I read the souse code, but It’s look like as if don’t evaluate reCaptcha v3 score.
invisible-recaptcha/engine/RequestHandler.php
public static function isInvisibleReCaptchaTokenValid()
{
static $requestIsValid = -1;
if(-1 !== $requestIsValid)
return $requestIsValid;
if(empty($_POST['g-recaptcha-response']))
return false;
$response = wp_remote_retrieve_body(wp_remote_get( add_query_arg( array(
'secret' => SettingsPublicModule::getInstance()->getOption(SettingsAdminModule::OPTION_SECRET_KEY),
'response' => $_POST['g-recaptcha-response'],
'remoteip' => MchHttpRequest::getClientIp()
), 'https://www.google.com/recaptcha/api/siteverify' ) ));
if(empty($response) || !( $json = json_decode( $response ) ) || empty($json->success) || $json->score < 0.7 ){
return $requestIsValid = false;
}
return $requestIsValid = true;
}
if(empty($response) || !( $json = json_decode( $response ) ) || empty($json->success) || $json->score < 0.7
bold code is add my me. It was not written.
if It’s if my mistake, I’m so sorry. But I’s very important things, I created new topic.
@InvisibleReCaptcha v 1.2.1
@WP 5.0.3–ja