[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZijYHSb2QFOSwTtI-xNdcoTGHqVjZfeWljGOeEua_fc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":141,"fingerprints":232},"1-click-passwordless-login","1-Click PasswordLess Login","1.0.0","xplodman","https:\u002F\u002Fprofiles.wordpress.org\u002Fxplodman\u002F","\u003Cp>\u003Cstrong>1-Click PasswordLess Login\u003C\u002Fstrong> allows users to log in \u003Cstrong>without passwords\u003C\u002Fstrong>, using secure \u003Cstrong>magic links\u003C\u002Fstrong>.\u003Cbr \u002F>\nEnhance security and user experience by eliminating traditional password-based logins.\u003C\u002Fp>\n\u003Ch3>🔥 Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Magic Link Authentication\u003C\u002Fstrong> – Users log in via a secure, one-time-use email link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Compatibility\u003C\u002Fstrong> – Works seamlessly with WooCommerce login forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set Expiry Time\u003C\u002Fstrong> – Magic links expire after a configurable time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Email Notifications\u003C\u002Fstrong> – Modify login email subject and message.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum Login Attempts\u003C\u002Fstrong> – Limit failed login attempts before lockout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Dashboard Widget\u003C\u002Fstrong> – View login statistics inside WordPress admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lockout Protection\u003C\u002Fstrong> – Prevent brute-force attacks with login attempt tracking.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ Setup:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Navigate to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> 1-Click Login\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Configure authentication settings (expiry time, lockout, WooCommerce integration).\u003C\u002Fli>\n\u003Cli>Start using passwordless authentication!\u003C\u002Fli>\n\u003C\u002Fol>\n","A secure and simple 1-click passwordless login system for WordPress. No more passwords – just magic links!",0,699,"2025-02-23T15:40:00.000Z","6.7.5","5.6","7.4",[18,19,20,21,22],"authentication","login","one-click-login","passwordless","woocommerce","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F1-click-passwordless-login.1.0.0.zip",92,null,"2026-03-15T14:54:45.397Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,10,96,30,91,"2026-04-04T18:16:08.869Z",[37,64,87,105,124],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":16,"tags":52,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":11,"last_vuln_date":62,"fetched_at":63},"wp-sms","WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce","7.2","VeronaLabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fveronalabs\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwsms.io\u002F?utm_source=wporg&utm_medium=link&utm_campaign=website\" rel=\"nofollow ugc\">WSMS\u003C\u002Fa> lets you send SMS\u002FMMS notifications, one-time passwords (OTP), and two-factor authentication (2FA) messages straight from WordPress. It supports a wide range of SMS gateways and integrates with popular e-commerce and form builder plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use WSMS to:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Keep customers updated on WooCommerce orders\u003Cbr \u002F>\n– Collect subscribers with SMS newsletter forms\u003Cbr \u002F>\n– Secure logins with OTP & 2FA\u003Cbr \u002F>\n– Alert admins about new users, logins, or updates\u003Cbr \u002F>\n– Run marketing campaigns with scheduled or bulk SMS\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fdemo.wsms.io\u002Fwp-login.php\" rel=\"nofollow ugc\">Check out the demo\u003C\u002Fa> | \u003Ca href=\"#screenshots\" rel=\"nofollow ugc\">View screenshots\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fgateways?utm_source=wporg&utm_medium=link&utm_campaign=gateways\" rel=\"nofollow ugc\">See supported gateways\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fintegrations?utm_source=wporg&utm_medium=link&utm_campaign=integrations\" rel=\"nofollow ugc\">Explore integrations\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Send SMS\u002FMMS:\u003C\u002Fstrong> Send messages through your choice of supported SMS gateways.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-Commerce & Form Integration:\u003C\u002Fstrong> Seamlessly integrates with popular e-commerce platforms and form builders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OTP & 2FA:\u003C\u002Fstrong> Add extra login security with one-time passwords and two-factor authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile Login:\u003C\u002Fstrong> Let users log in with their mobile number.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Alerts:\u003C\u002Fstrong> Get notified when new users register, posts are published, or WordPress updates are available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Newsletters & Widgets:\u003C\u002Fstrong> Build SMS newsletter forms with shortcodes, widgets, or Gutenberg blocks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two-Way SMS (All-in-One):\u003C\u002Fstrong> Receive and reply to SMS messages inside WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk & Scheduled SMS:\u003C\u002Fstrong> Send to multiple recipients at once, immediately or on schedule.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Integration:\u003C\u002Fstrong> Connect with external services and automation platforms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Messaging Button:\u003C\u002Fstrong> Let visitors reach you instantly via messaging channels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant:\u003C\u002Fstrong> Built with privacy and compliance in mind.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to WSMS All-in-One\u003C\u002Fh3>\n\u003Cp>Unlock additional features with \u003Cstrong>All-in-One\u003C\u002Fstrong> — the plan that gives you access to all premium add-ons in one package.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With All-in-One you get:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Secure login & registration with OTP & 2FA\u003Cbr \u002F>\n– Scheduled & recurring SMS\u002FMMS\u003Cbr \u002F>\n– Two-way SMS inbox\u003Cbr \u002F>\n– Enhanced e-commerce features (login, checkout verification, order updates)\u003Cbr \u002F>\n– Membership platform integrations\u003Cbr \u002F>\n– Advanced form builder SMS capabilities\u003Cbr \u002F>\n– Marketing automation integrations\u003Cbr \u002F>\n– Booking system compatibility\u003Cbr \u002F>\n– URL shortening service integration\u003Cbr \u002F>\n– All future add-ons included\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fpricing\u002F?utm_source=wporg&utm_medium=link&utm_campaign=pricing\" rel=\"nofollow ugc\">See All-in-One details & compare features\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🐞 Report Bugs & Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Found a bug? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">Open an issue on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Security concerns? Report them via the \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fwordpress\u002Fplugin\u002Fwp-sms\u002Fvdp\" rel=\"nofollow ugc\">Patchstack VDP program\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📝 Trademark Notice\u003C\u002Fh3>\n\u003Cp>WooCommerce, GravityForms, Elementor, Contact Form 7, Twilio, WhatsApp, Clickatell, BulkSMS, Plivo, Zapier, Bitly, and other product names mentioned are trademarks of their respective owners. WSMS is not affiliated with, endorsed by, or sponsored by these companies.\u003C\u002Fp>\n\u003Ch3>Source Code and Build Instructions\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> The plugin works out of the box — no build steps required for regular users. This section is for developers who want to modify or contribute to the source code. See the \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">full documentation\u003C\u002Fa> for user guides.\u003C\u002Fp>\n\u003Cp>All source code for minified JavaScript and CSS is included in the plugin under the \u003Ccode>resources\u002F\u003C\u002Fcode> directory. Build instructions and full source are available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Third-Party Libraries\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchartjs\u002FChart.js\" rel=\"nofollow ugc\">Chart.js\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fflatpickr\u002Fflatpickr\" rel=\"nofollow ugc\">flatpickr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjackocnr\u002Fintl-tel-input\" rel=\"nofollow ugc\">intlTelInput\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDubFriend\u002Fjquery.repeater\" rel=\"nofollow ugc\">jquery.repeater\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqwertypants\u002FjQuery-Word-and-Character-Counter-Plugin\" rel=\"nofollow ugc\">jQuery Word and Character Counter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffacebook\u002Freact\" rel=\"nofollow ugc\">React\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fselect2\u002Fselect2\" rel=\"nofollow ugc\">Select2\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftailwindlabs\u002Ftailwindcss\" rel=\"nofollow ugc\">Tailwind CSS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcalebjacob\u002Ftooltipster\" rel=\"nofollow ugc\">Tooltipster\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fveronalabs\u002Fwp-scoper\" rel=\"nofollow ugc\">WP Scoper\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Repository\u003C\u002Fh4>\n\u003Cp>Full source code: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">github.com\u002Fwp-sms\u002Fwp-sms\u003C\u002Fa>\u003C\u002Fp>\n","Send SMS\u002FMMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.",9000,730389,82,105,"2026-03-08T08:32:00.000Z","6.9.4","4.1",[53,54,55,56,57],"2fa-authentication","bulk-sms","otp-login","sms-notifications","woocommerce-sms","https:\u002F\u002Fwsms.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sms.7.2.zip",95,15,"2026-02-10 00:00:00","2026-03-15T15:16:48.613Z",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":84,"download_link":85,"security_score":86,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":63},"firebase-authentication","Firebase Authentication","1.6.8","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Cstrong>WordPress Firebase Authentication Plugin\u003C\u002Fstrong> allows you to login to WordPress sites using your Firebase user login credentials or via Social Login.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-firebase-authentication\u002F\" rel=\"nofollow ugc\">WordPress Firebase Authentication\u003C\u002Fa> works using the default WordPress login page. We support \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-woocommerce-integration\u002F\" rel=\"nofollow ugc\">Firebase WooCommerce Integration\u003C\u002Fa> and other third-party login pages along with custom login forms.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-into-wordpress-using-firebase-authentication\u002F\" rel=\"nofollow ugc\">WordPress Firebase Authentication\u003C\u002Fa>\u003C\u002Fstrong> : WordPress login using Firebase authentication user login credentials\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Create Users\u003C\u002Fstrong> : After login using Firebase login credentials, new user automatically gets created in WordPress\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-premium-and-enterprise-plugin-features\u002F\" rel=\"nofollow ugc\">Configurable login options\u003C\u002Fa>\u003C\u002Fstrong> :\u003Cbr \u002F>\nProvide option to login with,\u003Cbr \u002F>\na) Only Firebase credentials\u003Cbr \u002F>\nb) Only WordPress credentials\u003Cbr \u002F>\nc) Both Firebase and WordPress credentials\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Register WooCommerce Users to Firebase\u003C\u002Fstrong> : Provide an option to sync a WordPress user to Firebase whenever an end-user registers into the WordPress site via the WooCommerce registration form. User is created in Firebase with only an email address and password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Firebase Phone Authentication method\u003C\u002Fstrong> : Users will be asked to enter OTP provided via Firebase to login into WordPress (Passwordless login). This works for WooCommerce as well.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ffirebase-social-login-integration-for-wordpress\" rel=\"nofollow ugc\">Support for Firebase Social Login\u003C\u002Fa>\u003C\u002Fstrong> : With Firebase authentication, users will be provided an option to login in to WordPress using selected social login providers\u003Cbr \u002F>\nProviders supported are:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-google-using-firebase-authentication\" rel=\"nofollow ugc\">Google\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-facebook-using-firebase-authentication\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Flogin-with-apple-using-firebase-authentication\" rel=\"nofollow ugc\">Apple\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Yahoo\u003C\u002Fli>\n\u003Cli>Microsoft\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Firebase WooCommerce Integration\u003C\u002Fstrong> : Integrate WooCommerce with the WordPress Firebase Authentication plugin and allow users to log in to your WooCommerce site using firebase login credentials on WooCommerce Checkout and My account page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwoocommerce-cloud-firestore-integration\" rel=\"nofollow ugc\">WordPress Firestore Integration\u003C\u002Fa>\u003C\u002Fstrong>: Sync WordPress User Meta to Cloud Firestore Collections, WooCommerce products, orders, subscription sync to Firebase database.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Social Login buttons Shortcode\u003C\u002Fstrong> : Use a shortcode to place Firebase social login buttons anywhere in your Theme or Plugin\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Sync Firebase UID to WordPress\u003C\u002Fstrong> : Users can map email, Firebase user-id to their WordPress user profile using this WordPress Firebase Authentication feature.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Redirect Login and Logout URL\u003C\u002Fstrong> : Automatically Redirect users after successful login\u002Flogout. This works for WooCommerce as well.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Support for Firebase Login and Registration form Shortcode\u003C\u002Fstrong> : Using login form shortcode, users can enter their Firebase credentials to login into the WP site, and using the registration form shortcode, users can register into the WordPress site, and that user is also auto created in Firebase with an email address and password.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>WP Hooks for Different Events\u003C\u002Fstrong> : WordPress Firebase authentication provides support for different hooks for user defined functions.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>  \u003Cstrong>WordPress login with Firebase JWT\u003C\u002Fstrong>: WordPress login with Firebase JWT allows you to create a user login session on a WordPress site using their Firebase JWT token, eliminating the need to enter their login credentials again. This is highly recommended when there are multiple websites\u002Fapplications and the user is already logged in to any of them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows login into WordPress using Firebase user credentials and maps Firebase user data to WordPress user profile.",500,26163,80,20,"2025-05-20T17:48:00.000Z","6.8.5","3.0.1","7.0",[18,81,82,19,83],"firebase","jwt","woocommerce-integration","http:\u002F\u002Ffirebase-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirebase-authentication.1.6.8.zip",100,{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":11,"num_ratings":11,"last_updated":97,"tested_up_to":77,"requires_at_least":98,"requires_php":99,"tags":100,"homepage":23,"download_link":104,"security_score":86,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":63},"gatelink-manager","GateLink Manager – Secure One‑Click Admin Login & WordPress SSO","1.8.3","NUMAN RASHEED","https:\u002F\u002Fprofiles.wordpress.org\u002Fnumanrki\u002F","\u003Cp>\u003Cstrong>GateLink Manager\u003C\u002Fstrong> pairs with the companion GateLink Client to deliver secure, zero‑config single sign‑on for WordPress. Skip copying credentials across sites: connect your hub to client sites and teleport into their dashboards with a single click. Whether you’re a developer, freelancer or agency managing many installations, GateLink saves time and reduces risk by using cryptographically signed links that expire within minutes.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero‑config, one‑click login\u003C\u002Fstrong> – Jump straight into any connected site’s wp‑admin without passwords.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Passwordless SSO & HMAC security\u003C\u002Fstrong> – Each login URL is HMAC‑signed and valid for only a short time.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi‑site management\u003C\u002Fstrong> – Add, edit, delete, verify and log in to client sites from a single dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free plan included\u003C\u002Fstrong> – Manage up to 3 sites at no cost; upgrade to Pro (20 sites) or Business (unlimited) when needed.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built‑in logs & metrics\u003C\u002Fstrong> – View connection history and lightweight stats right from the dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong> – Responsive admin interface styled with Tailwind, tuned for accessibility and ease of use.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Add a site\u003C\u002Fstrong> – Enter the client’s base URL on your Manager dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share a token\u003C\u002Fstrong> – Create or paste the Shared Token in Manager; paste the same token in the Client’s “Trusted Manager” screen.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Verify & trust\u003C\u002Fstrong> – Click \u003Cstrong>Verify\u003C\u002Fstrong> to perform a health check and establish trust.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login\u003C\u002Fstrong> – Click \u003Cstrong>Login\u003C\u002Fstrong>; a short‑lived, HMAC‑signed URL opens the client site in a new tab, validates the signature and redirects to \u003Ccode>\u002Fwp-admin\u003C\u002Fcode>.  \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cryptographically signed tokens\u003C\u002Fstrong> – All login links use HMAC‑SHA256 signatures with nonce‑based replay protection.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time‑limited links\u003C\u002Fstrong> – Tokens expire after a few minutes to reduce attack windows.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>No stored credentials\u003C\u002Fstrong> – GateLink never stores your admin passwords; only minimal metadata and logs are kept locally.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTTPS required\u003C\u002Fstrong> – Both Manager and Client sites must run over HTTPS; allow‑list the login query parameters (\u003Ccode>gatelink_login\u003C\u002Fcode>, \u003Ccode>cid\u003C\u002Fcode>, \u003Ccode>ts\u003C\u002Fcode>, \u003Ccode>sig\u003C\u002Fcode>) in security\u002FCDN tools if necessary.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plans & Licensing\u003C\u002Fh3>\n\u003Cp>GateLink is free to use for up to three client sites. Professional and Business plans unlock higher site limits and additional support options. Licensing is handled through Freemius; no license key is required for the free tier.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>GateLink communicates only with other WordPress sites that have the GateLink Client plugin installed. Data exchanged includes site URLs, shared tokens, and connection timestamps. Licensing and support are provided via the Freemius service; activating a paid license sends your site domain, license key, and environment info to Freemius for validation.\u003C\u002Fp>\n","Secure, passwordless admin access for multiple WordPress sites—one‑click, HMAC‑signed SSO for remote wp‑admin login.",50,541,"2025-10-14T13:42:00.000Z","6.3","8.0",[101,102,20,21,103],"admin-access","multi-site","single-sign-on","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgatelink-manager.1.8.3.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":86,"num_ratings":30,"last_updated":115,"tested_up_to":77,"requires_at_least":116,"requires_php":79,"tags":117,"homepage":120,"download_link":121,"security_score":60,"vuln_count":122,"unpatched_count":11,"last_vuln_date":123,"fetched_at":63},"simpler-checkout","Simpler Checkout","1.3.5","simplercheckout","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimplercheckout\u002F","\u003Cp>The Simpler Checkout button lets your customers complete their purchases in seconds. Customers using Simpler for the first time will fill in a simple form once. For all the next purchases, they can complete their orders with one click, regardless of device or browser, and without a password.\u003C\u002Fp>\n\u003Cp>Simpler checkout is designed based on conversion best practices, reducing friction and increasing sales.\u003C\u002Fp>\n\u003Ch3>1.3.5\u003C\u002Fh3>\n\u003Cp>Feat: use \u002Fv1\u002Fcart-requests to create carts for takeover\u003C\u002Fp>\n\u003Ch3>1.3.4\u003C\u002Fh3>\n\u003Cp>Fix: compatibility with woocommerce 10.4+\u003C\u002Fp>\n\u003Ch3>1.3.3\u003C\u002Fh3>\n\u003Cp>Fix(takeover): use determine_locale with extra filter for language resolution\u003C\u002Fp>\n\u003Ch3>1.3.2\u003C\u002Fh3>\n\u003Cp>Feat: handle grouped products\u003Cbr \u002F>\nFix: normalize option keys in product feed\u003Cbr \u002F>\nFix: handle stock status in product feed\u003Cbr \u002F>\nCompat: Skroutz Lockers\u003C\u002Fp>\n\u003Ch3>1.3.1\u003C\u002Fh3>\n\u003Cp>Fix: normalize product feed and product details request responses\u003C\u002Fp>\n\u003Ch3>1.3.0\u003C\u002Fh3>\n\u003Cp>Feat: introduce product feed route\u003C\u002Fp>\n\u003Ch3>1.2.7\u003C\u002Fh3>\n\u003Cp>Fix(coupons): Check if coupon already exists in session cart before applying it\u003C\u002Fp>\n\u003Ch3>1.2.6\u003C\u002Fh3>\n\u003Cp>Fix(compat): Set order status to complete for digital vouchers from WooCommerce PDF Vouchers\u003C\u002Fp>\n\u003Ch3>1.2.5\u003C\u002Fh3>\n\u003Cp>Fix: Pass shipping as order item for WC 10.3.0\u003C\u002Fp>\n\u003Ch3>1.2.4\u003C\u002Fh3>\n\u003Cp>Fix: Should render button for WooCommerce PDF Vouchers\u003C\u002Fp>\n\u003Ch3>1.2.3\u003C\u002Fh3>\n\u003Cp>Feat: Default support for woo attribution to true\u003Cbr \u002F>\nFix: Support extra keys for order attribution meta\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-pdf-vouchers-ultimate-gift-cards-wordpress-plugin\u002F7392046\" rel=\"nofollow ugc\">WooCommerce PDF Vouchers\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.2.2\u003C\u002Fh3>\n\u003Cp>Fix: Payment method title\u003C\u002Fp>\n\u003Ch3>1.2.1\u003C\u002Fh3>\n\u003Cp>Feat: Clean output buffers before writing api json responses\u003C\u002Fp>\n\u003Ch3>1.2.0\u003C\u002Fh3>\n\u003Cp>Feat: Check verification token before auto-login on order success\u003C\u002Fp>\n\u003Ch3>1.1.13\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-eu-vat-compliance\u002F\" rel=\"ugc\">EU VAT Compliance Premium\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.12\u003C\u002Fh3>\n\u003Cp>Fix(compat): WC Pickup Store\u003C\u002Fp>\n\u003Ch3>1.1.11\u003C\u002Fh3>\n\u003Cp>Fix(multi-currency): Full support of multi-currency\u003Cbr \u002F>\nFeat(settings): Disable force login\u003C\u002Fp>\n\u003Ch3>1.1.10\u003C\u002Fh3>\n\u003Cp>Chore: strict time frame\u003C\u002Fp>\n\u003Ch3>1.1.9\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-multilingual\u002F\" rel=\"ugc\">WPML Multicurrency\u003C\u002Fa>\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpre-orders-for-woocommerce\u002F\" rel=\"ugc\">Pre-Orders for WooCommerce\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.8\u003C\u002Fh3>\n\u003Cp>Fix: Bank transfer email on order submit (default status: on-hold)\u003Cbr \u002F>\nFix: Order notes\u003C\u002Fp>\n\u003Ch3>1.1.7\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpw-woocommerce-gift-cards\u002F\" rel=\"ugc\">PW WooCommerce Gift Cards\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.6\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.com\u002Fplugins\u002Fgift-wrapping-for-woocommerce\" rel=\"nofollow ugc\">Gift Wrapping for WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\nFeat: Link stub payment gateway settings screen to plugin settings for configuration\u003Cbr \u002F>\nFix: WooCommerce order attribution hooks race condition\u003Cbr \u002F>\nFix: Ignore shipping address when quote is for virtual cart\u003Cbr \u002F>\nFix(COD): include restrictions\u003C\u002Fp>\n\u003Ch3>1.1.5\u003C\u002Fh3>\n\u003Cp>Fix\u002FCompat: WC Smart COD \u002F availability to set 0 fees\u003C\u002Fp>\n\u003Ch3>1.1.4\u003C\u002Fh3>\n\u003Cp>Fix\u002FCompat: WC Smart COD \u002F include tax\u003C\u002Fp>\n\u003Ch3>1.1.3\u003C\u002Fh3>\n\u003Cp>Feat: Bank transfer payment method\u003Cbr \u002F>\nFix\u002FCompat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-smart-cod\u002F\" rel=\"ugc\">WC Smart COD\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.2\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-product-bundle\u002F\" rel=\"ugc\">WPC Product Bundles for WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-bought-together\u002F\" rel=\"ugc\">WPC Frequently Bought Together for WooCommerce\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.1\u003C\u002Fh3>\n\u003Cp>Compat: Asana \u003Ca href=\"https:\u002F\u002Fwww.asanaplugins.com\u002Fproduct\u002Fwoocommerce-dynamic-pricing-and-discounts-plugin\u002F\" rel=\"nofollow ugc\">WooCommerce Dynamic Pricing and Discounts\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.1.0\u003C\u002Fh3>\n\u003Cp>Feat(hook): custom cod cost hook\u003C\u002Fp>\n\u003Ch3>1.0.9\u003C\u002Fh3>\n\u003Cp>Fix(takeover-checkout): prevent redirection if cart has no products\u003Cbr \u002F>\nCompat: BoxNow ‘Pay on the Go’ payment method as COD\u003C\u002Fp>\n\u003Ch3>1.0.8\u003C\u002Fh3>\n\u003Cp>Feat: takeover checkout (Replace native checkout with Simpler)\u003C\u002Fp>\n\u003Ch3>1.0.7\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-smart-cod\u002F\" rel=\"ugc\">WC Smart COD\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.0.6\u003C\u002Fh3>\n\u003Cp>Fix: increase http timeout for integration status call\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwoocommerce-dynamic-pricing-discounts\u002F7119279\" rel=\"nofollow ugc\">Rightpress Dynamic Discounts\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.0.5\u003C\u002Fh3>\n\u003Cp>fix(payment): enable payment gateway and hide it from checkout\u003C\u002Fp>\n\u003Ch3>1.0.4\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fbuy-one-get-one-free\u002F\" rel=\"nofollow ugc\">BOGO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.0.3\u003C\u002Fh3>\n\u003Cp>Feat: handle bundle discounted products\u003C\u002Fp>\n\u003Ch3>1.0.2\u003C\u002Fh3>\n\u003Cp>Feat: \u003Ccode>simplerwc_customer_properties\u003C\u002Fcode> filter\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fwordpress.com\u002Fplugins\u002Fwc-pickup-store\" rel=\"nofollow ugc\">WC Pickup Store\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>1.0.1\u003C\u002Fh3>\n\u003Cp>Hotfix: default to production environment when no explicit setting\u003C\u002Fp>\n\u003Ch3>1.0.0\u003C\u002Fh3>\n\u003Cp>Feat: new \u003Ccode>simplerwc_order_created\u003C\u002Fcode> action on successful submission\u003Cbr \u002F>\nFeat: run \u003Ccode>woocommerce_checkout_order_created\u003C\u002Fcode> action on successful submission\u003Cbr \u002F>\nFeat: remove sandbox option as Simpler production environment now supports Test Stores\u003C\u002Fp>\n\u003Ch3>0.7.11\u003C\u002Fh3>\n\u003Cp>Compat: WordPress 6.5\u003C\u002Fp>\n\u003Ch3>0.7.10\u003C\u002Fh3>\n\u003Cp>Feat: Experimental support for \u003Ca href=\"https:\u002F\u002Fwoo.com\u002Fdocument\u002Forder-attribution-tracking\u002F\" rel=\"nofollow ugc\">WooCommerce Order Attribution Tracking\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>0.7.9\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-pay-for-payment\u002F\" rel=\"ugc\">Pay for Payment for WooCommerce\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>0.7.8\u003C\u002Fh3>\n\u003Cp>Fix: omit coupon from button payload if empty\u003C\u002Fp>\n\u003Ch3>0.7.7\u003C\u002Fh3>\n\u003Cp>Feat: introduce \u003Ccode>simplerwc_should_render_product_button\u003C\u002Fcode> and \u003Ccode>simplerwc_should_render_cart_button\u003C\u002Fcode> filters for granular control of rendering logic\u003Cbr \u002F>\nFeat: introduce \u003Ccode>simplerwc_button_get_product_attibutes\u003C\u002Fcode> and \u003Ccode>simplerwc_get_cart_item_data\u003C\u002Fcode> filters for managing cart item attributes\u003Cbr \u002F>\nCompat: \u003Ca href=\"https:\u002F\u002Fithemelandco.com\u002Fplugins\u002Ffree-gifts-for-woocommerce\u002F\" rel=\"nofollow ugc\">iThemeland Free Gifts\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>0.7.6\u003C\u002Fh3>\n\u003Cp>Fix: COD filters invocation\u003C\u002Fp>\n\u003Ch3>0.7.5\u003C\u002Fh3>\n\u003Cp>Feat: Parse company invoicing details in order request\u003Cbr \u002F>\nFix: do not set payment method title when payment method is not simpler\u003C\u002Fp>\n\u003Ch3>0.7.4\u003C\u002Fh3>\n\u003Cp>Feat: Support COD payment method\u003Cbr \u002F>\nCompat: Smart COD plugin support\u003C\u002Fp>\n\u003Ch3>0.7.3\u003C\u002Fh3>\n\u003Cp>Compat: BoxNow v2 plugin support\u003C\u002Fp>\n\u003Ch3>0.7.2\u003C\u002Fh3>\n\u003Cp>Feat: Allow switching to sandbox environment from single distributable\u003C\u002Fp>\n\u003Ch3>0.7.1\u003C\u002Fh3>\n\u003Cp>Fix: Correct auth cookie argument in login before order confirmation redirect\u003C\u002Fp>\n\u003Ch3>0.7.0\u003C\u002Fh3>\n\u003Cp>Feat: Login user before redirecting to order confirmation\u003C\u002Fp>\n\u003Ch3>0.6.2\u003C\u002Fh3>\n\u003Cp>Feat: Add Minicart placement setting\u003Cbr \u002F>\nFix: remove excessive free gifts returned in products response when FGF plugin is active\u003C\u002Fp>\n\u003Ch3>0.6.1\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fboxnow.gr\u002F\" rel=\"nofollow ugc\">BoxNow\u003C\u002Fa> support\u003C\u002Fp>\n\u003Ch3>0.6.0\u003C\u002Fh3>\n\u003Cp>Compat: \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Flocal-pickup-plus\" rel=\"nofollow ugc\">WooCommerce Local Pickup Plus\u003C\u002Fa> support\u003Cbr \u002F>\nFix: Apply coupons before collecting shipping rates to account for free shipping coupons\u003Cbr \u002F>\nFix: Set chosen shipping method on retrieved package keys instead of defaulting to 0\u003C\u002Fp>\n\u003Ch3>0.5.8\u003C\u002Fh3>\n\u003Cp>Fix: WooCommerce Product Bundles correct quantity payload when bundle is in cart\u003C\u002Fp>\n\u003Ch3>0.5.7\u003C\u002Fh3>\n\u003Cp>Fix: Free Gifts for Woocommerce support for cart checkout with gift\u003C\u002Fp>\n\u003Ch3>0.5.6\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Ffree-gifts-for-woocommerce\u002F\" rel=\"nofollow ugc\">Free Gifts for Woocommerce\u003C\u002Fa> support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.5\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support Product Bundles created with WooCommerce Product Bundles plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.4\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Calculate discounted tax when simpler discount present\u003C\u002Fli>\n\u003Cli>Fix : check data validity when invoking simplerwc_should_render_button function\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Optionally include customer email during quotation to handle coupon usage limits\u003C\u002Fli>\n\u003Cli>Fix : Refactor submission flow to ensure shipping tax calculation works as intended\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix: Cost reporting in order confirmation email\u003C\u002Fli>\n\u003Cli>Remove deprecated order submission functionality\u003C\u002Fli>\n\u003Cli>Remove deprecated Offers tab from Settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hotfix: Include customer name & phone in order shipping address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.5.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support custom fees during cart fees calculation\u003C\u002Fli>\n\u003Cli>Breakdown products cost during quotation\u003C\u002Fli>\n\u003Cli>Excluded specific user roles from viewing the button\u003C\u002Fli>\n\u003Cli>Fix: Price rounding\u003C\u002Fli>\n\u003Cli>Fix: Include tax in coupons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.4.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Breaking : Drop support for legacy SDK\u003C\u002Fli>\n\u003Cli>Add configuration option to hide the product page button if cart contains at least one item\u003C\u002Fli>\n\u003Cli>Include amount in refund request to account for partial refunds\u003C\u002Fli>\n\u003Cli>Introduce programmatic filter to modify shipping rates during quotation\u003C\u002Fli>\n\u003Cli>Fix : Include tax amount in shipping costs during quotation\u003C\u002Fli>\n\u003Cli>Fix : Respect prices when input excluding tax\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.3.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Introduce products route to speed up product details retrieval\u003C\u002Fli>\n\u003Cli>Introduce \u002Fv2\u002Forder route to include cart calculation hooks in order submission flow\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.3.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fix critical issue preventing the plugin from running on PHP 7.2\u003C\u002Fli>\n\u003Cli>Render translated asset texts based on store locale\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.3.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add product attributes to simpler integration for variable products.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>0.3.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Extract browser assets to external file, hosted at https:\u002F\u002Fcdn.simpler.so. This behavior can be toggled off by the “use legacy SDK” checkbox in the plugin settings, but is not encouraged.\u003C\u002Fli>\n\u003Cli>Use a Web Component to render the simpler-checkout button\u003C\u002Fli>\n\u003Cli>Add separate option to control if checkout button gets rendered in the cart view\u003C\u002Fli>\n\u003Cli>Accepted cards notice is now controlled by a single option for all positions to enhance consistency\u003C\u002Fli>\n\u003C\u002Ful>\n","Let your customers checkout in seconds. The simplest way to increase your sales.",40,13204,"2026-03-02T09:00:00.000Z","5.1",[18,118,19,119,22],"checkout","simpler","https:\u002F\u002Fsimpler.so\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimpler-checkout.1.3.5.zip",1,"2025-08-22 15:41:29",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":33,"downloaded":132,"rating":11,"num_ratings":11,"last_updated":133,"tested_up_to":77,"requires_at_least":134,"requires_php":23,"tags":135,"homepage":139,"download_link":140,"security_score":86,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":63},"keyless-auth","Keyless Auth – Login without Passwords","3.2.4","Chris Martens","https:\u002F\u002Fprofiles.wordpress.org\u002Fchrmrtns\u002F","\u003Cp>Transform your WordPress login experience with passwordless authentication. Users simply enter their email address and receive a secure magic link – click to login instantly. It’s more secure than weak passwords and infinitely more user-friendly.\u003C\u002Fp>\n\u003Ch4>Why Choose Keyless Auth?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Enhanced Security\u003C\u002Fstrong>: No more weak, reused, or compromised passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Better User Experience\u003C\u002Fstrong>: One click instead of remembering complex passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduced Support\u003C\u002Fstrong>: Eliminate “forgot password” requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Authentication\u003C\u002Fstrong>: Enterprise-grade security used by Slack, Medium, and others\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening\u003C\u002Fstrong>: Built-in protection against brute force attacks and username enumeration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Quick Start\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Create a new page and add the shortcode \u003Ccode>[keyless-auth]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Configure email templates in \u003Cstrong>Keyless Auth \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Templates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Done! Users can now login passwordlessly\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Core Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Ready to Use\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Magic Link Authentication\u003C\u002Fstrong> – Secure, one-time login links via email\u003Cbr \u002F>\n* \u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong> – Complete TOTP support with Google Authenticator\u003Cbr \u002F>\n* \u003Cstrong>Role-Based 2FA\u003C\u002Fstrong> – Require 2FA for specific user roles (admins, editors, etc.)\u003Cbr \u002F>\n* \u003Cstrong>Custom 2FA Setup URLs\u003C\u002Fstrong> – Direct users to branded frontend 2FA setup pages\u003Cbr \u002F>\n* \u003Cstrong>SMTP Integration\u003C\u002Fstrong> – Reliable email delivery through your mail server\u003Cbr \u002F>\n* \u003Cstrong>Email Templates\u003C\u002Fstrong> – Professional, customizable login emails\u003Cbr \u002F>\n* \u003Cstrong>Mail Logging\u003C\u002Fstrong> – Track all sent emails with delivery status\u003Cbr \u002F>\n* \u003Cstrong>Custom Database Tables\u003C\u002Fstrong> – Scalable architecture with dedicated audit logs\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Security\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Token Security\u003C\u002Fstrong>: 10-minute expiration, single-use tokens\u003Cbr \u002F>\n* \u003Cstrong>Audit Logging\u003C\u002Fstrong>: IP addresses, device types, login attempts\u003Cbr \u002F>\n* \u003Cstrong>Emergency Mode\u003C\u002Fstrong>: Grace period system with admin controls\u003Cbr \u002F>\n* \u003Cstrong>Secure Storage\u003C\u002Fstrong>: SMTP credentials in wp-config.php option\u003Cbr \u002F>\n* \u003Cstrong>XML-RPC Disable\u003C\u002Fstrong>: Block brute force attacks via XML-RPC interface\u003Cbr \u002F>\n* \u003Cstrong>Application Passwords Control\u003C\u002Fstrong>: Disable programmatic authentication when not needed\u003Cbr \u002F>\n* \u003Cstrong>User Enumeration Prevention\u003C\u002Fstrong>: Block username discovery attacks\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Customization\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>WYSIWYG Email Editor\u003C\u002Fstrong>: Full HTML support with live preview\u003Cbr \u002F>\n* \u003Cstrong>Advanced Color Controls\u003C\u002Fstrong>: Hex, RGB, HSL color formats\u003Cbr \u002F>\n* \u003Cstrong>Template System\u003C\u002Fstrong>: German, English, and custom templates\u003Cbr \u002F>\n* \u003Cstrong>Branding Options\u003C\u002Fstrong>: Custom sender names and professional styling\u003C\u002Fp>\n\u003Ch4>Installation & Setup\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Basic Installation\u003C\u002Fstrong>\u003Cbr \u002F>\n1. WordPress Admin \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Plugins \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Add New\u003Cbr \u002F>\n2. Search for “Keyless Auth”\u003Cbr \u002F>\n3. Install and activate\u003Cbr \u002F>\n4. Add [keyless-auth] shortcode to any page\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SMTP Configuration (Recommended)\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Navigate to Keyless Auth \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> SMTP\u003Cbr \u002F>\n2. Configure your email provider (Gmail, Outlook, SendGrid, etc.)\u003Cbr \u002F>\n3. Test email delivery\u003Cbr \u002F>\n4. Save settings\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two-Factor Authentication Setup\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Go to Keyless Auth \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Options\u003Cbr \u002F>\n2. Enable “Two-Factor Authentication”\u003Cbr \u002F>\n3. Select required user roles\u003Cbr \u002F>\n4. Users scan QR code with authenticator app\u003C\u002Fp>\n\u003Ch4>Email Templates\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Template Options\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>German Professional\u003C\u002Fstrong>: Sleek German-language template\u003Cbr \u002F>\n* \u003Cstrong>English Simple\u003C\u002Fstrong>: Clean, minimalist design\u003Cbr \u002F>\n* \u003Cstrong>Custom HTML\u003C\u002Fstrong>: Create your own with WYSIWYG editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Customization Features\u003C\u002Fstrong>\u003Cbr \u002F>\n* Full HTML and CSS support\u003Cbr \u002F>\n* Color picker for buttons and links\u003Cbr \u002F>\n* Responsive email design\u003Cbr \u002F>\n* Live template preview\u003Cbr \u002F>\n* Placeholder system for dynamic content\u003C\u002Fp>\n\u003Ch4>Security & Compliance\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Token Security\u003C\u002Fstrong>\u003Cbr \u002F>\n* Generated using WordPress security standards\u003Cbr \u002F>\n* Based on user ID, timestamp, and wp-config.php salt\u003Cbr \u002F>\n* 10-minute expiration with single-use enforcement\u003Cbr \u002F>\n* Secure database storage with automatic cleanup\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two-Factor Authentication\u003C\u002Fstrong>\u003Cbr \u002F>\n* TOTP-based system compatible with Google Authenticator, Authy\u003Cbr \u002F>\n* Role-based requirements for granular control\u003Cbr \u002F>\n* Grace period system for smooth user transitions\u003Cbr \u002F>\n* Custom verification forms with professional styling\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Database Architecture\u003C\u002Fstrong>\u003Cbr \u002F>\n* Custom tables for optimal performance\u003Cbr \u002F>\n* Comprehensive audit logging\u003Cbr \u002F>\n* Device tracking and IP monitoring\u003Cbr \u002F>\n* Automatic maintenance and cleanup routines\u003C\u002Fp>\n\u003Ch4>Security Hardening\u003C\u002Fh4>\n\u003Cp>Keyless Auth includes comprehensive security hardening features to protect your WordPress site from common attack vectors. All features are optional and can be enabled based on your site’s needs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>XML-RPC Disable\u003C\u002Fstrong>\u003Cbr \u002F>\n* Prevents brute force attacks via WordPress XML-RPC interface\u003Cbr \u002F>\n* Reduces attack surface by disabling legacy API\u003Cbr \u002F>\n* Recommended for sites not using Jetpack, mobile apps, or pingbacks\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Application Passwords Control\u003C\u002Fstrong>\u003Cbr \u002F>\n* Disable REST API and XML-RPC authentication when programmatic access isn’t needed\u003Cbr \u002F>\n* Prevents unauthorized API access\u003Cbr \u002F>\n* Recommended for simple sites without third-party integrations\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Enumeration Prevention\u003C\u002Fstrong>\u003Cbr \u002F>\n* Blocks REST API user endpoints (\u003Ccode>\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fcode>)\u003Cbr \u002F>\n* Redirects author archives and \u003Ccode>?author=N\u003C\u002Fcode> queries\u003Cbr \u002F>\n* Removes login error messages that reveal usernames\u003Cbr \u002F>\n* Strips comment author CSS classes\u003Cbr \u002F>\n* Removes author data from oEmbed responses\u003Cbr \u002F>\n* Recommended for business\u002Fcorporate sites without author profiles\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003Cbr \u002F>\n* Combined protection against brute force attacks\u003Cbr \u002F>\n* Prevents username discovery for targeted attacks\u003Cbr \u002F>\n* Reduces unauthorized API access\u003Cbr \u002F>\n* Easy to configure without code or .htaccess modifications\u003Cbr \u002F>\n* All features include comprehensive documentation\u003Cbr \u002F>\n* FTP recovery available if needed\u003C\u002Fp>\n\u003Ch4>SMTP & Email Delivery\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Supported Providers\u003C\u002Fstrong>\u003Cbr \u002F>\n* Gmail \u002F Google Workspace\u003Cbr \u002F>\n* Outlook \u002F Microsoft 365\u003Cbr \u002F>\n* Mailgun, SendGrid, Amazon SES\u003Cbr \u002F>\n* Any SMTP-compatible service\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Email Features\u003C\u002Fstrong>\u003Cbr \u002F>\n* Message-ID domain alignment for deliverability\u003Cbr \u002F>\n* SPF\u002FDKIM\u002FDMARC compliance\u003Cbr \u002F>\n* Custom sender names and addresses\u003Cbr \u002F>\n* Bulk email log management\u003Cbr \u002F>\n* Delivery status tracking\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Secure Credential Storage\u003C\u002Fstrong>\u003Cbr \u002F>\nStore SMTP credentials securely in wp-config.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('CHRMRTNS_KLA_SMTP_USERNAME', 'your-email@example.com');\ndefine('CHRMRTNS_KLA_SMTP_PASSWORD', 'your-smtp-password');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>WordPress Integration\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Login Page Integration\u003C\u002Fstrong>\u003Cbr \u002F>\n* Optional magic login field on wp-login.php\u003Cbr \u002F>\n* Seamless integration with existing login flow\u003Cbr \u002F>\n* Toggle control for easy enable\u002Fdisable\u003Cbr \u002F>\n* Clean, responsive form styling\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shortcode Usage\u003C\u002Fstrong>\u003Cbr \u002F>\nUse \u003Ccode>[keyless-auth]\u003C\u002Fcode> anywhere: pages, posts, widgets, or custom templates.\u003C\u002Fp>\n\u003Ch4>Developer Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Hooks & Filters\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Customize login redirect:\u003Cbr \u002F>\n    add_filter(‘wpa_after_login_redirect’, ‘custom_redirect_function’);\u003C\u002Fp>\n\u003Cp>Modify email headers:\u003Cbr \u002F>\n    add_filter(‘wpa_email_headers’, ‘custom_email_headers’);\u003C\u002Fp>\n\u003Cp>Change token expiration:\u003Cbr \u002F>\n    add_filter(‘wpa_change_link_expiration’, ‘custom_expiration_time’);\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Modular Architecture\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clean, organized class structure\u003Cbr \u002F>\n* Separated concerns for easy maintenance\u003Cbr \u002F>\n* WordPress coding standards compliance\u003Cbr \u002F>\n* Extensive documentation and comments\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong>: 3.9 or higher (tested up to 6.8)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP\u003C\u002Fstrong>: 7.4 or higher\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Delivery\u003C\u002Fstrong>: SMTP recommended for reliability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: Keyless Auth complements WordPress’s default login system – it doesn’t replace it.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developed by Chris Martens | Based on the original Passwordless Login plugin by Cozmoslabs\u003C\u002Fstrong>\u003C\u002Fp>\n","Secure, passwordless authentication for WordPress. Your users login via magic email links – no passwords to remember or forget.",1177,"2025-11-24T22:55:00.000Z","3.9",[136,18,21,137,138],"2fa","secure-login","smtp","https:\u002F\u002Fgithub.com\u002Fchrmrtns\u002Fkeyless-auth","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeyless-auth.3.2.4.zip",{"attackSurface":142,"codeSignals":215,"taintFlows":222,"riskAssessment":223,"analyzedAt":231},{"hooks":143,"ajaxHandlers":192,"restRoutes":206,"shortcodes":207,"cronEvents":212,"entryPointCount":213,"unprotectedCount":214},[144,150,155,157,160,164,169,173,176,180,185,190],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","init","load_textdomain","includes\\class-xclickpw-core.php",79,{"type":145,"name":151,"callback":152,"file":153,"line":154},"login_enqueue_scripts","enqueue_scripts","includes\\class-xclickpw-frontend.php",27,{"type":145,"name":146,"callback":156,"file":153,"line":33},"maybe_include_woocommerce",{"type":145,"name":158,"callback":152,"file":153,"line":159},"wp_enqueue_scripts",39,{"type":145,"name":146,"callback":161,"file":162,"line":163},"handle_magic_link","includes\\class-xclickpw-handler.php",25,{"type":145,"name":165,"callback":166,"file":167,"line":168},"admin_menu","add_plugin_menu","includes\\class-xclickpw-settings.php",67,{"type":145,"name":170,"callback":171,"file":167,"line":172},"admin_init","register_settings",68,{"type":145,"name":146,"callback":174,"file":167,"line":175},"init_options",69,{"type":145,"name":177,"callback":178,"file":167,"line":179},"wp_dashboard_setup","dashboard_widget",70,{"type":181,"name":182,"callback":183,"priority":31,"file":167,"line":184},"filter","plugin_row_meta","add_plugin_meta_links",72,{"type":145,"name":186,"callback":187,"file":188,"line":189},"woocommerce_login_form_start","enqueue_custom_wc_login_script","integration\\class-xclickpw-woocommerce.php",32,{"type":145,"name":158,"callback":152,"file":188,"line":191},33,[193,197,200,204],{"action":194,"nopriv":195,"callback":196,"hasNonce":195,"hasCapCheck":195,"file":153,"line":163},"password_less_login",false,"handle_login_request",{"action":194,"nopriv":198,"callback":196,"hasNonce":195,"hasCapCheck":195,"file":153,"line":199},true,26,{"action":201,"nopriv":195,"callback":202,"hasNonce":195,"hasCapCheck":195,"file":188,"line":203},"password_less_wc_login","handle_wc_login_request",34,{"action":201,"nopriv":198,"callback":202,"hasNonce":195,"hasCapCheck":195,"file":188,"line":205},35,[],[208],{"tag":209,"callback":210,"file":153,"line":211},"xclickpw_login_form","login_form",24,[],5,4,{"dangerousFunctions":216,"sqlUsage":217,"outputEscaping":219,"fileOperations":11,"externalRequests":11,"nonceChecks":30,"capabilityChecks":11,"bundledLibraries":221},[],{"prepared":11,"raw":11,"locations":218},[],{"escaped":113,"rawEcho":11,"locations":220},[],[],[],{"summary":224,"deductions":225},"The \"1-click-passwordless-login\" v1.0.0 plugin exhibits a concerning security posture primarily due to a significant number of unprotected entry points. While the plugin demonstrates good practices in areas like SQL query sanitization and output escaping, the absence of authentication checks on four out of its five entry points, specifically AJAX handlers, presents a substantial risk. This means that any user, regardless of their logged-in status or role, could potentially interact with and trigger functionality within these unprotected AJAX handlers, leading to unintended consequences or exploitation if the plugin's logic allows for it.\n\nThe static analysis reveals no dangerous functions, file operations, or external HTTP requests, which are positive indicators. The presence of nonce checks on two handlers is also a good sign, though the absence of capability checks on any entry point is a critical oversight. The vulnerability history being clean is a strength, suggesting that the plugin might not have been a target for attackers or that past versions were well-maintained. However, the current unprotected entry points remain a significant concern that overshadows the otherwise positive code signals and clean history. It's crucial to address these unprotected AJAX handlers to mitigate potential security risks.",[226,228],{"reason":227,"points":31},"Unprotected AJAX handlers",{"reason":229,"points":230},"No capability checks on entry points",8,"2026-03-17T06:08:55.864Z",{"wat":233,"direct":252},{"assetPaths":234,"generatorPatterns":238,"scriptPaths":239,"versionParams":248},[235,236,237],"\u002Fwp-content\u002Fplugins\u002F1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-login.js","\u002Fwp-content\u002Fplugins\u002F1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-woocommerce.js","\u002Fwp-content\u002Fplugins\u002F1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-wc-custom-login.js",[],[240,241,242,243,244,245,246,247],"includes\u002Fclass-xclickpw-handler.php","includes\u002Fclass-xclickpw-email.php","includes\u002Fclass-xclickpw-token.php","includes\u002Fclass-xclickpw-settings.php","includes\u002Fclass-xclickpw-frontend.php","includes\u002Fclass-xclickpw-core.php","includes\u002Fhelpers.php","integration\u002Fclass-xclickpw-woocommerce.php",[249,250,251],"1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-login.js?ver=","1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-woocommerce.js?ver=","1-click-passwordless-login\u002Fassets\u002Fjs\u002Fxclickpw-password-less-wc-custom-login.js?ver=",{"cssClasses":253,"htmlComments":258,"htmlAttributes":259,"restEndpoints":262,"jsGlobals":263,"shortcodeOutput":266},[254,255,256,257],"password-less-login-form","xclickpw-password-less-login","xclickpw-email","xclickpw-message",[],[260,261],"id=\"xclickpw-password-less-login\"","id=\"xclickpw-email\"",[],[264,265],"password_less_login_data","password_less_wc_data",[267,268,269,270,271,272,273,274],"\u003Cdiv class=\"password-less-login-form\">","\u003Cform id=\"xclickpw-password-less-login\">","\u003Clabel for=\"xclickpw-email\">Enter your email to login:\u003C\u002Flabel>","\u003Cinput type=\"email\" id=\"xclickpw-email\" name=\"user_email\" required>","\u003Cbutton type=\"submit\">Send Login Link\u003C\u002Fbutton>","\u003Cp class=\"xclickpw-message\">\u003C\u002Fp>","\u003C\u002Fform>","\u003C\u002Fdiv>"]