I set up with V2 reCAPTCHA and turned it on the comments form.
However, the user is able to submit the form without checking the reCAPTCHA.
I’m running form using WP function comment_form();.
Hope to get it resolved soon! Thanks,
]]>We have implemented the Google Consent Mode v2 via Google Tag Manager as this is now required for all EU countries to have an active cookie banner which users can select their cookie preferences.
Now we see that there is no compatibility in the pageview events that are being sent through your plugin. Example:
A pageview with active consent mode will now have this attributed in the event as “Cookie Consent State”: https://jmp.sh/qAVkn1hJ
But the pageview generated through your plugin (compared to the regular g-tag in GTM as above) does not deliver that variable: https://jmp.sh/SxlnBFiW
As this is required starting July 31st in all EU regions could you please add this variable to your pageview event? There are possible ways to send this as the first number is the required cookies, the second is for ads cookies and the third is for analytics cookies. 1 means granted, 0 means denied.
So G100 would mean required cookies accepted, G110 means required and ads cookies accepted and G111 means all cookies accepted. More information about the states and how to send/read them here: https://www.simoahava.com/analytics/consent-mode-v2-google-tags/
Thanks in advance, kind regards
Theres
]]>Implementation:
I have a basis plan at Cookieyes and have implemented the banner through GTM. Everything is working correctly and I know 100% that everything is set up correctly. However, Cookieyes is sending a cookie_consent_update event before having interacted with the banner. It overwrites the default and causes error in the tracking. I have no idea why it does this and how to prevent it. The default consent levels are set in the Cookieyes CMP Template, but somehow it is being overwritten.
Expected behavior:
I expect that the cookie_consent_update is only being sent at the moment that the consent has been given, or on subsequent pages. I do not expect a cookie_consent_update to overwrite my default consent.
Can you confirm if the Google Tag Option is updated to V2 or do I need to deactivate the GTM Plugin option and ad the script manually?
https://developers.google.com/tag-platform/security/guides/consent?consentmode=advanced#update-consent
Thank you
is Google Captcha V3 supported?
There is no option for it, just V2.
I wonder what happens if I enter the secret and site key from V3 in the V2 option in the plugin?
If its not supported, any plans to integrate it or are you just focusing on cloudflares turnstile now?
Thank you!
The issue occurs no matter where I enable recaptcha: Login, password reset etc. I’ve tried creating new keys and even using version 3, but get the same result.
Version info:| ultimate-member | active | none | 2.6.10 |
| um-recaptcha | active | none | 2.3.3
WordPress version: 6.3
]]>I allow myself to report an important problem following the last topics seen here and the analysis of the plugin code.
The integration of the reCaptcha V3 is not very functional and even completely dysfunctional on the native lost password page. The same goes for the integration of the V2 which is also degraded.
For example, there are problems with hook filters:
‘lostpassword_post’ is a hook in WP Core but not a filter. However it is called as a filter for the error return of an unresolved reCaptcha on the lost password page.
Your solution: comment out this line in the code. It is not correct to do this for your plugin users because it makes reCaptchas ineffective if there is no verification return to block the normal WordPress process.
Also, the reCaptcha API actions are not well implemented.
The “User Verification” plugin is no longer safe and fully functional and we have not dug to find out about potential security vulnerabilities.
I allow myself to ring the alarm bell because of the latest bug fixes that are really not to be done. We even downgraded the plugin version and started our own fixes.
We are a team of French developers and we were wondering if you really continue to follow and develop this plugin because its code is degraded on the latest updates?
Sorry for this message but it seems important to me and we may be able to help find a solution. However, we are aware that this is not the main functionality of the plugin.
Sincerely