Seems that since the latest upgrade to this plugin, it now writes randomly named php files in the captcha/temp/ directory.
Seems like this is new behavior. I'm thinking the old temp files were txt files. I don't really like plugins creating php files as I see any new php files created on my server as a sign of a possible hack attempt - txt files are a lot less suspicious and are generally not executable.
I've also noted that some of these temp php files are not being cleared out of the captcha/temp/ directory. They hang around when there is no longer a need for them.
1. So, is this different behavior than previously?
2. Does this need to be corrected?