EPSS
Percentile
34.9%
The plugin does not have a strong hashing algorithm on the CAPTCHA secret, and displays it to the user via a cookie, which could allow them to bypass the protection in place