Rating: 1 star

This plugin does not really work to stop automated registrations, and here’s why:

Inside wm-simple-captcha/classes/wm_simple_captcha_front.php in the captcha_errors method, which is supposed to do the validation of the code, the whole logic is wrapped in a if(isset($_REQUEST['captcha_challenge_field'])){ block.

What this means is that if the request does not contain the captcha challenge field then no errors are output and the captcha is not considered invalid at all, successfully letting the registration through.

Try it yourself, open the /wp-login.php?action=register page, enter Developer Tools and delete the capthca input box. Viola!

Do you really think that automated registration scripts will actually submit all the form inputs? Because they won’t. They’ll simply send a POST request to /wp-login.php?action=register with the bare minimum username and email parameters and they’ll get through. And they don’t.

Thus, this plugin does absolutely nothing to stop spam registrations, contains a captcha bypass vulnerability.

Rating: 5 stars

I went out of my way to review this plugin because:

1. It does exactly what it says
2. It is WAY more flexible out of the box than I would have imagined (colors, fonts, language, etc.)
3. It is by far the best plugin I have downloaded in a long time

Rating: 5 stars

Hello User

Use this plugin, send your suggestion, we will be update plugin for all form, like login, registration, forgot, specially for comment form.

Thanks
regards
Web Mumbai

Rating: 4 stars

Use it and – I hope – the robots go away.