Difference in captcha image reload functionally in the two branches

[sonqor]

Greetings.

I found that when using version 3.6.8, if we click on the captcha image and refresh it (ie securimage_show.php) a new text for the captcha will be displayed. That is, the text data in the session changes for the captcha. But in version 4.0.2, refreshing the captcha image only changes the text format (text orientation), but the data in the session does not change (the same text will be in the captcha image).

Now the question is, isn't this a security BUG in version 4.0.2? Or did you do it specifically and consciously?
And as a final question: will there be any new updates? There has been no update for about a year.

Thank you.

[dapphp]

That change in 4.0.2 was intentional. I should have also cached the image data so not only would the code stay the same, but so would the entire image.

These days image captchas like this one, especially open source ones, are easily defeated by bots. At this time, I'd recommend something more advanced like hCaptcha.