[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWKhK2Uib8I9gK6NXPoQLfwlqwrew2q1SJkLTvda7bB0":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"vikichand","Vikash Chand","https:\u002F\u002Fprofiles.wordpress.org\u002Fvikichand\u002F",1,20,85,30,84,"2026-04-04T06:04:54.587Z",[14],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":8,"downloaded":20,"rating":21,"num_ratings":21,"last_updated":22,"tested_up_to":23,"requires_at_least":24,"requires_php":25,"tags":26,"homepage":32,"download_link":33,"security_score":9,"vuln_count":21,"unpatched_count":21,"last_vuln_date":34,"fetched_at":35},"simple-xml-rpc-disabler","Simple XML-RPC Disabler","1.1.0","\u003Ch4>What Is xmlrpc.php?\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.xmlrpc.com\u002F\" rel=\"nofollow ugc\">XML-RPC\u003C\u002Fa> is a remote procedure call (RPC) protocol, a feature included in WordPress, which enables data to be transmitted. It uses HTTP as the transport mechanism, and XML to encode its calls.\u003C\u002Fp>\n\u003Cp>Unless you use remote technologies and mobile applications to update your WordPress site, you might not be familiar with XML-RPC. For the uninitiated, you can use xmlrpc.php to establish a remote connection to WordPress, and make updates to your site without directly logging in to your WordPress system.\u003C\u002Fp>\n\u003Cp>XML-RPC is indeed useful for enabling remote connections between various external applications and WordPress. On the other hand, disabling this feature can help improve your site’s security.\u003C\u002Fp>\n\u003Ch4>Why You Should Disable xmlrpc.php?\u003C\u002Fh4>\n\u003Cp>The problem is that xmlrpc.php poses a security risk. It creates an additional access point to your site, which could leave it vulnerable to external attacks. Every time you authenticate XML-RPC, you need to supply your username and password. As you can imagine, this isn’t exactly ideal for security purposes.\u003C\u002Fp>\n\u003Cp>For example, in order to prevent brute force attacks, you can limit login attempts on your WordPress site. However, with XML-RPC enabled, that limit does not exist. There’s no capping on login attempts, which means it’s only a matter of time before a determined cybercriminal gains access.\u003C\u002Fp>\n\u003Cp>By disabling the feature, you are closing a potential area of entry for hackers.\u003C\u002Fp>\n\u003Cp>XML-RPC functionality is turned on by default since WordPress 3.5. This plugin completely disables the XML-RPC API which can be abused by hackers on a WordPress site, providing an easy and simple way to disable\u002Fenable the XML-RPC API.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.8.1 or higher.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin completely disables the XML-RPC API which can be abused by hackers on a WordPress site, providing an easy and simple way to disable\u002Fenable …",1512,0,"2021-05-15T04:56:00.000Z","5.7.15","3.5","5.6",[27,28,29,30,31],"ddos","rpc","xml","xml-rpc","xmlrpc","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-xml-rpc-disabler","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-xml-rpc-disabler.1.1.0.zip",null,"2026-03-15T15:16:48.613Z"]