[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvmRoBN9mBSnQ4cKaaj9zq1TzfyuXKJSa7Fhg-xbAZBc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":127,"fingerprints":192},"mailster-recaptcha","Mailster reCaptcha","2.0.1","EverPress","https:\u002F\u002Fprofiles.wordpress.org\u002Feverpress\u002F","\u003Cp>Adds a reCaptcha™ to your Mailster subscription forms.\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-cool-captcha\u002F\" rel=\"ugc\">Mailster Cool Captcha for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=reCaptcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a reCaptcha™ to your Mailster subscription forms.",1000,27282,40,4,"2024-05-27T13:33:00.000Z","6.5.8","6.0","",[20,21,22,23,24],"captcha","form","mailster","recaptcha","secure","https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=reCaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-recaptcha.2.0.1.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"everpress",28,121400,91,255,73,"2026-04-04T11:07:46.151Z",[41,54,67,86,110],{"slug":42,"name":43,"version":44,"author":7,"author_profile":8,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":28,"num_ratings":28,"last_updated":49,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":50,"homepage":52,"download_link":53,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"mailster-cool-captcha","Mailster Cool Captcha","1.3.1","\u003Cblockquote>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=Cool+Captcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Adds a Cool Captcha to your Mailster subscription forms\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-recaptcha\u002F\" rel=\"ugc\">Mailster reCaptcha™ for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=Cool+Captcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a Cool Captcha to your Mailster subscription forms",400,5486,"2024-05-27T12:53:00.000Z",[20,21,51,22,23],"forms","https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=Cool+Captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-cool-captcha.1.3.1.zip",{"slug":55,"name":56,"version":6,"author":7,"author_profile":8,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":59,"num_ratings":61,"last_updated":62,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":63,"homepage":65,"download_link":66,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"mailster-hcaptcha","Mailster hCaptcha","\u003Cp>Adds a hCaptcha to your Mailster subscription forms.\u003C\u002Fp>\n\u003Cp>You may also try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailster-cool-captcha\u002F\" rel=\"ugc\">Mailster Cool Captcha for Forms\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>This Plugin requires \u003Ca href=\"https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=readme&utm_term=hCaptcha\" rel=\"nofollow ugc\">Mailster Newsletter Plugin for WordPress\u003C\u002Fa>\u003C\u002Fp>\n","Adds a hCaptcha to your Mailster subscription forms.",100,5711,1,"2024-05-27T13:11:00.000Z",[20,21,64,22,23],"hcaptcha","https:\u002F\u002Fmailster.co\u002F?utm_campaign=wporg&utm_source=wordpress.org&utm_medium=plugin&utm_term=hCaptcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailster-hcaptcha.2.0.1.zip",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":59,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":18,"tags":81,"homepage":18,"download_link":85,"security_score":59,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,89,"2025-04-15T22:52:00.000Z","6.7.5","4.9",[82,83,23,84],"contact-form-7","contact-form-7-recaptcha","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":101,"tags":102,"homepage":18,"download_link":106,"security_score":107,"vuln_count":108,"unpatched_count":28,"last_vuln_date":109,"fetched_at":30},"captcha-code-authentication","Captcha Code","3.3","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>Adds GDPR compatible captcha code anti-spam protection to WordPress forms – comments form, registration form, lost password form, and login form. In order to post comments or register, users have to type in the code shown on the image. This prevents spam from automated bots & adds security. No external services (like Google ReCaptcha) are used. No API keys are needed, and no user-identifiable data is used so it’s GDPR compatible.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Captcha position – comments form, login form, registration form, or lost password form.\u003C\u002Fli>\n\u003Cli>Letters type – capital letters, small letters, or captial & small letters.\u003C\u002Fli>\n\u003Cli>Captcha type – alphanumeric, alphabets or numbers.\u003C\u002Fli>\n\u003Cli>Translation enabled.\u003C\u002Fli>\n\u003C\u002Fol>\n","GDPR compatible captcha anti-spam protection for login form, comments form, registration form & lost password form. Eliminate spam with captcha.",100000,678917,76,34,"2025-12-03T18:21:00.000Z","6.9.4","3.0","5.2",[20,103,104,105,23],"comments-spam","form-captcha","login-captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-code-authentication.3.3.zip",99,2,"2023-11-24 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":94,"downloaded":118,"rating":119,"num_ratings":120,"last_updated":121,"tested_up_to":99,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":18,"download_link":125,"security_score":107,"vuln_count":108,"unpatched_count":28,"last_vuln_date":126,"fetched_at":30},"contact-form-7-simple-recaptcha","Contact Form 7 Captcha","0.1.7","LukasApps","https:\u002F\u002Fprofiles.wordpress.org\u002F247wd\u002F","\u003Cp>Protect your Contact Form 7 forms with \u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong>, \u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong>, \u003Cstrong>hCAPTCHA\u003C\u002Fstrong>, or \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Easy integration and supports multiple forms on a single page.\u003C\u002Fp>\n\u003Ch3>Four CAPTCHA Options\u003C\u002Fh3>\n\u003Cp>Choose the CAPTCHA provider that works best for you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V2\u003C\u002Fstrong> — The industry-standard “I’m not a robot” checkbox, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google reCAPTCHA V3\u003C\u002Fstrong> — The industry-standard invisible score-based verification, trusted by millions of sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>hCAPTCHA\u003C\u002Fstrong> — A privacy-first alternative that offers robust bot protection while keeping user data secure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> — A modern CAPTCHA that verifies users in the background, only requiring a simple click if the visitor appears suspicious.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Simple Setup\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Sign up with your chosen CAPTCHA provider and grab your Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Paste them into \u003Cstrong>CF7 Captcha\u003C\u002Fstrong> in your WordPress admin.\u003C\u002Fli>\n\u003Cli>Add protection to any CF7 form in seconds using the shortcode provided in the same settings page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Customizable Appearance\u003C\u002Fh3>\n\u003Cp>Each CAPTCHA widget supports customization options directly from the shortcode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Size\u003C\u002Fstrong> — Choose between normal and compact to fit your form layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme\u003C\u002Fstrong> — Switch between light and dark themes (or auto for Turnstile) to match your site’s design.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Language\u003C\u002Fstrong> — Force any CAPTCHA to render in a specific language for your audience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All options are combinable, so you can mix and match to get the exact look you need.\u003C\u002Fp>\n\u003Ch3>Submission Insights (NEW in v0.1.7)\u003C\u002Fh3>\n\u003Cp>Go beyond just blocking spam. Submission Insights gives you full visibility into every form submission:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Sender IP\u003C\u002Fstrong> — See the IP address of the person who contacted you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Source Page\u003C\u002Fstrong> — Know exactly which page on your site the form was filled out on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Device & Browser\u003C\u002Fstrong> — Get technical details about the sender’s setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Want More? Upgrade to CF7 Captcha Pro\u003C\u002Fh3>\n\u003Cp>This free version gives you solid CAPTCHA protection. But the smartest bots are already solving CAPTCHAs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CF7 Captcha Pro\u003C\u002Fstrong> adds six extra layers of invisible spam defense on top of what you already have here, plus a full set of tools to capture and act on every lead your forms collect.\u003C\u002Fp>\n\u003Ch3>What you get with Pro\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>6-Layer Spam Defense\u003C\u002Fstrong> — stops 99.9% of spam without ever bothering your visitors:\u003Cbr \u002F>\n– \u003Cstrong>Advanced Honeypot\u003C\u002Fstrong> — invisible trap fields with names that regenerate every 24 hours.\u003Cbr \u002F>\n– \u003Cstrong>Time Limit Validation\u003C\u002Fstrong> — bots submit in 0.2 seconds. Humans take 15–30. This blocks anything that moves too fast (or stays too long).\u003Cbr \u002F>\n– \u003Cstrong>Rate Limiting\u003C\u002Fstrong> — caps submissions per IP so bot networks can’t flood your inbox or burn through your email quota.\u003Cbr \u002F>\n– \u003Cstrong>Geographic Blocking\u003C\u002Fstrong> — whitelist only the countries you serve, or blacklist known spam regions.\u003Cbr \u002F>\n– \u003Cstrong>IP Pattern Blocking\u003C\u002Fstrong> — block single IPs, wildcards, CIDR ranges, or entire subnets when you know exactly where an attack is coming from.\u003Cbr \u002F>\n– \u003Cstrong>Word Filter\u003C\u002Fstrong> — scans every submission for spam keywords, phishing URLs, and known scam phrases before it reaches you.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lead Recovery\u003C\u002Fstrong> — 70% of people who start filling out a form never submit it. Pro captures their data in real-time as they type, so you can follow up on leads that would otherwise vanish.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Database Storage & Export\u003C\u002Fstrong> — every submission is saved with full metadata (IP, browser, referrer, timestamp). Export to CSV, Excel, JSON, or PDF whenever you need it. No more lost leads if your email fails.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Webhooks\u003C\u002Fstrong> — send form data instantly to any URL. Connect to Zapier, Salesforce, Slack, Google Sheets, or any custom API. Multiple webhooks per form, with retry logic built in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mailchimp Integration\u003C\u002Fstrong> — submissions automatically added to your Mailchimp lists. Field mapping, tags, opt-in handling.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Twilio SMS\u003C\u002Fstrong> — receive instant alerts for every submission or send automated SMS replies to your clients.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Comprehensive Logging\u003C\u002Fstrong> — every spam block, webhook call, and integration event is logged. Debug any issue in minutes instead of hours.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Flukasapps.de\u002Fwordpress\u002Fplugins\u002Fcf7-captcha-pro\u002F\" rel=\"nofollow ugc\">Get CF7 Captcha Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect your Contact Form 7 forms with Google reCAPTCHA V2, Google reCAPTCHA V3, hCAPTCHA, or Cloudflare Turnstile.",1042756,82,48,"2026-02-01T21:19:00.000Z","4.1.2",[20,82,64,23,124],"spam-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-simple-recaptcha.zip","2022-06-27 00:00:00",{"attackSurface":128,"codeSignals":171,"taintFlows":182,"riskAssessment":183,"analyzedAt":191},{"hooks":129,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":28,"unprotectedCount":28},[130,135,138,143,147,151,156,159,163],{"type":131,"name":132,"callback":132,"file":133,"line":134},"action","init","classes\\recaptcha.class.php",18,{"type":131,"name":132,"callback":136,"file":133,"line":137},"register_post_meta",19,{"type":139,"name":140,"callback":141,"file":133,"line":142},"filter","mailster_setting_sections","settings_tab",54,{"type":131,"name":144,"callback":145,"file":133,"line":146},"mailster_section_tab_reCaptcha","settings",55,{"type":131,"name":148,"callback":149,"file":133,"line":150},"enqueue_block_assets","enqueue_block_editor_assets",57,{"type":139,"name":152,"callback":153,"priority":154,"file":133,"line":155},"mailster_block_form","enqueue_script",10,61,{"type":139,"name":157,"callback":153,"priority":154,"file":133,"line":158},"mailster_form",62,{"type":139,"name":160,"callback":161,"priority":154,"file":133,"line":162},"mailster_block_form_field_errors","form_submission_check",63,{"type":139,"name":164,"callback":165,"priority":154,"file":133,"line":166},"mailster_submit","legacy_form_submission_check",64,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":28,"externalRequests":61,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":181},[],{"prepared":28,"raw":28,"locations":174},[],{"escaped":176,"rawEcho":61,"locations":177},9,[178],{"file":179,"line":97,"context":180},"views\\settings.php","raw output",[],[],{"summary":184,"deductions":185},"The mailster-recaptcha plugin, v2.0.1, exhibits a generally strong security posture based on the static analysis. The complete absence of direct entry points like AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. Furthermore, the analysis indicates that all SQL queries utilize prepared statements, and the vast majority of output is properly escaped, reducing the risk of common injection and cross-site scripting vulnerabilities. The plugin also avoids file operations and bundled libraries, further simplifying its security profile.\n\nHowever, there are a few areas that warrant attention. The presence of a single external HTTP request, while not inherently problematic, could represent a potential avenue for certain types of attacks if not handled securely. More concerning is the lack of nonce checks and capability checks. While the static analysis shows no direct entry points that would typically necessitate these, their absence in the codebase means that if any new entry points were introduced in the future, they might be vulnerable to CSRF or unauthorized access attacks without explicit checks.\n\nThe vulnerability history shows a clean slate with no known CVEs. This, coupled with the positive static analysis signals, suggests that the plugin has been developed with security in mind and has not historically been a target for significant vulnerabilities. In conclusion, the plugin is currently in a good security state due to its limited attack surface and secure coding practices for SQL and output. The primary areas for improvement would be to implement capability checks and nonce checks as a preventative measure for future development, and to carefully scrutinize the security of the external HTTP request.",[186,189],{"reason":187,"points":188},"Missing nonce checks",5,{"reason":190,"points":188},"Missing capability checks","2026-03-16T18:59:20.588Z",{"wat":193,"direct":202},{"assetPaths":194,"generatorPatterns":197,"scriptPaths":198,"versionParams":199},[195,196],"\u002Fwp-content\u002Fplugins\u002Fmailster-recaptcha\u002Fbuild\u002Finspector.js","\u002Fwp-content\u002Fplugins\u002Fmailster-recaptcha\u002Fbuild\u002Frecaptcha.js",[],[195,196],[200,201],"mailster-recaptcha\u002Fbuild\u002Finspector.js?ver=","mailster-recaptcha\u002Fbuild\u002Frecaptcha.js?ver=",{"cssClasses":203,"htmlComments":204,"htmlAttributes":205,"restEndpoints":207,"jsGlobals":209,"shortcodeOutput":211},[],[],[206],"data-recaptcha-enabled",[208],"\u002Fwp-json\u002Fmailster-recaptcha\u002Fv1\u002Fsettings",[210],"mailster_recaptcha",[]]