[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foYVqlE4z40lL7l8H32iq50nIMzGvZmxmK7YgVKWFHXk":3},{"slug":4,"display_name":4,"profile_url":5,"plugin_count":6,"total_installs":7,"avg_security_score":8,"avg_patch_time_days":9,"trust_score":10,"computed_at":11,"plugins":12},"teamredfox","https:\u002F\u002Fprofiles.wordpress.org\u002Fteamredfox\u002F",2,0,100,30,94,"2026-04-05T00:13:29.836Z",[13,34],{"slug":14,"name":15,"version":16,"author":4,"author_profile":5,"description":17,"short_description":18,"active_installs":7,"downloaded":19,"rating":7,"num_ratings":7,"last_updated":20,"tested_up_to":21,"requires_at_least":22,"requires_php":23,"tags":24,"homepage":30,"download_link":31,"security_score":8,"vuln_count":7,"unpatched_count":7,"last_vuln_date":32,"fetched_at":33},"media-file-limiter","Media File Limiter","1.0","\u003Cp>Media File Limiter is a lightweight and efficient plugin designed to strengthen your WordPress upload security.\u003C\u002Fp>\n\u003Cp>It limits the maximum upload file size (in MB) and blocks specific dangerous file extensions (e.g., .exe, .php, .html, .js), preventing malicious or oversized files from being uploaded to your media library.\u003C\u002Fp>\n\u003Cp>Unlike traditional file validation, this plugin operates at the earliest possible stage of the upload process via the wp_handle_upload_prefilter hook, ensuring that dangerous files are blocked before WordPress processes them.\u003C\u002Fp>\n\u003Cp>Key Features\u003Cbr \u002F>\nSet a custom maximum upload size (in MB).\u003C\u002Fp>\n\u003Cp>Define forbidden file extensions (comma-separated).\u003C\u002Fp>\n\u003Cp>Displays current PHP\u002FWordPress upload limits for reference.\u003C\u002Fp>\n\u003Cp>Early-stage security enforcement — before files reach media processing.\u003C\u002Fp>\n\u003Cp>Fully translatable and internationalized (media-file-limiter text domain).\u003C\u002Fp>\n\u003Cp>Compatible with multisite environments.\u003C\u002Fp>\n\u003Cp>Why This Plugin?\u003Cbr \u002F>\nWordPress allows large files and executable extensions under certain misconfigurations, which can lead to:\u003C\u002Fp>\n\u003Cp>Server performance degradation.\u003C\u002Fp>\n\u003Cp>Potential remote code execution (RCE) risks.\u003C\u002Fp>\n\u003Cp>Media library clutter and upload errors.\u003C\u002Fp>\n\u003Cp>Media File Limiter addresses these issues with a simple, configurable interface under the WordPress “Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Media Limit” page.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version.\u003C\u002Fp>\n\u003Cp>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>The plugin follows WordPress Coding Standards (WPCS).\u003C\u002Fp>\n\u003Cp>All options use the Settings API (register_setting \u002F add_settings_field).\u003C\u002Fp>\n\u003Cp>Security first: early execution priority (wp_handle_upload_prefilter, priority 1).\u003C\u002Fp>\n\u003Cp>Uninstall hook (register_uninstall_hook) ensures full cleanup.\u003C\u002Fp>\n","Restrict maximum upload file size and block dangerous extensions at upload time. Ensures early-stage validation for enhanced WordPress media security.",154,"2025-11-05T11:12:00.000Z","6.8.5","6.8","7.4",[25,26,27,28,29],"file-size","media","mime","security","upload","https:\u002F\u002Fp-fox.jp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-file-limiter.1.0.zip",null,"2026-03-15T15:16:48.613Z",{"slug":35,"name":36,"version":16,"author":4,"author_profile":5,"description":37,"short_description":38,"active_installs":7,"downloaded":39,"rating":7,"num_ratings":7,"last_updated":40,"tested_up_to":21,"requires_at_least":22,"requires_php":23,"tags":41,"homepage":42,"download_link":43,"security_score":8,"vuln_count":7,"unpatched_count":7,"last_vuln_date":32,"fetched_at":44},"rest-api-shield-xml-rpc-blocker","REST API Shield & XML-RPC Blocker","\u003Cp>This plugin is designed to fundamentally strengthen the security of your WordPress site.\u003C\u002Fp>\n\u003Cp>By default, WordPress exposes REST API endpoints like the user list (\u002Fwp\u002Fv2\u002Fusers) even to unauthenticated users (anonymous users). This poses a risk of information leakage and can serve as a stepping stone for brute-force attacks by enabling username enumeration.\u003C\u002Fp>\n\u003Cp>Using this plugin, you can finely adjust the following security settings from the “Settings” -> “General” page in the administration area.\u003C\u002Fp>\n\u003Cp>Key Security Features\u003C\u002Fp>\n\u003Ch3>REST API Anonymous Access Restriction:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Core endpoints (such as users, comments, media) and broad routes added by plugins can be specified as a blacklist.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Routes necessary for blog display (such as wp\u002Fv2\u002Fposts) can be specified as a whitelist to exempt them from restrictions.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Configure the HTTP status code (e.g., 403 Forbidden) and a custom error message to return upon access denial, preventing attackers from gaining insight into your site structure.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Complete XML-RPC Blocking:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Completely disable the XML-RPC functionality (xmlrpc.php) at the core WordPress level.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>When an attacker attempts access, the plugin responds with a specified HTTP status code and a custom error message, deceptively denying access.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is highly recommended for all WordPress sites that require enhanced security.\u003C\u002Fp>\n","A security plugin that controls XML-RPC access and specific WordPress REST API endpoints from anonymous users.",179,"",[],"https:\u002F\u002Fp-fox.jp\u002Fblog\u002Farchive\u002F367\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frest-api-shield-xml-rpc-blocker.1.0.zip","2026-03-15T10:48:56.248Z"]