I thought that too. So, you think it’s just those “captcha bypass” cases? Nothing I can really adjust in the plugin, right? One thing I thought about is to test the site if there are any holes in the way this captcha is configured. For example, I was thinking about the implementation of this plugin – whether it’s hooked to the registration script itself, meaning it doesn’t matter if a particular form has captcha or not, it would still require it. From what I know, spammers these days don’t use the actual interface of the website – they submit directly into the wordpress system. Do you know if there is any easy way to test that?
