Start Free Trial

Changelog

The OneCaptcha changelog provides a complete history of updates, including new features, integrations, security improvements, and performance enhancements. We continuously improve OneCaptcha to keep your WordPress forms secure, reliable, and friction-free.

v1.2.0 – Major Update

15th May 2026

Latest Version

Expanding integrations, persistent observability, and hardened verification reliability.

  • New: Added support for GiveWP, Formidable Forms, WS Form, MailPoet, MemberPress, Paid Memberships Pro, MemberMouse, Sensei LMS, The Events Calendar, EventKoi, Gravity Forms, Met Form, Gutena Forms, SureCart, FluentCart, LifterLMS, and FluentCommunity.
  • New: Persistent runtime logging with retention controls for structured verification diagnostics.
  • New: Insights dashboard with aggregated provider, surface, and verification analytics.
  • New: 14-day no-card Freemius trial for the premium release.
  • Fix: WooCommerce verification and rendering across checkout, login, registration, lost password, order tracking, and block-based surfaces.
  • Fix: Improved frictionless verification failure messaging so server-side errors reflect the actual reason instead of generic invalid captcha responses.
  • Fix: Scoped Insights loading and settings handling to prevent invalid admin boot paths.
  • Fix: Fixed early translation loading for the onecaptcha text domain.
  • Improved: Frictionless handshake flow now uses REST-compatible issuance with render-token validation, request IDs, and server-side timing checks.
  • Improved: Provider secrets are write-only and masked in admin responses, diagnostics, and settings hydration.
  • Improved: Integration diagnostics now report hook-contract health for degraded third-party plugin compatibility.
  • Improved: Advanced settings UX for logging and observability controls.
  • Dev: Added observability tables, metrics aggregation, cleanup scheduling, and verification hardening for 1.2.0.
  • Dev: Refactored shared provider metadata into a centralized registry.
  • Dev: Refactored duplicated dashboard settings-page state logic into reusable abstractions.
  • Dev: Refactored repetitive module wrappers into reusable module base abstractions.
  • Dev: Added integration hook contract registry, hook probes, and scheduled integration smoke matrix workflow.
  • Dev: Expanded PHPUnit, JS, and Playwright coverage for observability, provider registry, integration guards, verification messages, and critical admin flows.
  • Dev: Updated Freemius SDK to 2.13.1.

v1.1.1

31st March 2026

  • Fix: Fixed Configure tab crash on fresh installs when credentials payload is missing or incomplete.
  • Improved: Hardened Configure page option normalization and merge logic for fresh installs, existing installs, and malformed credential payloads.
  • Dev: Added JS unit tests for Configure option normalization and edge-case merge behavior to prevent regressions.

v1.1.0 – Major Update

31st March 2026

Introducing frictionless protection, adaptive verification, and improved failover reliability.

  • New: Added support for Tutor LMS, LearnPress, Elementor Forms, Ninja Forms, Jetpack Forms, Easy Digital Downloads, BuddyPress, and WP User Manager.
  • New: WordPress core integrations (login, register, lost password, comment) are now active by default.
  • New: Added filter hooks to disable core integrations individually (onecaptcha_enable_core_login, onecaptcha_enable_core_register, onecaptcha_enable_core_lostpassword, onecaptcha_enable_core_comment) and control core integration visibility in the Integrations UI (onecaptcha_show_core_integrations).
  • Fix: Cloudflare Turnstile rendering issue for first-time users.
  • Fix: Fixed WordPress login verification edge cases and improved false-positive behavior by excluding checkbox/radio fields from completion scoring.
  • Fix: Fixed Tutor LMS lost-password verification and duplicate trust-layer rendering on Tutor forms.
  • Fix: Sanitized instance ID generation to avoid handshake mismatches caused by unsafe identifier characters.
  • Fix: Removed duplicate bootstrap instances from the same form before render to avoid double challenge/trust-layer states.
  • Improved: Smart Captcha now supports better provider rotation/failover with per-provider runtime configuration.
  • Improved: Added client-side and server-side restricted text risk analysis with real-time challenge escalation/revocation.
  • Improved: Added explicit settings schema/normalization hardening and surfaced runtime logging toggle in Advanced settings.
  • Improved: Module registry cache now uses date-based keys to prevent stale data issues.
  • Improved: Centralized bootstrap asset registration and runtime config injection to reduce duplication and improve maintainability.
  • Dev: Expanded unit test coverage for replay protection, forged frictionless submissions, failover behavior, Tutor guards, and text-risk behavior; added Playwright critical flow scaffolding.
  • Dev: Added IDEAS.md and ROADMAP.md to track potential and approved future improvements.
  • Dev: Added dedicated GitHub prerelease workflow for Freemius beta deployments and guarded release workflow to skip prereleases.
  • Dev: Added configurable filter (onecaptcha_allow_requests_without_provider_credentials) to control fail-open behavior when no provider credentials are configured.

v1.0.1

12th November 2025

  • Fix: Google reCAPTCHA rendering issue
  • Improved: Smart Captcha is rendering random captcha provider on each page refresh to improve security
  • Dev: Modularized codebase for better maintainability
  • Dev: Improved PHPCS/WPCS integration
  • Dev: Upgrade Freemius SDK to 2.13.0

v1.0.0

1st November 2025

  • New: Captcha Support for Cloudflare Turnstile
  • New: Captcha Support for hCaptcha
  • New: Captcha Support for Google reCAPTCHA
  • New: Support for WordPress Core
  • New: Support for WooCommerce
  • New: Support for Contact Form 7
  • New: Support for Fluent Forms
  • New: Support for WPForms