tmuk

Hi

Thank you for the response despite being busy. I took another look at the WordPress ticket that was linked in the changeset above. One suggestion was to close the session right after using $_SESSION variables.

In this patch, I tried to edit the code to follow that idea. When the patch is applied, the related critical issues in the Site Health disappeared. I also confirmed this with a clean WordPress installation where only HumanCaptcha plugin was installed.

However, I am not completely sure about the solution especially related to the headers that were mentioned in the ticket. I decided to share the patch anyway in case it happens to help.