[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkk3x1mXHAYSXICwwIddi6G3dk0F20JR2epM4GyeaSXs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":135,"fingerprints":295},"recaptcha-login","reCAPTCHA Login","1.0","Onnay Okheng","https:\u002F\u002Fprofiles.wordpress.org\u002Fonnayokheng\u002F","\u003Cp>Add reCAPTCHA to your WordPress login form also on a widget form\u003C\u002Fp>\n","Add reCAPTCHA to your WordPress login form",10,4582,86,4,"2013-02-05T06:02:00.000Z","3.5.2","3.0","",[20,21,22,23,24],"admin","captcha","login","recaptcha","widget","http:\u002F\u002Fonnayokheng.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecaptcha-login.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"onnayokheng",100,30,84,"2026-04-05T04:21:45.700Z",[39,58,74,96,115],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":41,"active_installs":46,"downloaded":47,"rating":34,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":18,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"hostvn-admin-optimize","Hostvn Admin Optimize","1.0.7","Duong Thanh Binh","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostvn\u002F","\u003Cul>\n\u003Cli>Disable Wp-admin Dashboard widget\u003C\u002Fli>\n\u003Cli>Disable Plugins update, Theme update, WordPress Update\u003C\u002Fli>\n\u003Cli>Add Google Recaptcha to login form, register form, forgot password form\u003C\u002Fli>\n\u003Cli>Disable Generator meta tag\u003C\u002Fli>\n\u003Cli>Change login errors message\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable redirect to homepage after login\u003C\u002Fli>\n\u003Cli>Woocommerce optimize\u003C\u002Fli>\n\u003Cli>SMTP settings\u003C\u002Fli>\n\u003Cli>CDN config\u003C\u002Fli>\n\u003Cli>Security settings\u003C\u002Fli>\n\u003Cli>Contact Button\u003C\u002Fli>\n\u003Cli>Show\u002FHide menu in wp-admin\u003C\u002Fli>\n\u003Cli>Change login link\u003C\u002Fli>\n\u003Cli>And more …\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>System Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>PHP >= 5.6\u003C\u002Fli>\n\u003Cli>WordPress >= 4.9\u003C\u002Fli>\n\u003C\u002Fol>\n",400,2206,1,"2021-02-08T11:12:00.000Z","5.5.18","4.9","5.6",[54,23,55,56],"login-recaptcha","wordpress-optimize","wp-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostvn-admin-optimize.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":34,"num_ratings":48,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":18,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"evg-google-recaptcha","Login With Google reCaptcha For WordPress And Woocomerce","1.00","evgeniypoznyak","https:\u002F\u002Fprofiles.wordpress.org\u002Fevgeniypoznyak\u002F","\u003Cp>This plugin is implements Google reCaptcha to WordPress\\Woocommerce Login page and hide user\u002Fpassword errors (optional).\u003C\u002Fp>\n","Extended WordPress\\Woocomerce Login With Google reCaptcha and hiding user\u002Fpassword errors",1675,"2017-06-05T18:03:00.000Z","4.7.32","3.1",[20,71,22,23,72],"google-recaptcha","security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fevg-google-recaptcha.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":51,"requires_php":88,"tags":89,"homepage":91,"download_link":92,"security_score":93,"vuln_count":94,"unpatched_count":28,"last_vuln_date":95,"fetched_at":30},"advanced-google-recaptcha","Advanced Google reCAPTCHA","1.31","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetwpcaptcha.com\u002F\" rel=\"nofollow ugc\">Advanced Google reCAPTCHA\u003C\u002Fa> protects your WordPress site from spam comments & brute force login attacks using captcha. This captcha plugin, quickly adds Google reCAPTCHA and other captcha tests to WordPress comment form, login form, and other forms.\u003C\u002Fp>\n\u003Cp>Using Advanced Google reCAPTCHA (most popular captcha on the market), you’ll be safe from spam comments and protect user accounts, WooCommerce, Easy Digital Downloads, BuddyPress and other forms from brute-force login attacks.\u003C\u002Fp>\n\u003Cp>reCaptcha works for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login Form\u003C\u002Fli>\n\u003Cli>Registration Form\u003C\u002Fli>\n\u003Cli>Reset Password Form\u003C\u002Fli>\n\u003Cli>Comment Form\u003C\u002Fli>\n\u003Cli>BuddyPress Form\u003C\u002Fli>\n\u003Cli>WooCommerce Form\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads (EDD) Login Form\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads (EDD) Registration Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Captcha uses these 3rd party libs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chart.js, 2017 Nick Downie, MIT\u003C\u002Fli>\n\u003Cli>DataTables, 2008-2017 SpryMedia Ltd, MIT\u003C\u002Fli>\n\u003Cli>moment.js, Tim Wood, Iskren Chernev, MIT\u003C\u002Fli>\n\u003Cli>SweetAlert 2, github.com\u002FSweetalert2\u002FSweetalert2, MIT\u003C\u002Fli>\n\u003Cli>tooltipster, www.heteroclito.fr\u002Fmodules\u002Ftooltipster\u002F, MIT\u003C\u002Fli>\n\u003C\u002Ful>\n","Captcha protection against spam comments & brute force login attacks using Google reCAPTCHA.",200000,2435450,96,428,"2025-12-02T20:29:00.000Z","6.9.4","5.2",[21,90,71,54,23],"comment-recaptcha","https:\u002F\u002Fgetwpcaptcha.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-google-recaptcha.1.31.zip",98,3,"2025-03-27 19:32:14",{"slug":97,"name":98,"version":99,"author":78,"author_profile":79,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":87,"requires_at_least":17,"requires_php":88,"tags":107,"homepage":18,"download_link":111,"security_score":112,"vuln_count":113,"unpatched_count":28,"last_vuln_date":114,"fetched_at":30},"captcha-code-authentication","Captcha Code","3.3","\u003Cp>Adds GDPR compatible captcha code anti-spam protection to WordPress forms – comments form, registration form, lost password form, and login form. In order to post comments or register, users have to type in the code shown on the image. This prevents spam from automated bots & adds security. No external services (like Google ReCaptcha) are used. No API keys are needed, and no user-identifiable data is used so it’s GDPR compatible.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Captcha position – comments form, login form, registration form, or lost password form.\u003C\u002Fli>\n\u003Cli>Letters type – capital letters, small letters, or captial & small letters.\u003C\u002Fli>\n\u003Cli>Captcha type – alphanumeric, alphabets or numbers.\u003C\u002Fli>\n\u003Cli>Translation enabled.\u003C\u002Fli>\n\u003C\u002Fol>\n","GDPR compatible captcha anti-spam protection for login form, comments form, registration form & lost password form. Eliminate spam with captcha.",100000,678917,76,34,"2025-12-03T18:21:00.000Z",[21,108,109,110,23],"comments-spam","form-captcha","login-captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptcha-code-authentication.3.3.zip",99,2,"2023-11-24 00:00:00",{"slug":54,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":18,"tags":129,"homepage":132,"download_link":133,"security_score":27,"vuln_count":48,"unpatched_count":28,"last_vuln_date":134,"fetched_at":30},"Login No Captcha reCAPTCHA","1.7.3","Robert Peake","https:\u002F\u002Fprofiles.wordpress.org\u002Frobertpeake\u002F","\u003Cp>Adds a Google No Captcha ReCaptcha checkbox to your WordPress and Woocommerce login, forgot password, and user registration pages. Denies access to automated scripts while making it easy on humans to log in by checking a box. As Google says, it is “Tough on bots, easy on humans.”\u003C\u002Fp>\n","Adds a Google No Captcha ReCaptcha checkbox to your Wordpress and Woocommerce login, forgot password, and user registration pages.",60000,1369961,90,63,"2024-02-27T10:43:00.000Z","6.4.8","4.6",[130,22,131,23,72],"google","nocaptcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-recaptcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-recaptcha.1.7.3.zip","2022-08-16 00:00:00",{"attackSurface":136,"codeSignals":172,"taintFlows":227,"riskAssessment":283,"analyzedAt":294},{"hooks":137,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":28,"unprotectedCount":28},[138,143,146,151,155,160,164],{"type":139,"name":140,"callback":141,"file":142,"line":94},"action","admin_init","recaptchalogin_options_init","admin.php",{"type":139,"name":144,"callback":145,"file":142,"line":14},"admin_menu","recaptchalogin_options_add_page",{"type":139,"name":147,"callback":148,"file":149,"line":150},"admin_notices","recaptchalogin_missing_keys_notice","recaptcha-login.php",20,{"type":139,"name":152,"callback":153,"priority":48,"file":149,"line":154},"init","recaptchalogin_widget_init",49,{"type":156,"name":157,"callback":158,"priority":34,"file":149,"line":159},"filter","login_form_middle","recaptchalogin_add_recaptcha",228,{"type":139,"name":161,"callback":162,"file":149,"line":163},"login_form","recaptchalogin_add_recaptcha_admin",263,{"type":139,"name":165,"callback":166,"priority":48,"file":149,"line":167},"wp_authenticate","recaptchalogin_login_recaptcha_process",316,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":48,"externalRequests":28,"nonceChecks":28,"capabilityChecks":113,"bundledLibraries":226},[],{"prepared":28,"raw":28,"locations":175},[],{"escaped":177,"rawEcho":178,"locations":179},8,25,[180,183,185,187,189,190,192,194,196,198,199,200,202,203,204,206,208,210,212,214,216,218,220,222,224],{"file":142,"line":181,"context":182},155,"raw output",{"file":142,"line":184,"context":182},164,{"file":142,"line":186,"context":182},170,{"file":142,"line":188,"context":182},180,{"file":142,"line":188,"context":182},{"file":142,"line":191,"context":182},188,{"file":142,"line":193,"context":182},193,{"file":142,"line":195,"context":182},201,{"file":142,"line":197,"context":182},208,{"file":142,"line":197,"context":182},{"file":142,"line":197,"context":182},{"file":142,"line":201,"context":182},215,{"file":142,"line":201,"context":182},{"file":142,"line":201,"context":182},{"file":142,"line":205,"context":182},221,{"file":149,"line":207,"context":182},26,{"file":149,"line":209,"context":182},80,{"file":149,"line":211,"context":182},82,{"file":149,"line":213,"context":182},110,{"file":149,"line":215,"context":182},117,{"file":149,"line":217,"context":182},125,{"file":149,"line":219,"context":182},133,{"file":149,"line":221,"context":182},186,{"file":149,"line":223,"context":182},190,{"file":149,"line":225,"context":182},259,[],[228,246,265],{"entryPoint":229,"graph":230,"unsanitizedCount":48,"severity":245},"recaptchalogin_add_recaptcha_admin (recaptcha-login.php:231)",{"nodes":231,"edges":242},[232,237],{"id":233,"type":234,"label":235,"file":149,"line":236},"n0","source","$_POST",250,{"id":238,"type":239,"label":240,"file":149,"line":225,"wp_function":241},"n1","sink","echo() [XSS]","echo",[243],{"from":233,"to":238,"sanitized":244},false,"medium",{"entryPoint":247,"graph":248,"unsanitizedCount":113,"severity":245},"recaptchalogin_login_recaptcha_process (recaptcha-login.php:286)",{"nodes":249,"edges":262},[250,253,256,259],{"id":233,"type":234,"label":251,"file":149,"line":252},"$_POST['redirect_to']",299,{"id":238,"type":239,"label":254,"file":149,"line":252,"wp_function":255},"header() [Header Injection]","header",{"id":257,"type":234,"label":235,"file":149,"line":258},"n2",310,{"id":260,"type":239,"label":254,"file":149,"line":261,"wp_function":255},"n3",311,[263,264],{"from":233,"to":238,"sanitized":244},{"from":257,"to":260,"sanitized":244},{"entryPoint":266,"graph":267,"unsanitizedCount":28,"severity":282},"\u003Crecaptcha-login> (recaptcha-login.php:0)",{"nodes":268,"edges":277},[269,270,271,272,273,275],{"id":233,"type":234,"label":235,"file":149,"line":236},{"id":238,"type":239,"label":240,"file":149,"line":225,"wp_function":241},{"id":257,"type":234,"label":251,"file":149,"line":252},{"id":260,"type":239,"label":254,"file":149,"line":252,"wp_function":255},{"id":274,"type":234,"label":235,"file":149,"line":258},"n4",{"id":276,"type":239,"label":254,"file":149,"line":261,"wp_function":255},"n5",[278,280,281],{"from":233,"to":238,"sanitized":279},true,{"from":257,"to":260,"sanitized":279},{"from":274,"to":276,"sanitized":279},"low",{"summary":284,"deductions":285},"The \"recaptcha-login\" plugin v1.0 exhibits a generally positive security posture with no known vulnerabilities or CVEs recorded.  The absence of an attack surface, dangerous functions, and external HTTP requests are strong indicators of good security practices.  However, the static analysis reveals some concerning areas. Specifically, the low percentage of properly escaped output (24%) suggests a risk of Cross-Site Scripting (XSS) vulnerabilities, especially since there are 33 total outputs analyzed. Furthermore, the presence of two unsanitized paths in the taint analysis, even without critical or high severity, indicates potential vulnerabilities in file handling or path manipulation, which could be exploited in conjunction with other weaknesses. The plugin also has no explicit nonce checks, which, combined with the lack of a defined attack surface, might indicate it's not designed for highly interactive or sensitive operations, or that these checks are implicitly handled elsewhere (though this is less likely to be a secure default).",[286,289,291],{"reason":287,"points":288},"Low percentage of properly escaped output",12,{"reason":290,"points":177},"Taint flows with unsanitized paths found",{"reason":292,"points":293},"No nonce checks implemented",5,"2026-03-17T00:55:34.689Z",{"wat":296,"direct":302},{"assetPaths":297,"generatorPatterns":299,"scriptPaths":300,"versionParams":301},[298],"\u002Fwp-content\u002Fplugins\u002Frecaptcha-login\u002Frecaptcha-fluid.css",[],[],[],{"cssClasses":303,"htmlComments":307,"htmlAttributes":315,"restEndpoints":317,"jsGlobals":318,"shortcodeOutput":320},[304,305,306],"recaptchalogin_otherlinks","avatar_container","login_error",[308,309,310,311,312,313,314],"add admin settings","Init widget\u002Fstyles\u002Fscripts","To add more extend i.e when terms came from themes - suggested by dev.xiligroup.com","User is logged in","User is NOT logged in!!!","check if the library has installed.","was there a reCAPTCHA response?",[316],"data-recaptcha-token",[],[319],"RecaptchaOptions",[]]