I have QC 3.5 and I have a problem with my captcha plugin. I made my site with the securimage captcha code and it worked for a long time, but now robots have found a solution to this code and they send me a lot of images on the comment form at the products.
Now the comment form is disabled, because of the robots.
You can see my code on my site for example here: http://www.fogashorgaszbolt.hu/?4474,ozzie-napszemüveg-oz46-78
when you remove submit button on the form, do the form still work for bots? please try and report back. If they are still able to exploit your system even with submit button off, then they are using their own form to submit the trash. The solution would be to tokenize the form, although I am not sure.
The most intriguing thing is that they were able to breach the Captcha. I think it's because it's just 3 letters, so it's easy to submit a multitude of tries of which one would be sucessfull. But this is for an in-depth analysis.
hmm.. you should go to him with a claim. This [bots breaching captcha] is not normal and should be investigated by a professional.
In the worst case I have my own captcha code for this which should be fine from hackers, it's based on longer words and is not as much known as this secureimage technology. If you can do your own coding/transfering code I can give it to you, no problem.
