reCaptcha doesn’t really work !

Hi,

I allow myself to report an important problem following the last topics seen here and the analysis of the plugin code.
The integration of the reCaptcha V3 is not very functional and even completely dysfunctional on the native lost password page. The same goes for the integration of the V2 which is also degraded.

For example, there are problems with hook filters:

‘lostpassword_post’ is a hook in WP Core but not a filter. However it is called as a filter for the error return of an unresolved reCaptcha on the lost password page.
Your solution: comment out this line in the code. It is not correct to do this for your plugin users because it makes reCaptchas ineffective if there is no verification return to block the normal WordPress process.
Also, the reCaptcha API actions are not well implemented.

The “User Verification” plugin is no longer safe and fully functional and we have not dug to find out about potential security vulnerabilities.
I allow myself to ring the alarm bell because of the latest bug fixes that are really not to be done. We even downgraded the plugin version and started our own fixes.

We are a team of French developers and we were wondering if you really continue to follow and develop this plugin because its code is degraded on the latest updates?

Sorry for this message but it seems important to me and we may be able to help find a solution. However, we are aware that this is not the main functionality of the plugin.
Sincerely

• This topic was modified 3 years, 2 months ago by Steven Stern (sterndata).
• This topic was modified 3 years, 2 months ago by Charles Marsigny.