[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7qmNCfaANPPLkSA-SsU8Bf2fkAF92yjQjg3t7z071Kg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":126,"fingerprints":206},"mailster-hcaptcha","Mailster hCaptcha","2.0.1","EverPress","https:\u002F\u002Fprofiles.wordpress.org\u002Feverpress\u002F","\u003Cp>Adds a hCaptcha to your Mailster subscription forms.\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-cool-captcha\u002F\" rel=\"ugc\">Mailster Cool Captcha for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=hCaptcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a hCaptcha to your Mailster subscription forms.",100,5711,1,"2024-05-27T13:11:00.000Z","6.5.8","6.0","",[19,20,21,22,23],"captcha","form","hcaptcha","mailster","recaptcha","https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=hCaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-hcaptcha.2.0.1.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"everpress",28,121400,91,255,73,"2026-04-04T16:28:13.444Z",[40,62,83,97,108],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":17,"tags":55,"homepage":17,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":27,"last_vuln_date":61,"fetched_at":29},"contact-form-7-simple-recaptcha","Contact Form 7 Captcha","0.1.7","LukasApps","https:\u002F\u002Fprofiles.wordpress.org\u002F247wd\u002F","\u003Cp>Protect your Contact Form 7 forms with \u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong>, \u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong>, \u003Cstrong>hCAPTCHA\u003C\u002Fstrong>, or \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Easy integration and supports multiple forms on a single page.\u003C\u002Fp>\n\u003Ch3>Four CAPTCHA Options\u003C\u002Fh3>\n\u003Cp>Choose the CAPTCHA provider that works best for you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong> — The industry-standard “I’m not a robot” checkbox, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong> — The industry-standard invisible score-based verification, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>hCAPTCHA\u003C\u002Fstrong> — A privacy-first alternative that offers robust bot protection while keeping user data secure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> — A modern CAPTCHA that verifies users in the background, only requiring a simple click if the visitor appears suspicious.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Simple Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Sign up with your chosen CAPTCHA provider and grab your Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Paste them into \u003Cstrong>CF7 Captcha\u003C\u002Fstrong> in your WordPress admin.\u003C\u002Fli>\n\u003Cli>Add protection to any CF7 form in seconds using the shortcode provided in the same settings page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Customizable Appearance\u003C\u002Fh3>\n\u003Cp>Each CAPTCHA widget supports customization options directly from the shortcode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Size\u003C\u002Fstrong> — Choose between normal and compact to fit your form layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme\u003C\u002Fstrong> — Switch between light and dark themes (or auto for Turnstile) to match your site’s design.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Language\u003C\u002Fstrong> — Force any CAPTCHA to render in a specific language for your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All options are combinable, so you can mix and match to get the exact look you need.\u003C\u002Fp>\n\u003Ch3>Submission Insights (NEW in v0.1.7)\u003C\u002Fh3>\n\u003Cp>Go beyond just blocking spam. Submission Insights gives you full visibility into every form submission:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Sender IP\u003C\u002Fstrong> — See the IP address of the person who contacted you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Source Page\u003C\u002Fstrong> — Know exactly which page on your site the form was filled out on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Device & Browser\u003C\u002Fstrong> — Get technical details about the sender’s setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Want More? Upgrade to CF7 Captcha Pro\u003C\u002Fh3>\n\u003Cp>This free version gives you solid CAPTCHA protection. But the smartest bots are already solving CAPTCHAs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CF7 Captcha Pro\u003C\u002Fstrong> adds six extra layers of invisible spam defense on top of what you already have here, plus a full set of tools to capture and act on every lead your forms collect.\u003C\u002Fp>\n\u003Ch3>What you get with Pro\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>6-Layer Spam Defense\u003C\u002Fstrong> — stops 99.9% of spam without ever bothering your visitors:\u003Cbr \u002F>\n– \u003Cstrong>Advanced Honeypot\u003C\u002Fstrong> — invisible trap fields with names that regenerate every 24 hours.\u003Cbr \u002F>\n– \u003Cstrong>Time Limit Validation\u003C\u002Fstrong> — bots submit in 0.2 seconds. Humans take 15–30. This blocks anything that moves too fast (or stays too long).\u003Cbr \u002F>\n– \u003Cstrong>Rate Limiting\u003C\u002Fstrong> — caps submissions per IP so bot networks can’t flood your inbox or burn through your email quota.\u003Cbr \u002F>\n– \u003Cstrong>Geographic Blocking\u003C\u002Fstrong> — whitelist only the countries you serve, or blacklist known spam regions.\u003Cbr \u002F>\n– \u003Cstrong>IP Pattern Blocking\u003C\u002Fstrong> — block single IPs, wildcards, CIDR ranges, or entire subnets when you know exactly where an attack is coming from.\u003Cbr \u002F>\n– \u003Cstrong>Word Filter\u003C\u002Fstrong> — scans every submission for spam keywords, phishing URLs, and known scam phrases before it reaches you.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lead Recovery\u003C\u002Fstrong> — 70% of people who start filling out a form never submit it. Pro captures their data in real-time as they type, so you can follow up on leads that would otherwise vanish.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Database Storage & Export\u003C\u002Fstrong> — every submission is saved with full metadata (IP, browser, referrer, timestamp). Export to CSV, Excel, JSON, or PDF whenever you need it. No more lost leads if your email fails.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Webhooks\u003C\u002Fstrong> — send form data instantly to any URL. Connect to Zapier, Salesforce, Slack, Google Sheets, or any custom API. Multiple webhooks per form, with retry logic built in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mailchimp Integration\u003C\u002Fstrong> — submissions automatically added to your Mailchimp lists. Field mapping, tags, opt-in handling.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Twilio SMS\u003C\u002Fstrong> — receive instant alerts for every submission or send automated SMS replies to your clients.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Comprehensive Logging\u003C\u002Fstrong> — every spam block, webhook call, and integration event is logged. Debug any issue in minutes instead of hours.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Flukasapps.de\u002Fwordpress\u002Fplugins\u002Fcf7-captcha-pro\u002F\" rel=\"nofollow ugc\">Get CF7 Captcha Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect your Contact Form 7 forms with Google reCAPTCHA V2, Google reCAPTCHA V3, hCAPTCHA, or Cloudflare Turnstile.",100000,1042756,82,48,"2026-02-01T21:19:00.000Z","6.9.4","4.1.2",[19,56,21,23,57],"contact-form-7","spam-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-simple-recaptcha.zip",99,2,"2022-06-27 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":11,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":17,"download_link":81,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"gf-hcaptcha","G-Forms hCaptcha","1.3.1","Kevin Landsbergen","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebandappeasy\u002F","\u003Cp>A new way to monetize your site traffic with the hCaptcha addon for Gravity Forms.\u003C\u002Fp>\n\u003Cp>This hCaptcha addon is a drop-in replacement for reCAPTCHA that earns website owners money and help companies get their data labeled while blocking bots and other forms of abuse.\u003C\u002Fp>\n\u003Ch3>Privacy Notices\u003C\u002Fh3>\n\u003Cp>With the default configuration, this addon does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>track users by stealth;\u003C\u002Fli>\n\u003Cli>write any user personal data to the database;\u003C\u002Fli>\n\u003Cli>send any data to external servers;\u003C\u002Fli>\n\u003Cli>use cookies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Once you activate this plugin, the hCaptcha-answering user’s personal data, including their IP address, may be sent to the hCaptcha service.\u003C\u002Fp>\n\u003Cp>Please see the hCaptcha privacy policy at:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002FhCaptcha.com\u002Fprivacy\" rel=\"nofollow ugc\">hCaptcha.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A new way to monetize your site traffic with the hCaptcha addon for Gravity Forms.",3000,22326,3,"2022-07-15T13:53:00.000Z","6.0.11","4.7","5.6",[78,79,80,21,23],"addon","forms","gravity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgf-hcaptcha.zip",85,{"slug":84,"name":85,"version":6,"author":7,"author_profile":8,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":93,"homepage":95,"download_link":96,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"mailster-recaptcha","Mailster reCaptcha","\u003Cp>Adds a reCaptcha™ to your Mailster subscription forms.\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-cool-captcha\u002F\" rel=\"ugc\">Mailster Cool Captcha for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=reCaptcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a reCaptcha™ to your Mailster subscription forms.",1000,27282,40,4,"2024-05-27T13:33:00.000Z",[19,20,22,23,94],"secure","https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=reCaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-recaptcha.2.0.1.zip",{"slug":98,"name":99,"version":65,"author":7,"author_profile":8,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":27,"num_ratings":27,"last_updated":104,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":105,"homepage":106,"download_link":107,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"mailster-cool-captcha","Mailster Cool Captcha","\u003Cblockquote>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=Cool+Captcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Adds a Cool Captcha to your Mailster subscription forms\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-recaptcha\u002F\" rel=\"ugc\">Mailster reCaptcha™ for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=Cool+Captcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a Cool Captcha to your Mailster subscription forms",400,5486,"2024-05-27T12:53:00.000Z",[19,20,79,22,23],"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=Cool+Captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-cool-captcha.1.3.1.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":11,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":17,"tags":122,"homepage":17,"download_link":125,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,89,"2025-04-15T22:52:00.000Z","6.7.5","4.9",[56,123,23,124],"contact-form-7-recaptcha","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"attackSurface":127,"codeSignals":177,"taintFlows":195,"riskAssessment":196,"analyzedAt":205},{"hooks":128,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":27,"unprotectedCount":27},[129,134,137,142,146,150,155,159,162,165,169],{"type":130,"name":131,"callback":131,"file":132,"line":133},"action","init","classes\\hcaptcha.class.php",18,{"type":130,"name":131,"callback":135,"file":132,"line":136},"register_post_meta",19,{"type":138,"name":139,"callback":140,"file":132,"line":141},"filter","mailster_setting_sections","settings_tab",54,{"type":130,"name":143,"callback":144,"file":132,"line":145},"mailster_section_tab_hCaptcha","settings",55,{"type":130,"name":147,"callback":148,"file":132,"line":149},"enqueue_block_assets","enqueue_block_editor_assets",57,{"type":138,"name":151,"callback":152,"priority":153,"file":132,"line":154},"mailster_form_fields","form_fields",10,60,{"type":138,"name":156,"callback":157,"priority":153,"file":132,"line":158},"mailster_block_form","add_form_fields",61,{"type":138,"name":156,"callback":160,"priority":153,"file":132,"line":161},"enqueue_script",63,{"type":138,"name":163,"callback":160,"priority":153,"file":132,"line":164},"mailster_form",64,{"type":138,"name":166,"callback":167,"priority":153,"file":132,"line":168},"mailster_block_form_field_errors","form_submission_check",65,{"type":138,"name":170,"callback":171,"priority":153,"file":132,"line":172},"mailster_submit","legacy_form_submission_check",66,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":27,"externalRequests":13,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":194},[],{"prepared":27,"raw":27,"locations":180},[],{"escaped":182,"rawEcho":91,"locations":183},15,[184,188,190,192],{"file":185,"line":186,"context":187},"views\\settings.php",32,"raw output",{"file":185,"line":189,"context":187},159,{"file":185,"line":191,"context":187},175,{"file":185,"line":193,"context":187},191,[],[],{"summary":197,"deductions":198},"The mailster-hcaptcha plugin, version 2.0.1, exhibits a generally strong security posture based on the provided static analysis. The complete absence of identified vulnerabilities in its history, coupled with the lack of critical or high-severity code signals such as dangerous functions, unsanitized taint flows, or raw SQL queries, indicates a diligent development approach. The plugin also adheres to good practices by utilizing prepared statements for all its SQL queries and has a relatively small attack surface with no known unprotected entry points.  \n\nHowever, there are a few areas for improvement that slightly temper the otherwise positive assessment. The plugin makes an external HTTP request, which, while not inherently a vulnerability, is a potential point of failure or interception if not handled securely. More importantly, the absence of nonce checks and capability checks across all identified entry points is a significant concern. While the static analysis reports zero unprotected entry points, this could be a limitation of the analysis tool if it's not detecting these critical security mechanisms. If the plugin's functionality relies on these entry points to perform sensitive actions, the lack of proper authorization and CSRF protection represents a notable weakness.  \n\nIn conclusion, while the plugin has a clean vulnerability history and uses secure database practices, the potential oversight in nonce and capability checks on its entry points warrants caution. The single external HTTP request is a minor consideration. The overall security is good, but the absence of explicit checks on potential interaction points is a weakness that could expose the application to risks if those points are indeed utilized for sensitive operations.",[199,201,203],{"reason":200,"points":72},"External HTTP request identified",{"reason":202,"points":153},"No nonce checks found",{"reason":204,"points":153},"No capability checks found","2026-03-16T20:55:15.626Z",{"wat":207,"direct":216},{"assetPaths":208,"generatorPatterns":211,"scriptPaths":212,"versionParams":213},[209,210],"\u002Fwp-content\u002Fplugins\u002Fmailster-hcaptcha\u002Fbuild\u002Fhcaptcha.js","\u002Fwp-content\u002Fplugins\u002Fmailster-hcaptcha\u002Fbuild\u002Finspector.js",[],[209,210],[214,215],"mailster-hcaptcha\u002Fbuild\u002Fhcaptcha.js?ver=","mailster-hcaptcha\u002Fbuild\u002Finspector.js?ver=",{"cssClasses":217,"htmlComments":219,"htmlAttributes":220,"restEndpoints":224,"jsGlobals":226,"shortcodeOutput":228},[218],"mailster-_hcaptcha-wrapper",[],[221,222,223],"data-sitekey","data-theme","data-size",[225],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fmailster-form?hcaptcha=",[227],"mailster_hcaptcha",[229],"\u003Cdiv class=\"h-captcha\""]