Privacy CAPTCHA for Cap

Privacy CAPTCHA for Cap integrates Cap — a self-hosted, privacy-friendly, proof-of-work CAPTCHA — into the parts of WordPress that attract the most spam: comments, login, user registration, WooCommerce checkout, and Gravity Forms.

Unlike third-party CAPTCHAs (reCAPTCHA, hCaptcha, Turnstile), Cap runs the proof-of-work entirely in the visitor’s browser and verifies the token against your own Cap server. No data leaves your infrastructure.

Unofficial integration. Cap is an independent open-source project by tiagozip (https://trycap.dev/, Apache-2.0). This plugin is a third-party integration and is not affiliated with, endorsed by, or sponsored by the Cap project. “Cap” refers to that project solely to describe what this plugin works with.

Features

• First-class Gravity Forms field — drag a “Privacy CAPTCHA for Cap” into any form from the Advanced Fields group. Per-field display-mode override.
• WordPress comments, wp-login, registration integrations — togglable from one settings page.
• WooCommerce checkout integration — only loads when WooCommerce is active.
• Three display modes: inline widget, floating popover, or fully programmatic (auto-solves silently).
• Fully self-hosted assets — the proof-of-work WebAssembly module, the cap-widget script, and the pako decompression library all ship inside the plugin and are served locally, so no jsdelivr or other third-party CDN is contacted at runtime. DSGVO/GDPR-clean by default.
• WP 6.5+ native script-module API for proper ES-module loading.
• i18n-ready with German translations bundled.
• Theme-friendly CSS built on Gravity Forms Orbital tokens with --cap-captcha-* overrides.
• Filter hooks for asset URLs, button classes, i18n strings, and the display mode.

Requirements

• WordPress 6.5 or later
• PHP 8.3 or later
• A reachable Cap server (see https://trycap.dev/)
• Gravity Forms 2.5+ (only if you enable the Gravity Forms integration)
• WooCommerce (only if you enable the WooCommerce integration)