[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxGNTza64inuHoxJ0std9mcKKSPM5kpg6tjHjL1KqU_U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":129,"fingerprints":530},"smart-captcha-alternative-with-cloudflare-turnstile","Smart CAPTCHA Alternative with Cloudflare Turnstile","1.1.2","Mayank Majeji","https:\u002F\u002Fprofiles.wordpress.org\u002Fmayankmajeji\u002F","\u003Cp>\u003Cstrong>Smart CAPTCHA Alternative with Cloudflare Turnstile\u003C\u002Fstrong> helps you block spam and bots without hurting user experience.\u003C\u002Fp>\n\u003Cp>Instead of frustrating image puzzles or invasive tracking, this plugin integrates \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong>, a modern CAPTCHA alternative that silently verifies real users while respecting privacy.\u003C\u002Fp>\n\u003Cp>The plugin is lightweight, loads only when required, and performs server-side verification against Cloudflare’s API.\u003C\u002Fp>\n\u003Ch3>Supported Forms\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WordPress:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Login Form\u003Cbr \u002F>\n* Registration Form\u003Cbr \u002F>\n* Password Reset Form\u003Cbr \u002F>\n* Comments Form\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Checkout\u003Cbr \u002F>\n* Pay For Order\u003Cbr \u002F>\n* Login Form\u003Cbr \u002F>\n* Registration Form\u003Cbr \u002F>\n* Password Reset Form\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Form Plugins:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Contact Form 7\u003Cbr \u002F>\n* WPForms\u003Cbr \u002F>\n* Fluent Forms\u003Cbr \u002F>\n* Formidable Forms\u003Cbr \u002F>\n* Ninja Forms\u003Cbr \u002F>\n* Forminator Forms\u003Cbr \u002F>\n* Everest Forms\u003Cbr \u002F>\n* SureForms\u003Cbr \u002F>\n* Kadence Forms\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Other Integrations:\u003C\u002Fstrong>\u003Cbr \u002F>\n* MailPoet Forms\u003Cbr \u002F>\n* BuddyPress Registration Form\u003Cbr \u002F>\n* bbPress Create Topic & Reply Forms\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Choose This Plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Zero user friction — no puzzles or image challenges\u003Cbr \u002F>\n* Privacy-focused — respects user privacy while providing security\u003Cbr \u002F>\n* Performance optimized — scripts load only when forms are present\u003Cbr \u002F>\n* Currently free — no premium version, no hidden costs, no tracking\u003Cbr \u002F>\n* Server-side validation — secure verification through Cloudflare’s API\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>The plugin includes several features and options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy Setup\u003C\u002Fstrong>: Simple key configuration (Site Key & Secret Key)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Form Control\u003C\u002Fstrong>: Toggle Turnstile on\u002Foff for each integration individually\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Options\u003C\u002Fstrong>: Configurable placement options for checkout forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customization\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Theme selection (Auto\u002FLight\u002FDark)\u003C\u002Fli>\n\u003Cli>Widget size controls (Normal\u002FCompact\u002FFlexible)\u003C\u002Fli>\n\u003Cli>Language settings\u003C\u002Fli>\n\u003Cli>Appearance mode (Always visible or interaction-only)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance\u003C\u002Fstrong>: Optional script defer for improved page load times\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debugging\u003C\u002Fstrong>: Debug logging to help troubleshoot form submission issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Cp>Setting up Cloudflare Turnstile protection is straightforward:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create your Turnstile keys in the Cloudflare dashboard (Site Key and Secret Key)\u003C\u002Fli>\n\u003Cli>Navigate to Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Smart Cloudflare Turnstile in your WordPress admin\u003C\u002Fli>\n\u003Cli>Enter your keys and choose which forms to protect\u003C\u002Fli>\n\u003Cli>Save your settings — Turnstile will now appear on your selected forms\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>That’s it! Your forms are now protected from spam and bots.\u003C\u002Fp>\n\u003Cp>Need help? Check our documentation or visit the support forum for detailed guides.\u003C\u002Fp>\n\u003Ch3>Plugin Languages\u003C\u002Fh3>\n\u003Cp>The plugin is currently available in English. If you’d like to help translate the plugin into your language, please visit our \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsmart-captcha-alternative-with-cloudflare-turnstile\u002F\" rel=\"nofollow ugc\">translation page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Other Information\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>For help & suggestions, please create a support topic in our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsmart-captcha-alternative-with-cloudflare-turnstile\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow the developer \u003Ca href=\"https:\u002F\u002Fx.com\u002Fmayankmajeji\" rel=\"nofollow ugc\">@mayankmajeji\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmayankmajeji\u002Fsmart-captcha-alternative-with-cloudflare-turnstile\" rel=\"nofollow ugc\">View on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support The Plugin\u003C\u002Fh3>\n\u003Cp>Special thanks to all contributors who help support the continued development of this plugin.\u003C\u002Fp>\n\u003Cp>The plugin is currently free to use. If you find it useful and would like to support its continued development, maintenance, and support, you can make a donation. Your support is greatly appreciated and helps keep the plugin actively maintained.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbuymeacoffee.com\u002Fmayankmajeji\" rel=\"nofollow ugc\">Make a donation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Trademark Notice\u003C\u002Fh3>\n\u003Cp>Cloudflare, the Cloudflare logo, and Cloudflare Workers are trademarks and\u002For registered trademarks of Cloudflare, Inc. in the United States and other jurisdictions.\u003C\u002Fp>\n\u003Cp>This plugin is not affiliated with, endorsed by, or sponsored by Cloudflare, Inc. Cloudflare® and Turnstile® are trademarks of Cloudflare, Inc.\u003C\u002Fp>\n\u003Ch3>Third Party Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to Cloudflare Turnstile service to provide CAPTCHA verification.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is transmitted:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Form submission tokens for verification\u003Cbr \u002F>\n– IP addresses for bot detection\u003Cbr \u002F>\n– Browser fingerprints for security analysis\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Only when users submit forms with Turnstile protection enabled\u003Cbr \u002F>\n– Data is sent securely via HTTPS to Cloudflare’s servers\u003C\u002Fp>\n\u003Cp>\u003Cstrong>External Services:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Cloudflare Turnstile API: https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002F\u003Cbr \u002F>\n– Cloudflare Terms of Service: https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\u003Cbr \u002F>\n– Cloudflare Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n","Protect WordPress forms from spam using Cloudflare Turnstile. A privacy-friendly CAPTCHA alternative.",0,206,"2026-01-29T08:07:00.000Z","6.9.4","5.8","7.4",[18,19,20,21,22],"captcha","cloudflare","security","turnstile","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-captcha-alternative-with-cloudflare-turnstile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-captcha-alternative-with-cloudflare-turnstile.1.1.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"mayankmajeji",4,60,96,30,91,"2026-04-04T10:40:39.562Z",[38,63,81,97,114],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":53,"download_link":60,"security_score":61,"vuln_count":31,"unpatched_count":11,"last_vuln_date":62,"fetched_at":27},"dologin","DoLogin Security","4.3","WPDO","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdo5ea\u002F","\u003Cp>In one click, your WordPress login page will be pretected with the smart brute force attack protection! Any login attempts more than 6 in 10 minutes (default value) will be limited.\u003C\u002Fp>\n\u003Cp>Limit the number of login attempts through both the login and the auth cookies.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Two-factor Authentication login.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Text SMS message passcode for 2nd step verification support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Cloudflare Turnstile (better than Google reCAPTCHA).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GeoLocation (Continent\u002FCountry\u002FCity) or IP range to limit login attempts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Passwordless login link.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support Whitelist and Blacklist.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WooCommerce Login supported.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>XMLRPC gateway protection.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>API\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'your plugin name or tag' ) : '';\u003C\u002Fcode> to generate one passwordless login link for the current user.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'note\u002Ftip for this generation', $user_id ) : '';\u003C\u002Fcode> to generate a passwordless login link for the user which ID is \u003Ccode>$user_id\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The generated one-time used link will be expired after 7 days.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define const \u003Ccode>SILENCE_INSTALL\u003C\u002Fcode> to avoid redirecting to setting page after installtion.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CLI\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>List all passwordless links: \u003Ccode>wp dologin list\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Generate a passwordless link for one username (for the login name \u003Ccode>root\u003C\u002Fcode>): \u003Ccode>wp dologin gen root\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Delete a passwordless link w\u002F the ID in list (for the record w\u002F ID 5): \u003Ccode>wp dologin del 5\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How GeoLocation works\u003C\u002Fh4>\n\u003Cp>When visitors hit the login page, this plugin will lookup the Geolocation info from API, compare the Geolocation setting (if has) with the whitelist\u002Fblacklist to decide if allow login attempts.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>The online IP lookup service is provided by https:\u002F\u002Fwww.doapi.us. The provider’s privacy policy is https:\u002F\u002Fwww.doapi.us\u002Fprivacy.\u003C\u002Fp>\n\u003Cp>Based on the original code from Limit Login Attemps plugin and Limit Login Attemps Reloaded plugin.\u003C\u002Fp>\n","Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent\u002FCountry\u002FCity)\u002FIP range to limit login attempts.",7000,162727,90,13,"2025-06-11T14:21:00.000Z","6.8.5","4.0","",[55,56,57,58,59],"2fa-login","cloudflare-turnstile-recaptcha","easy-login","geolocation-login-limit","login-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdologin.4.3.zip",98,"2023-10-24 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":25,"num_ratings":73,"last_updated":74,"tested_up_to":14,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":79,"download_link":80,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"kitgenix-captcha-for-cloudflare-turnstile","Kitgenix CAPTCHA for Cloudflare Turnstile","1.0.17","Kitgenix","https:\u002F\u002Fprofiles.wordpress.org\u002Fkitgenix\u002F","\u003Cp>Spam is expensive: it wastes time, clogs inboxes, creates fake accounts, and on stores it can lead to abandoned checkout noise and fraudulent activity. Traditional CAPTCHA solutions can also hurt conversions by adding friction.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> is a modern, privacy-first CAPTCHA alternative designed to reduce friction for real people while still blocking bots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix CAPTCHA for Cloudflare Turnstile\u003C\u002Fstrong> is a production-ready Turnstile integration for WordPress that focuses on reliability in real-world setups:\u003Cbr \u002F>\n– Server-side token verification (using Cloudflare’s official endpoint)\u003Cbr \u002F>\n– Fast, conditional loading (only where needed)\u003Cbr \u002F>\n– Support for dynamic\u002FAJAX forms and modern WooCommerce Blocks \u002F Store API checkout\u003Cbr \u002F>\n– Security features: replay protection, proxy-aware IP handling, whitelisting, and developer mode (warn-only)\u003C\u002Fp>\n\u003Cp>You can enable\u002Fdisable each integration (and many per-form toggles), choose auto-injection vs shortcode-only placement, customise display and messaging, and use built-in diagnostics and Site Health checks to troubleshoot.\u003C\u002Fp>\n\u003Ch4>Supported integrations (where Turnstile can be added)\u003C\u002Fh4>\n\u003Cp>All integrations are enable-able from settings. Many also support \u003Cstrong>Mode: Auto vs Shortcode\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Registration\u003Cbr \u002F>\n– Lost password\u003Cbr \u002F>\n– Reset password\u003Cbr \u002F>\n– Comments (including safe handling for comment failures\u002Fredirects)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce (Classic)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– My Account login\u003Cbr \u002F>\n– My Account registration\u003Cbr \u002F>\n– Lost password\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce Blocks (Store API \u002F Block Checkout)\u003C\u002Fstrong>\u003Cbr \u002F>\n– UI rendering inside block-based checkout\u003Cbr \u002F>\n– Adds token to Store API requests (header and\u002For extensions payload when available)\u003Cbr \u002F>\n– Server-side validation of Store API checkout requests\u003Cbr \u002F>\n– Supports “shortcode-only mode” behaviour so you can control placement\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Digital Downloads (EDD)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Register\u003Cbr \u002F>\n– Profile editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Form plugins\u003C\u002Fstrong>\u003Cbr \u002F>\n– Contact Form 7 (CF7)\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– JetFormBuilder\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms (including popups and AJAX submissions)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Community \u002F forums\u003C\u002Fstrong>\u003Cbr \u002F>\n– bbPress (topic\u002Freply flows where applicable)\u003Cbr \u002F>\n– BuddyPress (flows where applicable)\u003C\u002Fp>\n\u003Ch4>Core features (site-wide)\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Turnstile widget rendering\u003C\u002Fstrong>\u003Cbr \u002F>\n– Uses Cloudflare’s official Turnstile API script\u003Cbr \u002F>\n– Widget options:\u003Cbr \u002F>\n  – Theme: auto \u002F light \u002F dark\u003Cbr \u002F>\n  – Size: small \u002F medium \u002F large \u002F normal \u002F flexible\u003Cbr \u002F>\n  – Appearance: stored as Turnstile “appearance” option (defaults to always)\u003Cbr \u002F>\n  – Language: auto or explicit locale (passed via \u003Ccode>hl=...\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Settings & admin experience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Settings page under the shared Kitgenix WP admin menu\u003Cbr \u002F>\n– Live “test widget” preview on the settings screen (renders when a Site Key is present)\u003Cbr \u002F>\n– Site Key + Secret Key storage (secret not printed in HTML by default)\u003Cbr \u002F>\n– “Reveal secret key” (admins only, nonce-protected AJAX action)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Messaging & UX\u003C\u002Fstrong>\u003Cbr \u002F>\n– Custom error message (admin-configurable, used across integrations)\u003Cbr \u002F>\n– Extra message text (optional text displayed alongside\u002Funder the widget)\u003Cbr \u002F>\n– “Disable submit until completed” option (frontend behaviour via plugin JS)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Replay protection (enabled by default)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Detects re-used tokens (hash stored in transients) and blocks replays\u003Cbr \u002F>\n– TTL is filterable\u003Cbr \u002F>\n– Stores hashed token markers under the transient prefix \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_\u003C\u002Fcode>\u003Cbr \u002F>\n– Sets a short-lived cookie (\u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003C\u002Fcode>, ~120s) when replay is detected (for frontend behaviour\u002Fmessages)\u003Cbr \u002F>\n– Dedicated replay message (filterable)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Verification failures do \u003Cstrong>not\u003C\u002Fstrong> block submissions\u003Cbr \u002F>\n– Failures are logged (and emitted via a developer log action)\u003Cbr \u002F>\n– Optional inline warning annotation for admins (frontend config)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Whitelisting (skip Turnstile + skip loading API script)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist by IP (exact, wildcards, CIDR — including IPv6)\u003Cbr \u002F>\n– Whitelist by User-Agent (substring or wildcard matching)\u003Cbr \u002F>\n– Filter hook to override whitelist decision\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Proxy \u002F real-IP handling\u003C\u002Fstrong>\u003Cbr \u002F>\n– Optional trust of proxy headers (Cloudflare \u002F X-Forwarded-For style)\u003Cbr \u002F>\n– Trusted proxy IP list \u002F trust controls\u003Cbr \u002F>\n– Forwarded headers are only honoured when the request originates from a trusted proxy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance & resilience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Conditional script loading only where needed\u003Cbr \u002F>\n– Async\u002Fstrategy-based script loading (depending on WP version)\u003Cbr \u002F>\n– Adds resource hints (preconnect \u002F dns-prefetch) for Turnstile domain\u003Cbr \u002F>\n– Detects duplicate Turnstile API loaders (if another plugin\u002Ftheme enqueues \u003Ccode>api.js\u003C\u002Fcode>):\u003Cbr \u002F>\n  – Stores detection in the transient \u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>\u003Cbr \u002F>\n  – Shows admin notice on settings and Plugins screen\u003Cbr \u002F>\n  – Includes dismiss link (nonce-protected, uses \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe=1\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Site Health + diagnostics\u003C\u002Fstrong>\u003Cbr \u002F>\n– Adds a Site Health test: “Cloudflare Turnstile readiness”\u003Cbr \u002F>\n– Checks:\u003Cbr \u002F>\n  – Keys present\u003Cbr \u002F>\n  – Duplicate API loader transient (\u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>)\u003Cbr \u002F>\n  – Last verification success\u002Ffailure snapshot\u003Cbr \u002F>\n  – Heuristic warning if common optimisation\u002Fcaching plugins are active\u003Cbr \u002F>\n– Stores the last verify outcome (success, time, error codes) for Site Health display\u003Cbr \u002F>\n– Tracks privacy-safe counters in \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_metrics\u003C\u002Fcode> (checks total\u002Fpassed\u002Ffailed)\u003C\u002Fp>\n\u003Ch4>Manual placement (shortcode)\u003C\u002Fh4>\n\u003Cp>If you have a custom form or an unsupported plugin, you can manually render the widget:\u003C\u002Fp>\n\u003Cp>[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Shortcode output includes:\u003Cbr \u002F>\n– a nonce field\u003Cbr \u002F>\n– a hidden \u003Ccode>cf-turnstile-response\u003C\u002Fcode> input\u003Cbr \u002F>\n– the widget container (with \u003Ccode>data-sitekey\u003C\u002Fcode>)\u003Cbr \u002F>\n– support for passing arbitrary attributes via shortcode attributes\u003C\u002Fp>\n\u003Cp>Many supported integrations also offer \u003Cstrong>Shortcode-only\u003C\u002Fstrong> mode (you place the shortcode where you want; the plugin validates server-side without auto-injection).\u003C\u002Fp>\n\u003Ch4>Quick Start\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Open the Turnstile settings under the Kitgenix hub in wp-admin.\u003C\u002Fli>\n\u003Cli>Add your Cloudflare Turnstile Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Configure widget options (theme\u002Fsize\u002Fappearance\u002Flanguage) and messaging if needed.\u003C\u002Fli>\n\u003Cli>Enable the integrations (and per-form toggles) you want.\u003C\u002Fli>\n\u003Cli>Save, then test the key user journeys: login, registration, checkout, and your main contact form.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Tip: Start with \u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong> on staging or during rollout. Once you’re satisfied, disable warn-only to enforce blocking.\u003C\u002Fp>\n\u003Ch4>Performance and caching notes (important for stores)\u003C\u002Fh4>\n\u003Cp>Turnstile is lightweight, but aggressive optimisation can break rendering or token freshness.\u003C\u002Fp>\n\u003Cp>If you use caching\u002Foptimisation plugins:\u003Cbr \u002F>\n– Allowlist https:\u002F\u002Fchallenges.cloudflare.com\u003Cbr \u002F>\n– Avoid full-page caching on login\u002Faccount\u002Fcheckout pages\u003Cbr \u002F>\n– Avoid combining\u002Finlining the Turnstile loader\u003Cbr \u002F>\n– Avoid heavily delaying Elementor\u002Fform plugin scripts\u003Cbr \u002F>\n– Ensure outbound HTTP requests to Cloudflare are not blocked (needed for server-side verification)\u003C\u002Fp>\n\u003Ch3>Settings Overview\u003C\u002Fh3>\n\u003Cp>Main settings:\u003Cbr \u002F>\n– Site Key\u003Cbr \u002F>\n– Secret Key (with “secret present” state, clear\u002Freveal)\u003Cbr \u002F>\n– Theme (auto\u002Flight\u002Fdark)\u003Cbr \u002F>\n– Size (small\u002Fmedium\u002Flarge\u002Fnormal\u002Fflexible)\u003Cbr \u002F>\n– Appearance (Turnstile appearance option)\u003Cbr \u002F>\n– Language (auto or specific locale)\u003Cbr \u002F>\n– Disable submit until completed\u003Cbr \u002F>\n– Custom error message\u003Cbr \u002F>\n– Extra message text\u003C\u002Fp>\n\u003Cp>Security & advanced:\u003Cbr \u002F>\n– Replay protection (on\u002Foff)\u003Cbr \u002F>\n– Developer mode (warn-only)\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist IPs (wildcards\u002FCIDR, including IPv6)\u003Cbr \u002F>\n– Whitelist user agents\u003Cbr \u002F>\n– Proxy trust (enable\u002Fdisable)\u003Cbr \u002F>\n– Trusted proxy IPs \u002F trust controls\u003C\u002Fp>\n\u003Cp>Integrations (enable + per-form toggles where available):\u003Cbr \u002F>\n– WordPress Core (login\u002Fregister\u002Flost password\u002Freset password\u002Fcomments)\u003Cbr \u002F>\n– WooCommerce (checkout\u002Flogin\u002Fregister\u002Flost password)\u003Cbr \u002F>\n– WooCommerce Blocks mode (auto vs shortcode-only)\u003Cbr \u002F>\n– Easy Digital Downloads (checkout\u002Flogin\u002Fregister\u002Fprofile)\u003Cbr \u002F>\n– Contact Form 7\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms\u003Cbr \u002F>\n– bbPress\u003Cbr \u002F>\n– BuddyPress\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Shortcode:\u003Cbr \u002F>\n[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Server-side verification endpoint:\u003Cbr \u002F>\nhttps:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>Filters (script\u002Floading):\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_script_url( $url, $settings )\u003Cbr \u002F>\n– kitgenix_turnstile_freshness_ms\u003Cbr \u002F>\n– kitgenix_turnstile_inline_style\u003C\u002Fp>\n\u003Cp>Filters (verification \u002F request handling):\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_url\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_timeout\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_sslverify\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_http_args\u003Cbr \u002F>\n– kitgenix_turnstile_send_remoteip\u003Cbr \u002F>\n– kitgenix_turnstile_remote_ip\u003Cbr \u002F>\n– kitgenix_turnstile_token_from_request\u003Cbr \u002F>\n– kitgenix_turnstile_error_codes\u003Cbr \u002F>\n– kitgenix_turnstile_error_message\u003Cbr \u002F>\n– kitgenix_turnstile_replay_message\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_{context}_turnstile_error_message\u003C\u002Fp>\n\u003Cp>Filters (replay protection):\u003Cbr \u002F>\n– kitgenix_turnstile_replay_ttl\u003C\u002Fp>\n\u003Cp>Filters (whitelist \u002F proxy trust):\u003Cbr \u002F>\n– kitgenix_turnstile_is_whitelisted( $is_whitelisted, $details )\u003Cbr \u002F>\n– kitgenix_turnstile_trust_headers\u003Cbr \u002F>\n– kitgenix_turnstile_trusted_proxies\u003C\u002Fp>\n\u003Cp>Internal identifiers (options \u002F transients \u002F cookies \u002F meta):\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_settings\u003Cbr \u002F>\n– Settings group (Settings API): kitgenix_captcha_for_cloudflare_turnstile_settings_group\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_metrics\u003Cbr \u002F>\n– Option: kitgenix_turnstile_last_verify\u003Cbr \u002F>\n– Transient: kitgenix_captcha_for_cloudflare_turnstile_do_activation_redirect\u003Cbr \u002F>\n– Transient: kitgenix_turnstile_duplicate_scripts\u003Cbr \u002F>\n– Transient prefix (replay protection): kitgenix_captcha_for_cloudflare_turnstile_ts_\u003Cbr \u002F>\n– Cookie (replay notice): kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003Cbr \u002F>\n– WooCommerce order meta (Blocks\u002FStore API verification): _kitgenix_turnstile_verified\u003C\u002Fp>\n\u003Cp>Internal nonces \u002F actions:\u003Cbr \u002F>\n– Shortcode\u002Fform nonce field name: kitgenix_captcha_for_cloudflare_turnstile_nonce\u003Cbr \u002F>\n– Shortcode\u002Fform nonce action: kitgenix_captcha_for_cloudflare_turnstile_action\u003Cbr \u002F>\n– Settings save nonce field name: kitgenix_captcha_for_cloudflare_turnstile_settings_nonce\u003Cbr \u002F>\n– Settings save nonce action: kitgenix_captcha_for_cloudflare_turnstile_settings_save\u003Cbr \u002F>\n– Admin AJAX action (reveal saved secret): kitgenix_turnstile_get_secret (WordPress hook: wp_ajax_kitgenix_turnstile_get_secret)\u003Cbr \u002F>\n– Admin AJAX nonce action (reveal saved secret): kitgenix_turnstile_reveal_secret\u003Cbr \u002F>\n– Duplicate-loader notice dismiss query arg: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe\u003Cbr \u002F>\n– Duplicate-loader notice dismiss nonce action: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss\u003C\u002Fp>\n\u003Cp>Actions (developer logging):\u003Cbr \u002F>\n– kitgenix_turnstile_dev_log\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> to verify requests and prevent spam and abuse.\u003C\u002Fp>\n\u003Cp>The plugin may:\u003Cbr \u002F>\n– Load the Turnstile script:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fapi.js\u003Cbr \u002F>\n– Submit verification requests server-side to:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>When verification is enabled, the plugin sends to Cloudflare:\u003Cbr \u002F>\n– Your Turnstile secret key\u003Cbr \u002F>\n– The Turnstile response token\u003Cbr \u002F>\n– The visitor IP address (as the optional \u003Ccode>remoteip\u003C\u002Fcode> parameter, when enabled)\u003C\u002Fp>\n\u003Cp>The plugin does not send the visitor’s browser user agent to Cloudflare as part of the verification payload (the HTTP request itself is made server-side by WordPress).\u003C\u002Fp>\n\u003Cp>If proxy trust is enabled, the plugin may read forwarding headers (e.g. \u003Ccode>CF-Connecting-IP\u003C\u002Fcode>, \u003Ccode>X-Forwarded-For\u003C\u002Fcode>) to determine the client IP, but only when requests originate from configured trusted proxies.\u003C\u002Fp>\n\u003Cp>The plugin does not add tracking cookies itself and does not sell or share personal data.\u003C\u002Fp>\n\u003Cp>Cloudflare Turnstile Terms: https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002F\u003Cbr \u002F>\nCloudflare Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n\u003Cp>This plugin also includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using the WordPress core \u003Ccode>plugins_api()\u003C\u002Fcode> function (WordPress.org Plugins API).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>When it runs: only in wp-admin (Kitgenix plugin admin pages)\u003C\u002Fli>\n\u003Cli>Data sent: plugin slug(s) (no personal data)\u003C\u002Fli>\n\u003Cli>Data received: publicly available plugin information (e.g. active installs, ratings)\u003C\u002Fli>\n\u003Cli>Caching: responses are cached locally using transients for ~1 day:\n\u003Cul>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Trademark Notice\u003C\u002Fh3>\n\u003Cp>“Cloudflare” and the Cloudflare logo are trademarks of Cloudflare, Inc. This plugin is not affiliated with or endorsed by Cloudflare, Inc.\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin helps keep spam away without slowing your site down, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Add Cloudflare Turnstile to WordPress, WooCommerce, Elementor, and popular form plugins. Privacy-first spam protection with server-side verification.",300,2095,5,"2026-02-19T22:09:00.000Z","6.0","8.1",[78,18,19,21,22],"anti-spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-captcha-for-cloudflare-turnstile\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-captcha-for-cloudflare-turnstile.1.0.17.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":11,"num_ratings":11,"last_updated":91,"tested_up_to":14,"requires_at_least":92,"requires_php":16,"tags":93,"homepage":95,"download_link":96,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bot-protection-turnstile","Bot Protection with Turnstile","1.1.1","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Cp>Bot Protection with Turnstile lets you drop-in Cloudflare’s privacy-focused, no-CAPTCHA challenge on the most common attack surfaces of a WordPress site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Core WordPress forms\u003C\u002Fstrong> – Login, registration, password reset, and comment forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> – Protect checkout, login, registration, and password reset forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong> – Secure forum registration, login, and topic creation forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Form 7\u003C\u002Fstrong> – Add Turnstile to your CF7 forms to block spam submissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accept Stripe Payments\u003C\u002Fstrong> – Protect checkout and payment pop-up forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple Download Monitor\u003C\u002Fstrong> – Secure download buttons and squeeze forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple Shopping Cart\u003C\u002Fstrong> – Add Turnstile to your shopping cart plugin’s manual checkout forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP Express Checkout\u003C\u002Fstrong> – Protect checkout 100% discount checkout forms with Turnstile.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP eMember\u003C\u002Fstrong> – Secure registration, login and password reset forms with Turnstile.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just add your Turnstile \u003Cem>Site Key\u003C\u002Fem> and \u003Cem>Secret Key\u003C\u002Fem>, choose the forms you want to protect, and you’re done. No more subjecting your users to image puzzles or accessibility headaches.\u003C\u002Fp>\n\u003Cp>Turnstile can generate multiple types of non-intrusive challenges to verify users are human, all without showing visitors a puzzle.\u003C\u002Fp>\n\u003Ch3>Highlights\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Zero-friction, user-friendly bot protection.\u003C\u002Fli>\n\u003Cli>A free reCAPTCHA alternative for WordPress.\u003C\u002Fli>\n\u003Cli>Works even when visitors are behind ad-blockers or privacy extensions.\u003C\u002Fli>\n\u003Cli>Granular toggles to enable\u002Fdisable on individual forms.\u003C\u002Fli>\n\u003Cli>Debug logging feature.\u003C\u002Fli>\n\u003Cli>Fully translatable and developer-friendly with action\u002Ffilter hooks.\u003C\u002Fli>\n\u003Cli>Road-map for upcoming integrations with other popular plugins.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Cp>It’s quick and easy to get started with the Bot Protection plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate a Site Key and Secret Key in your Cloudflare account, then enter them in the plugin’s settings page.\u003C\u002Fli>\n\u003Cli>Choose which forms you want to protect with Turnstile and click Save.\u003C\u002Fli>\n\u003Cli>Turnstile challenges will automatically appear on the selected forms to to block bots and spam.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more detailed instructions, please see our \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fbot-protection-with-turnstile-plugin\" rel=\"nofollow ugc\">setup guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with the Cloudflare Turnstile CAPTCHA service to help protect WordPress forms from spam and automated abuse.\u003C\u002Fp>\n\u003Cp>When a protected form (such as login, registration, or comment) is displayed, the plugin connects to Cloudflare Turnstile to generate a CAPTCHA challenge. When the form is submitted, Turnstile receives the user’s IP address and browser metadata to verify whether the submission is from a human or bot.\u003C\u002Fp>\n\u003Cp>This service is provided by Cloudflare, Inc.:\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n","A lightweight plugin that protects core WordPress forms and selected third‑party plugins from spam and bot attacks using Cloudflare Turnstile CAPTCHA.",70,824,"2025-11-29T08:34:00.000Z","6.5",[18,19,20,94,21],"spam-protection","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fbot-protection-with-turnstile-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbot-protection-turnstile.1.1.1.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":11,"num_ratings":11,"last_updated":107,"tested_up_to":51,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":112,"download_link":113,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bwg-cf-turnstile","BWG CF Turnstile","1.0.1","timh","https:\u002F\u002Fprofiles.wordpress.org\u002Fbwgtim\u002F","\u003Cp>BWG CF Turnstile integrates Cloudflare’s Turnstile service with Gravity Forms to provide an effective and user-friendly way to block spam and bot submissions. Turnstile is Cloudflare’s privacy-focused alternative to CAPTCHA that offers better user experience while still providing strong protection.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Integration\u003C\u002Fstrong>: Adds Turnstile protection to all your Gravity Forms or just the ones you select\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Mode\u003C\u002Fstrong>: For custom placement of the Turnstile widget within your forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server-Side Validation\u003C\u002Fstrong>: Securely validates submissions with Cloudflare’s API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme Compatibility\u003C\u002Fstrong>: Works with all Gravity Forms themes, including Orbital\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Setup\u003C\u002Fstrong>: Simple configuration with minimal settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>Gravity Forms 2.4 or higher\u003C\u002Fli>\n\u003Cli>A Cloudflare account to obtain Turnstile site and secret keys\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Considerations\u003C\u002Fh3>\n\u003Cp>Cloudflare Turnstile is designed with privacy in mind. Unlike traditional CAPTCHA services, Turnstile is designed to respect user privacy while still providing effective protection. For more information about Turnstile’s privacy practices, please refer to \u003Ca href=\"https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002Fget-started\u002Fclient-side-rendering\u002F\" rel=\"nofollow ugc\">Cloudflare’s documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with Cloudflare Turnstile, an external service provided by Cloudflare. The plugin communicates with Cloudflare’s services for form protection functionality.\u003C\u002Fp>\n\u003Ch3>What is Cloudflare Turnstile?\u003C\u002Fh3>\n\u003Cp>Cloudflare Turnstile is a privacy-preserving alternative to CAPTCHAs that helps protect forms from bots and automated attacks. It challenges visitors in a way that doesn’t disrupt the user experience.\u003C\u002Fp>\n\u003Ch3>When does this plugin connect to Cloudflare?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>JavaScript Widget Loading\u003C\u002Fstrong>: When a page containing a protected Gravity Form is loaded, the plugin loads the Turnstile JavaScript widget from \u003Ccode>https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fapi.js\u003C\u002Fcode>. This happens on every page load where a protected form is displayed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Token Verification\u003C\u002Fstrong>: When a form is submitted, the plugin sends a verification request to \u003Ccode>https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fcode> to validate the Turnstile token.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>What data is sent to Cloudflare?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>During Widget Loading\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Your site key (public identifier)\u003C\u002Fli>\n\u003Cli>Standard browser information (user agent, IP address)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>During Token Verification\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The Turnstile response token\u003C\u002Fli>\n\u003Cli>Your secret key (for authentication)\u003C\u002Fli>\n\u003Cli>The user’s IP address (optional, for additional validation)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Legal and Privacy Information\u003C\u002Fh3>\n\u003Cp>By using this plugin, you agree to Cloudflare’s terms and privacy policies:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Service\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002F\" rel=\"nofollow ugc\">Cloudflare Turnstile Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>It is your responsibility to ensure that your use of this plugin complies with all applicable laws and regulations, including data protection laws in your jurisdiction. We recommend reviewing Cloudflare’s privacy policy and terms of service, and updating your own privacy policy to inform users about the use of Cloudflare Turnstile on your website.\u003C\u002Fp>\n","Add Cloudflare Turnstile protection to your Gravity Forms to prevent spam and bot submissions.",20,279,"2025-08-03T01:37:00.000Z","5.0","7.0",[78,18,19,111,21],"form-security","https:\u002F\u002Fbostonwebgroup.com\u002Fbwg-cf-turnstile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbwg-cf-turnstile.1.0.1.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":11,"num_ratings":11,"last_updated":123,"tested_up_to":14,"requires_at_least":15,"requires_php":53,"tags":124,"homepage":53,"download_link":128,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"cubemage-login-guard","CubeMage Login Guard","1.0.0","CubeMage","https:\u002F\u002Fprofiles.wordpress.org\u002Fcubemage\u002F","\u003Cp>\u003Cstrong>Login Guard by CubeMage\u003C\u002Fstrong> provides a security solution to protect your WordPress login, registration, and comment forms against spam and brute-force attacks.\u003C\u002Fp>\n\u003Cp>Instead of relying solely on password verification, this plugin integrates Cloudflare Turnstile to validate visitors before WordPress processes the authentication request. This approach helps reduce server load caused by automated bot attempts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile Integration:\u003C\u002Fstrong> Uses a privacy-focused, GDPR-compliant alternative to CAPTCHA for bot verification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pre-Authentication Check:\u003C\u002Fstrong> Validates the Turnstile token before the database query occurs, saving server resources.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit Login Attempts:\u003C\u002Fstrong> Automatically blocks IP addresses after 5 consecutive failed login attempts within 15 minutes to prevent brute-force attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC Protection:\u003C\u002Fstrong> Disables XML-RPC functionality to close a common attack vector often used for DDoS attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form Support:\u003C\u002Fstrong> Adds protection to the Login form, Registration form, Lost Password form, and Comment section.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance:\u003C\u002Fstrong> Uses native WordPress Transients for tracking failed attempts, avoiding the creation of heavy custom database tables.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Configuration:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin includes a setup interface to easily input your Cloudflare Site Key and Secret Key.\u003C\u002Fp>\n","Integrates Cloudflare Turnstile, Limits Login Attempts, and Disables XML-RPC to protect WordPress forms.",123,"2025-12-13T14:03:00.000Z",[78,125,126,127,20],"cloudflare-turnstile","limit-login-attempts","recaptcha-alternative","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcubemage-login-guard.1.0.0.zip",{"attackSurface":130,"codeSignals":445,"taintFlows":471,"riskAssessment":524,"analyzedAt":529},{"hooks":131,"ajaxHandlers":425,"restRoutes":441,"shortcodes":442,"cronEvents":443,"entryPointCount":444,"unprotectedCount":11},[132,138,142,146,151,155,158,162,164,168,172,176,180,184,188,192,194,197,200,202,207,210,213,217,220,224,228,232,234,236,239,243,247,251,255,259,263,267,271,275,280,283,286,289,292,295,298,301,304,308,312,315,319,323,325,327,330,333,336,337,340,344,348,351,353,355,358,361,362,365,369,371,372,374,377,380,382,384,386,388,390,391,393,395,397,399,400,402,404,406,408,409,411,412,414,416,417,420,421],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","admin_menu","add_admin_menu","includes\\class-init.php",115,{"type":133,"name":139,"callback":140,"file":136,"line":141},"admin_init","register_settings",116,{"type":133,"name":143,"callback":144,"file":136,"line":145},"admin_enqueue_scripts","enqueue_admin_assets",117,{"type":147,"name":148,"callback":149,"file":136,"line":150},"filter","admin_body_class","add_admin_body_class",118,{"type":133,"name":152,"callback":153,"file":136,"line":154},"wp_enqueue_scripts","enqueue_frontend_assets",126,{"type":133,"name":156,"callback":153,"file":136,"line":157},"login_enqueue_scripts",127,{"type":133,"name":152,"callback":159,"file":160,"line":161},"enqueue_script","includes\\class-turnstile.php",37,{"type":133,"name":143,"callback":159,"file":160,"line":163},38,{"type":147,"name":165,"callback":166,"file":160,"line":167},"smartct_settings","closure",202,{"type":147,"name":165,"callback":169,"file":170,"line":171},"register_settings_fields","includes\\integrations\\community\\class-bbpress.php",44,{"type":133,"name":173,"callback":174,"file":170,"line":175},"bbp_theme_before_topic_form_submit_wrapper","render_topic_widget",48,{"type":133,"name":177,"callback":178,"file":170,"line":179},"bbp_new_topic_pre_extras","validate_topic",49,{"type":133,"name":181,"callback":182,"file":170,"line":183},"bbp_theme_before_reply_form_submit_wrapper","render_reply_widget",54,{"type":133,"name":185,"callback":186,"file":170,"line":187},"bbp_new_reply_pre_extras","validate_reply",55,{"type":147,"name":189,"callback":190,"file":170,"line":191},"smartct_integrations","register_dashboard_status",59,{"type":147,"name":165,"callback":169,"file":193,"line":171},"includes\\integrations\\community\\class-buddypress.php",{"type":133,"name":195,"callback":196,"file":193,"line":175},"bp_before_registration_submit_buttons","render_register_widget",{"type":133,"name":198,"callback":199,"file":193,"line":179},"bp_signup_validate","validate_registration",{"type":147,"name":189,"callback":190,"file":193,"line":201},53,{"type":133,"name":203,"callback":204,"file":205,"line":206},"login_form","render_turnstile_field","includes\\integrations\\core\\class-core-wp.php",52,{"type":147,"name":208,"callback":209,"priority":34,"file":205,"line":201},"authenticate","verify_login",{"type":133,"name":211,"callback":204,"file":205,"line":212},"register_form",58,{"type":133,"name":214,"callback":215,"priority":216,"file":205,"line":191},"registration_errors","verify_registration",10,{"type":133,"name":218,"callback":204,"file":205,"line":219},"lostpassword_form",64,{"type":133,"name":221,"callback":222,"file":205,"line":223},"lostpassword_post","verify_lost_password",65,{"type":147,"name":225,"callback":226,"priority":216,"file":205,"line":227},"comment_form_submit_field","add_turnstile_before_submit",71,{"type":133,"name":229,"callback":230,"file":205,"line":231},"preprocess_comment","verify_comment",72,{"type":147,"name":165,"callback":166,"file":205,"line":233},273,{"type":147,"name":165,"callback":169,"file":235,"line":201},"includes\\integrations\\ecommerce\\class-woocommerce.php",{"type":133,"name":152,"callback":237,"file":235,"line":238},"enqueue_scripts",74,{"type":133,"name":240,"callback":241,"file":235,"line":242},"woocommerce_login_form","render_login_field",167,{"type":147,"name":208,"callback":244,"priority":245,"file":235,"line":246},"validate_login",21,168,{"type":133,"name":248,"callback":249,"file":235,"line":250},"woocommerce_register_form","render_register_field",176,{"type":133,"name":252,"callback":253,"priority":216,"file":235,"line":254},"woocommerce_register_post","validate_register",177,{"type":133,"name":256,"callback":257,"file":235,"line":258},"woocommerce_lostpassword_form","render_reset_field",185,{"type":133,"name":260,"callback":261,"priority":216,"file":235,"line":262},"woocommerce_reset_password","validate_reset",186,{"type":133,"name":264,"callback":265,"file":235,"line":266},"woocommerce_pay_order_before_submit","render_pay_order_field",194,{"type":133,"name":268,"callback":269,"priority":216,"file":235,"line":270},"woocommerce_before_pay_action","validate_pay_order",195,{"type":133,"name":272,"callback":273,"file":235,"line":274},"woocommerce_review_order_before_payment","render_checkout_field",291,{"type":147,"name":276,"callback":277,"priority":278,"file":235,"line":279},"render_block_woocommerce\u002Fcheckout-payment-block","render_block_prepend",999,293,{"type":133,"name":281,"callback":273,"file":235,"line":282},"woocommerce_review_order_after_payment",296,{"type":147,"name":276,"callback":284,"priority":278,"file":235,"line":285},"render_block_append",298,{"type":133,"name":287,"callback":273,"file":235,"line":288},"woocommerce_before_checkout_billing_form",301,{"type":147,"name":290,"callback":277,"priority":278,"file":235,"line":291},"render_block_woocommerce\u002Fcheckout-contact-information-block",303,{"type":133,"name":293,"callback":273,"file":235,"line":294},"woocommerce_after_checkout_billing_form",306,{"type":147,"name":296,"callback":277,"priority":278,"file":235,"line":297},"render_block_woocommerce\u002Fcheckout-shipping-methods-block",308,{"type":133,"name":299,"callback":273,"file":235,"line":300},"woocommerce_review_order_before_submit",311,{"type":147,"name":302,"callback":277,"priority":278,"file":235,"line":303},"render_block_woocommerce\u002Fcheckout-actions-block",313,{"type":133,"name":305,"callback":306,"file":235,"line":307},"woocommerce_checkout_process","validate_checkout",318,{"type":133,"name":309,"callback":310,"priority":216,"file":235,"line":311},"woocommerce_store_api_checkout_update_order_from_request","validate_checkout_block",319,{"type":147,"name":165,"callback":169,"file":313,"line":314},"includes\\integrations\\forms\\class-contact-form7.php",34,{"type":147,"name":316,"callback":317,"priority":318,"file":313,"line":161},"wpcf7_form_elements","inject_widget",99,{"type":147,"name":320,"callback":321,"priority":216,"file":313,"line":322},"wpcf7_spam","validate_submission",40,{"type":147,"name":189,"callback":190,"file":313,"line":324},43,{"type":147,"name":165,"callback":169,"file":326,"line":314},"includes\\integrations\\forms\\class-everest-forms.php",{"type":133,"name":328,"callback":329,"priority":105,"file":326,"line":161},"everest_forms_display_submit_before","render_before_submit",{"type":133,"name":331,"callback":332,"priority":105,"file":326,"line":163},"everest_forms_display_submit_after","render_after_submit",{"type":147,"name":334,"callback":321,"priority":216,"file":326,"line":335},"everest_forms_process_initial_errors",41,{"type":147,"name":189,"callback":190,"file":326,"line":171},{"type":147,"name":165,"callback":169,"file":338,"line":339},"includes\\integrations\\forms\\class-fluent-forms.php",33,{"type":133,"name":341,"callback":342,"priority":278,"file":338,"line":343},"fluentform\u002Fafter_form_render","render_after_form",36,{"type":133,"name":345,"callback":329,"priority":346,"file":338,"line":347},"fluentform\u002Frender_item_submit_button",1,39,{"type":133,"name":349,"callback":321,"priority":216,"file":338,"line":350},"fluentform\u002Fbefore_insert_submission",42,{"type":147,"name":189,"callback":190,"file":338,"line":352},45,{"type":147,"name":165,"callback":169,"file":354,"line":314},"includes\\integrations\\forms\\class-formidable-forms.php",{"type":147,"name":356,"callback":357,"priority":216,"file":354,"line":161},"frm_submit_button_html","filter_submit_button_html",{"type":147,"name":359,"callback":360,"priority":216,"file":354,"line":347},"frm_validate_entry","validate_entry",{"type":147,"name":189,"callback":190,"file":354,"line":350},{"type":147,"name":165,"callback":169,"file":363,"line":364},"includes\\integrations\\forms\\class-forminator-forms.php",32,{"type":147,"name":366,"callback":367,"priority":216,"file":363,"line":368},"forminator_render_form_submit_markup","filter_submit_markup",35,{"type":133,"name":370,"callback":321,"priority":216,"file":363,"line":163},"forminator_custom_form_submit_errors",{"type":147,"name":189,"callback":190,"file":363,"line":335},{"type":147,"name":165,"callback":169,"file":373,"line":171},"includes\\integrations\\forms\\class-kadence.php",{"type":133,"name":152,"callback":375,"priority":105,"file":373,"line":376},"enqueue_turnstile_script",47,{"type":147,"name":378,"callback":317,"priority":216,"file":373,"line":379},"render_block",50,{"type":133,"name":381,"callback":321,"priority":216,"file":373,"line":201},"kadence_blocks_form_verify_nonce",{"type":147,"name":189,"callback":190,"file":373,"line":383},56,{"type":147,"name":165,"callback":169,"file":385,"line":322},"includes\\integrations\\forms\\class-ninja-forms.php",{"type":133,"name":387,"callback":342,"priority":278,"file":385,"line":324},"ninja_forms_after_form_display",{"type":133,"name":389,"callback":321,"file":385,"line":201},"ninja_forms_before_submission",{"type":147,"name":189,"callback":190,"file":385,"line":383},{"type":147,"name":165,"callback":169,"file":392,"line":314},"includes\\integrations\\forms\\class-sure-forms.php",{"type":133,"name":394,"callback":329,"priority":105,"file":392,"line":161},"srfm_before_submit_button",{"type":133,"name":396,"callback":332,"priority":105,"file":392,"line":163},"srfm_after_submit_button",{"type":147,"name":398,"callback":321,"priority":73,"file":392,"line":335},"srfm_before_fields_processing",{"type":147,"name":189,"callback":190,"file":392,"line":171},{"type":147,"name":165,"callback":169,"file":401,"line":339},"includes\\integrations\\forms\\class-wpforms.php",{"type":133,"name":403,"callback":329,"priority":105,"file":401,"line":343},"wpforms_display_submit_before",{"type":133,"name":405,"callback":332,"priority":105,"file":401,"line":161},"wpforms_display_submit_after",{"type":133,"name":407,"callback":321,"priority":73,"file":401,"line":322},"wpforms_process",{"type":147,"name":189,"callback":190,"file":401,"line":324},{"type":147,"name":165,"callback":169,"file":410,"line":171},"includes\\integrations\\newsletters\\class-mailpoet.php",{"type":133,"name":152,"callback":237,"file":410,"line":376},{"type":147,"name":413,"callback":317,"file":410,"line":379},"mailpoet_form_widget_post_process",{"type":133,"name":415,"callback":321,"priority":216,"file":410,"line":201},"mailpoet_subscription_before_subscribe",{"type":147,"name":189,"callback":190,"file":410,"line":383},{"type":133,"name":134,"callback":418,"file":419,"line":206},"add_menu_page","includes\\settings\\class-settings-page.php",{"type":133,"name":139,"callback":140,"file":419,"line":201},{"type":133,"name":422,"callback":423,"file":424,"line":376},"plugins_loaded","smartct_init","smart-cloudflare-turnstile.php",[426,433,437],{"action":427,"nopriv":428,"callback":429,"hasNonce":430,"hasCapCheck":430,"file":431,"line":432},"smartct_export_settings",false,"export_settings",true,"includes\\class-ajax-handlers.php",26,{"action":434,"nopriv":428,"callback":435,"hasNonce":430,"hasCapCheck":430,"file":136,"line":436},"smartct_verify_keys","verify_keys_ajax",120,{"action":438,"nopriv":428,"callback":439,"hasNonce":430,"hasCapCheck":430,"file":136,"line":440},"smartct_remove_keys","remove_keys_ajax",121,[],[],[],3,{"dangerousFunctions":446,"sqlUsage":447,"outputEscaping":449,"fileOperations":468,"externalRequests":468,"nonceChecks":469,"capabilityChecks":105,"bundledLibraries":470},[],{"prepared":11,"raw":11,"locations":448},[],{"escaped":450,"rawEcho":451,"locations":452},257,6,[453,456,458,460,462,465],{"file":454,"line":35,"context":455},"includes\\admin\\views\\dashboard.php","raw output",{"file":431,"line":457,"context":455},66,{"file":170,"line":459,"context":455},155,{"file":170,"line":461,"context":455},172,{"file":463,"line":464,"context":455},"includes\\settings\\field-renderer.php",86,{"file":466,"line":467,"context":455},"includes\\settings\\tabs\\class-tools-tab.php",130,2,8,[],[472,498,513],{"entryPoint":473,"graph":474,"unsanitizedCount":468,"severity":497},"import_settings (includes\\settings\\tabs\\class-tools-tab.php:140)",{"nodes":475,"edges":494},[476,481,487,489],{"id":477,"type":478,"label":479,"file":466,"line":480},"n0","source","$_FILES",169,{"id":482,"type":483,"label":484,"file":466,"line":485,"wp_function":486},"n1","sink","file_get_contents() [SSRF\u002FLFI]",178,"file_get_contents",{"id":488,"type":478,"label":479,"file":466,"line":480},"n2",{"id":490,"type":483,"label":491,"file":466,"line":492,"wp_function":493},"n3","update_option() [Settings Manipulation]",193,"update_option",[495,496],{"from":477,"to":482,"sanitized":428},{"from":488,"to":490,"sanitized":428},"medium",{"entryPoint":499,"graph":500,"unsanitizedCount":11,"severity":512},"\u003Csettings-main> (includes\\admin\\views\\settings-main.php:0)",{"nodes":501,"edges":510},[502,506],{"id":477,"type":478,"label":503,"file":504,"line":505},"$_GET","includes\\admin\\views\\settings-main.php",93,{"id":482,"type":483,"label":507,"file":504,"line":508,"wp_function":509},"echo() [XSS]",150,"echo",[511],{"from":477,"to":482,"sanitized":430},"low",{"entryPoint":514,"graph":515,"unsanitizedCount":11,"severity":512},"\u003Cclass-tools-tab> (includes\\settings\\tabs\\class-tools-tab.php:0)",{"nodes":516,"edges":521},[517,518,519,520],{"id":477,"type":478,"label":479,"file":466,"line":480},{"id":482,"type":483,"label":484,"file":466,"line":485,"wp_function":486},{"id":488,"type":478,"label":479,"file":466,"line":480},{"id":490,"type":483,"label":491,"file":466,"line":492,"wp_function":493},[522,523],{"from":477,"to":482,"sanitized":430},{"from":488,"to":490,"sanitized":430},{"summary":525,"deductions":526},"The plugin 'smart-captcha-alternative-with-cloudflare-turnstile' v1.1.5 exhibits a generally strong security posture, characterized by excellent adherence to secure coding practices. The static analysis reveals a robust implementation of security measures, including a high percentage of properly escaped output, the exclusive use of prepared statements for SQL queries, and a significant number of nonce and capability checks. The absence of dangerous functions and critical\u002Fhigh severity taint flows further reinforces this positive outlook. The plugin's vulnerability history is also pristine, with no recorded CVEs, indicating a history of secure development and maintenance.\n\nDespite the overwhelmingly positive findings, there is a single identified flow with unsanitized paths in the taint analysis. While not classified as critical or high, this represents a potential area for concern that warrants attention. The presence of file operations and external HTTP requests, while common, also necessitates careful review to ensure they are implemented securely and do not introduce unforeseen vulnerabilities. Overall, the plugin is well-developed from a security perspective, with the unsanitized path flow being the primary actionable item for improvement.",[527],{"reason":528,"points":73},"Flows with unsanitized paths","2026-03-17T06:48:36.455Z",{"wat":531,"direct":539},{"assetPaths":532,"generatorPatterns":534,"scriptPaths":535,"versionParams":537},[533],"\u002Fwp-content\u002Fplugins\u002Fsmart-captcha-alternative-with-cloudflare-turnstile\u002Fassets\u002Fcss\u002Fadmin.css",[],[536],"https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fapi.js",[538],"smart-captcha-alternative-with-cloudflare-turnstile\u002Fassets\u002Fjs\u002Fadmin-settings.js?ver=1.1.5",{"cssClasses":540,"htmlComments":543,"htmlAttributes":550,"restEndpoints":554,"jsGlobals":555,"shortcodeOutput":557},[541,542],"cf-turnstile","smartct-admin-wrap",[544,545,546,547,548,549],"\u003C!-- Cloudflare Turnstile Widget -->","\u003C!-- Turnstile widget for form -->","\u003C!-- Smart CAPTCHA Alternative with Cloudflare Turnstile -->","\u003C!-- End Cloudflare Turnstile Widget -->","\u003C!-- End Turnstile widget for form -->","\u003C!-- End Smart CAPTCHA Alternative with Cloudflare Turnstile -->",[551,552,553],"data-sitekey","data-callback","data-theme",[],[21,556],"smartct",[558],"[smart_turnstile]"]