[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbD44dsSzd-YRLN05f8ubCd0U5Nj2XLZg67p1WsnXyv4":3,"$foaaig-cUzziKoiJEGyyMBbIC4mYokrkBD1RcaNW1otE":182,"$fULk1GflEShmhaNVOoCCTB_Np-9JmnusjIb2z-ByK6K4":187},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":35,"analysis":98,"fingerprints":156},"wp-light-captcha","WP Light Captcha","2.0","Harun","https:\u002F\u002Fprofiles.wordpress.org\u002Fharuncpi\u002F","\u003Cp>WP Light Captcha is very simple and lightweight captcha plugins for your WordPress site.You can protect unwanted login request from hackers.\u003C\u002Fp>\n\u003Cp> \u003C\u002Fp>\n\u003Cp>** This plugins has no view,just install and get captcha field in your login page **\u003C\u002Fp>\n\u003Cp> \u003C\u002Fp>\n","WP Light Captcha is very simple and lightweight captcha plugins for your WordPress site.You can protect unwanted login request from hackers.",20,1690,0,"2016-08-13T05:59:00.000Z","4.4.34","3.0","",[19,20,4],"simple-captcha","wordpress-math-captcha","http:\u002F\u002Flearn24bd.com\u002Fportfolio\u002Fwp-light-captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-light-captcha.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":23,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"haruncpi",2,920,30,84,"2026-05-20T08:23:25.576Z",[36,58,80],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":15,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":55,"download_link":56,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":57},"wm-simple-captcha","WM Simple Captcha","2.0.3","Web Mumbai","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebmumbai\u002F","\u003Cp>WM Simple Captcha for registration page, customize captcha image according to your theme. Change image width, height, background color, set possible characters, add space between two characters, adjust font size, change form label, add your custom css, enable\u002Fdisable refresh button, change refresh button. Many think more on customization.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enable\u002FDisable Captcha for wordpress registration page\u003C\u002Fli>\n\u003Cli>Set the captcha image with\u003C\u002Fli>\n\u003Cli>Set  the captcha image height\u003C\u002Fli>\n\u003Cli>Set the captcha possible characters length\u003C\u002Fli>\n\u003Cli>Adjust font size\u003C\u002Fli>\n\u003Cli>Enable space between characters\u003C\u002Fli>\n\u003Cli>Change font\u003C\u002Fli>\n\u003Cli>Set possible letters\u003C\u002Fli>\n\u003Cli>Set random Dots\u003C\u002Fli>\n\u003Cli>Set random Line\u003C\u002Fli>\n\u003Cli>Set text color\u003C\u002Fli>\n\u003Cli>Set dots color\u003C\u002Fli>\n\u003Cli>Set line color\u003C\u002Fli>\n\u003Cli>Change form label\u003C\u002Fli>\n\u003Cli>Enable captcha border\u003C\u002Fli>\n\u003Cli>Set captcha border color\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable refresh button\u003C\u002Fli>\n\u003Cli>Change refresh images as your theme\u003C\u002Fli>\n\u003Cli>Not case sensitive\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In Short you can change captcha image style as your theme style.\u003C\u002Fp>\n","Captcha image for registration page, customize according to your theme.",100,11837,76,4,"2016-01-03T07:34:00.000Z","3.6",[51,52,53,19,54],"custom-captcha-image","register-captcha-image","registration-captcha","theme-my-captcha","http:\u002F\u002Fplugins.web-mumbai.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwm-simple-captcha.2.0.3.zip","2026-04-16T10:56:18.058Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":13,"num_ratings":13,"last_updated":68,"tested_up_to":15,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":77,"download_link":78,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":79},"nf-captcha","NF Captcha","1.0","macnetic-labs","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacnetic-labs\u002F","\u003Cp>NF Captcha adds really simple captcha elements to the Elements’ block. It also includes labels and custom classes for the element to allow for more styling. It ist a good alternative, if you don’t want use reCAPTCHA or Anti-Spam-Question.\u003C\u002Fp>\n\u003Cp>This plugin requires the Ninja Forms and Really Simple CAPTCHA plugin.\u003C\u002Fp>\n","NF Captcha adds Really Simple CAPTCHA element for human check.",10,1426,"2016-02-04T05:47:00.000Z","3.9",[71,72,59,73,74,75,76],"antispam","captcha","ninja-forms","really-simple-captcha","security","spam","http:\u002F\u002Fmacnetic-labs.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnf-captcha.zip","2026-03-15T15:16:48.613Z",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":66,"downloaded":88,"rating":44,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":17,"tags":93,"homepage":96,"download_link":97,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":79},"really-simple-captcha-for-buddypress","Really Simple CAPTCHA for Buddypress","1.2","Bernie","https:\u002F\u002Fprofiles.wordpress.org\u002Ffruitshakes\u002F","\u003Cp>This plugin integrates \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freally-simple-captcha\u002F\" title=\"widely used captcha plugin in WordPress\" rel=\"ugc\">Really Simple Captcha\u003C\u002Fa> plugin to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress lets users sign-up and start creating profiles...\" rel=\"ugc\">Buddypress\u003C\u002Fa> registration page. Thus, its function is dependent on both of them.\u003C\u002Fp>\n\u003Ch4>Why RS Captcha for Buddypress registration page?\u003C\u002Fh4>\n\u003Ch4>– Number of Downloads\u003C\u002Fh4>\n\u003Cp>By the time of writing, RS Captcha has already been downloaded 2,569,017 times by users of Contact Form 7 and plugin developers.\u003C\u002Fp>\n\u003Ch4>– Less conflict with other plugins\u003C\u002Fh4>\n\u003Cp>RS Captcha is supported by Contact Form 7 and other WordPress plugins. Running two or more Captcha plugins at the same time can cause undesirable effects on your site’s performance. Why not choose the Captcha plugin with wide range of support?\u003C\u002Fp>\n\u003Ch4>– Really Simple to use\u003C\u002Fh4>\n\u003Cp>As the name of this plugin suggests, it’s really easy to use. This plugin is just a little addition to the security of the Buddypress registration page.\u003C\u002Fp>\n\u003Ch4>– Prevent piling up of pending users\u003C\u002Fh4>\n\u003Cp>Users who don’t activate their accounts, in the case of spammers, are still being recorded in the database as pending users. If you’re one the people who don’t like them piling up like that (like me!), then you’ll love this plugin.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>Apparently, the activation of RS Captcha and Buddypress plugins is required for this plugin to work.\u003C\u002Fp>\n\u003Cp>You can also check \u003Ca href=\"http:\u002F\u002Fb-ernie.com\u002Freally-simple-captcha-for-buddypress-plugin\" title=\"b-ernie.com\" rel=\"nofollow ugc\">this page\u003C\u002Fa> out for updates.\u003C\u002Fp>\n","This plugin integrates Really Simple Captcha to the Buddypress registration page.",8127,1,"2015-05-26T02:29:00.000Z","4.2.39","3.0.1",[94,72,74,95],"buddypress","registration","http:\u002F\u002Fb-ernie.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-captcha-for-buddypress.1.2.zip",{"attackSurface":99,"codeSignals":128,"taintFlows":143,"riskAssessment":144,"analyzedAt":155},{"hooks":100,"ajaxHandlers":124,"restRoutes":125,"shortcodes":126,"cronEvents":127,"entryPointCount":13,"unprotectedCount":13},[101,107,111,115,119],{"type":102,"name":103,"callback":104,"file":105,"line":106},"action","wp_enqueue_scripts","wplc_load_style","wp-light-captcha.php",18,{"type":102,"name":108,"callback":109,"file":105,"line":110},"login_form","wplc_login_form",21,{"type":102,"name":112,"callback":113,"priority":66,"file":105,"line":114},"wp_authenticate_user","wplc_authenticate",40,{"type":102,"name":116,"callback":117,"file":105,"line":118},"comment_form","wplc_comment_captcha_display",59,{"type":120,"name":121,"callback":122,"file":105,"line":123},"filter","preprocess_comment","wplc_comment_validate_captcha_field",73,[],[],[],[],{"dangerousFunctions":129,"sqlUsage":130,"outputEscaping":132,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":142},[],{"prepared":13,"raw":13,"locations":131},[],{"escaped":13,"rawEcho":47,"locations":133},[134,137,138,140],{"file":105,"line":135,"context":136},28,"raw output",{"file":105,"line":32,"context":136},{"file":105,"line":139,"context":136},65,{"file":105,"line":141,"context":136},66,[],[],{"summary":145,"deductions":146},"The \"wp-light-captcha\" v2.0 plugin presents a mixed security posture. On the positive side, static analysis shows a commendably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, there are no dangerous functions or file operations, and all SQL queries are properly prepared. The absence of known CVEs in its history is also a strong indicator of a secure past.\n\nHowever, significant concerns arise from the output escaping analysis. With 100% of its identified outputs being unescaped, the plugin is highly vulnerable to cross-site scripting (XSS) attacks. Any data displayed by the plugin that originates from user input or external sources could be exploited to inject malicious scripts. The complete lack of capability checks and nonce checks, while seemingly a consequence of the limited attack surface, also means that even if new entry points were introduced, they might not have adequate protection mechanisms.\n\nIn conclusion, while the plugin has a clean history and a small attack surface, the critical flaw in output escaping introduces a substantial risk of XSS vulnerabilities. Developers should prioritize addressing this issue to ensure user data and site integrity are protected.",[147,150,153],{"reason":148,"points":149},"0% output escaping",8,{"reason":151,"points":152},"0 nonce checks",5,{"reason":154,"points":152},"0 capability checks","2026-04-16T11:25:59.845Z",{"wat":157,"direct":164},{"assetPaths":158,"generatorPatterns":160,"scriptPaths":161,"versionParams":162},[159],"\u002Fwp-content\u002Fplugins\u002Fwp-light-captcha\u002Fcss\u002Fstyle.css",[],[],[163],"wp-light-captcha\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":165,"htmlComments":168,"htmlAttributes":169,"restEndpoints":175,"jsGlobals":176,"shortcodeOutput":177},[166,167],"wplc_user_answer","wplc_comment_user_answer",[],[170,171,172,173,174],"name=\"wplc_a\"","id=\"wplc_user_answer\"","name=\"wplc_user_answer\"","id=\"wplc_comment_user_answer\"","name=\"wplc_comment_user_answer\"",[],[],[178,179,180,178,181],"\u003Cinput type=\"hidden\" name=\"wplc_a\" value=\"","\u003Cinput type=\"text\" id=\"wplc_user_answer\" name=\"wplc_user_answer\" placeholder=\"Put Answer\" required=\"required\">","\u003Cp>\u003Cstrong>Captcha:\u003C\u002Fstrong> ","\u003Cinput type=\"text\" id=\"wplc_comment_user_answer\" name=\"wplc_comment_user_answer\" placeholder=\"Put Answer\" required=\"required\">",{"error":183,"url":184,"statusCode":185,"statusMessage":186,"message":186},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-light-captcha\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":89,"versions":188},[189],{"version":190,"download_url":191,"svn_tag_url":192,"released_at":24,"has_diff":193,"diff_files_changed":194,"diff_lines":24,"trac_diff_url":24,"vulnerabilities":195,"is_current":193},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-light-captcha.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-light-captcha\u002Ftags\u002F1.0.1\u002F",false,[],[]]