ReCaptcha v2 for Contact Form 7

Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1

v1.5.0IQComputingUpdated 16 days agoAdded 7 years ago200k+ installs100% rating

contact form 7 contact-form-7-recaptcha recaptcha spam

Score

Errors

Warnings

Change

Category Scores

Security0

Repo100

Performance100

Maintainability93

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

42 findings

Security

7 issue groups

Maintainability

4 issue groups

I18n

2 issue groups

WARNINGSecurityRecommendedProcessing form data without nonce verification.7

Category: Security
Occurrences: 7
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGSecurityMissing Unslash$_POST['g-recaptcha-response'] not unslashed before sanitization. Use wp_unslash() or similar6

Category: Security
Occurrences: 6
Severity: warning

Sample message

$_POST['g-recaptcha-response'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.5

Category: Security
Occurrences: 5
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGSecurityMissingProcessing form data without nonce verification.5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['g-recaptcha-response']5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['g-recaptcha-response']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$desc_link'.4

Category: Security
Occurrences: 4
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$desc_link'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_POST['wpcf7_recaptcha_network']['secretkey']. Check that the array index exists before using it.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['wpcf7_recaptcha_network']['secretkey']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7_recaptcha_locale".2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7_recaptcha_locale".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7_recaptcha_response".1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7_recaptcha_response".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORI18nMissing Translators CommentA function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.1

Category: I18n
Occurrences: 1
Severity: error

Sample message

A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

Show 3 more

ERRORI18nUnordered Placeholders Text1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Only when "reCaptcha Version 2" is selected will you need to use the %s shortcode tag in your Contact Form 7 forms. ReCaptcha v3 (Default Usage) does not use a recaptcha shortcode.%sSelect the version of reCaptcha you would like to use:'.

WordPress.WP.I18n.UnorderedPlaceholdersText Reference

WARNINGMaintainabilitytrademarked term1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The plugin slug includes a restricted term. Your plugin slug - "wpcf7-recaptcha" - contains the restricted term "wp" which cannot be used at all in your plugin slug.

trademarked_term

ERRORMaintainabilitywp function not compatible with requires wp1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Function "wp_is_block_theme()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 4.9.0.

wp_function_not_compatible_with_requires_wp Reference

Score History

First score snapshot

2 days ago

v1.5.0

Latest

Findings: 42
Errors: 12
Warnings: 30
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	44	42	12	30	v1.5.0	2.0.0

Related Plugins

DS CF7 Math Captcha

10k+ active installs

100

HTML Editor for Contact Form 7

1k+ active installs

100

10k+ active installs

100

Message Bridge for Contact Form 7 and Telegram

10k+ active installs

100

Simply Disable Comments

6k+ active installs

100

Block List Updater

4k+ active installs