We have noticed a security-related issue in our deployment of Open Monograph Press (OMP) version 3.5.0-1, where the Google reCAPTCHA validation is not enforced on the login form.
Despite the reCAPTCHA widget being visible and properly displayed on the login page, users are able to log in without completing the CAPTCHA challenge. This allows automated login attempts or bot-based brute-force attacks to proceed unchallenged.
Video Link: https://screenrec.com/share/ManuQsOREJ