CaptchaLa

Homepage: https://captcha.la/ · Dashboard: https://dash.captcha.la/ · Pricing: https://captcha.la/pricing

CaptchaLa is a privacy-first CAPTCHA and anti-spam service. This plugin is the official WordPress integration — it ships built-in protection for WordPress core forms, WooCommerce, and the most popular third-party form plugins, with one mandatory mode: server-issued tokens that can’t be replayed.

Why CaptchaLa?

• Privacy-first. No personal-data harvesting, no behavioural ad signals, no tracking.
• Stronger token contract. Every page render issues a server-side sct_ token bound to action + IP; the browser only ever ships back a single-use pt_ token. Replays, action mismatches, and IP changes are rejected at the SDK boundary.
• Free tier for small sites. Paid plans for high-volume traffic and the optional content-moderation add-on.
• No hand-coded image CAPTCHAs. The challenge is solved entirely by the CaptchaLa service — this plugin is thin glue.
• Auto-detected form integrations. Drop the plugin in and the settings page lights up with the form plugins it found on your site.

Built-in protection points

• WordPress core: login, registration, lost-password, comments
• WooCommerce: classic + block checkout, pay-for-order, account creation, my-account login / register / lost-password
• Third-party form plugins (auto-detected): Contact Form 7, WPForms, Gravity Forms, Forminator, Formidable Forms, Fluent Forms, Elementor Pro Forms, Divi Builder forms, BuddyPress, bbPress, Ultimate Member, MemberPress, Easy Digital Downloads, MailPoet

More integrations land in v1.1. See https://captcha.la/integrations/wordpress for the full target list.