[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOH_cYNo4XsSQvTmKJAGBH-y-P4iV2j4BU-syasRL-MY":3},{"slug":4,"display_name":4,"profile_url":5,"plugin_count":6,"total_installs":7,"avg_security_score":8,"avg_patch_time_days":9,"trust_score":10,"computed_at":11,"plugins":12},"dominic_ks","https:\u002F\u002Fprofiles.wordpress.org\u002Fdominic_ks\u002F",1,1000,93,96,74,"2026-05-20T08:06:00.899Z",[13],{"slug":14,"name":15,"version":16,"author":4,"author_profile":5,"description":17,"short_description":18,"active_installs":7,"downloaded":19,"rating":20,"num_ratings":21,"last_updated":22,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":26,"homepage":29,"download_link":30,"security_score":8,"vuln_count":31,"unpatched_count":32,"last_vuln_date":33,"fetched_at":34},"bdvs-password-reset","Password Reset with Code for WordPress REST API","0.0.17","\u003Cp>A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process:\u003C\u002Fp>\n\u003Col>\n\u003Cli>User requests a password reset. A code is emailed to their registered email address\u003C\u002Fli>\n\u003Cli>The user enters the code when setting a new password, which is only set if the code is valid and has not expired\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>It is also possible to check the validity of a code without resetting the password which enables the possibility of setting the password by other means, or having a two stage process for checking the code and resetting the password if desired.\u003C\u002Fp>\n\u003Cp>Default settings are to use an 8 digit code consisting of numbers, upper and lower case letters and special characters, which has a life span of 15 minutes, afterwhich a new code would need to be requested. By default a user can attempt to use or validate a code up to 3 times before automatically invalidating it.\u003C\u002Fp>\n\u003Ch3>Endpoints\u003C\u002Fh3>\n\u003Cp>The plugin adds two new endpoints to the REST API:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Endpoint: \u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Freset-password\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fset-password\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003Cbr \u002F>\n— password\u003Cbr \u002F>\n— code\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fvalidate-code\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003Cbr \u002F>\n— code\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Example Requests (jQuery)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Freset-password',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fset-password',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n    code: '1234',\n    password: 'Pa$$word1',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fvalidate-code',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n    code: '1234',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Example Success Responses (JSON)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"A password reset email has been sent to your email address.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"Password reset successfully.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"The code supplied is valid.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Example Error Responses (JSON)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_email\",\n    \"message\": \"No user found with this email address.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_request\",\n    \"message\": \"You must request a password reset code before you try to set a new password.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_request\",\n    \"message\": \"The reset code provided is not valid.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>A number of WordPress filters have been added to help customise the process, please feel free to request additional filters or submit a pull request with any that you required.\u003C\u002Fp>\n\u003Ch3>Filter the length of the code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_length' , function( $length ) {\n  return 4;\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter Expiration Time\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_expiration_seconds' , function( $seconds ) {\n  return 900;\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the date format used by the plugin to display expiration times\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwd_date_format' , function( $format ) {\n  return 'H:i';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the reset email subject\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_email_subject' , function( $subject ) {\n  return 'Password Reset';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the email content\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_email_text' , function( $text , $email , $code , $expiry ) {\n  return $text;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter maximum attempts allowed to use a reset code, default is 3, -1 for unlimmited\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_max_attempts' , function( $attempts ) {\n  return 3;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter whether to include upper and lowercase letters in the code as well as numbers, default is false\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_include_letters' , function( $include ) {\n  return false;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the characters to be used when generating a code, you can use any string you want, default is 0123456789\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_selection_string' , function( $string ) {\n  return '0123456789';\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the WP roles allowed to reset their password with this plugin, default is any, example below shows removing administrators\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_allowed_roles' , function( $roles ) {\n\n  $key = array_search( 'administrator' , $roles );\n\n  if( $key !== false ) {\n    unset( $roles[ $key ] );\n  }\n\n  return $roles;\n\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter to add custom namespace for REST API\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_route_namespace' , function( $route_namespace ) {\n  return 'xyz\u002Fv1';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon \u002F banner image by \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fphotos\u002FCWL6tTDN31w\" rel=\"nofollow ugc\">Sincerely Media\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process:",18276,100,10,"2025-06-05T15:06:00.000Z","6.8.5","4.6","5.4",[27,28],"password-reset","wp-api","https:\u002F\u002Fwww.bedevious.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbdvs-password-reset.0.0.17.zip",2,0,"2025-08-28 00:00:00","2026-04-16T10:56:18.058Z"]