin-form-integration-with-recaptcha-v2\u002Ftags\u002F1.0\u002F",[],[]]