WP-Safety

Adaptive Login Action Security & Risk Analysis

wordpress.org/plugins/adaptive-login-action

Adaptive Login Form: Adjusting compromise between Comfort and Paranoia.

0 active installs v3.11 PHP 5.4+ WP 4.1+ Updated Mar 3, 2026
authenticationcaptchaloginsecurityuser
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Adaptive Login Action Safe to Use in 2026?

Generally Safe

Score 100/100

Adaptive Login Action has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The adaptive-login-action v3.11 plugin exhibits a strong security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero attack surface and no unprotected entry points. Furthermore, the code demonstrates excellent adherence to security best practices by using prepared statements for all SQL queries, properly escaping all output, and including nonce and capability checks. The absence of dangerous functions, file operations, and external HTTP requests further bolsters its security. The taint analysis revealed two flows with unsanitized paths, but these were not flagged as critical or high severity, suggesting a low risk of exploitation in these specific instances. The plugin also has no recorded vulnerability history, which is a positive indicator of its overall stability and security diligence. While the two unsanitized path flows are a minor concern, the plugin's design and the lack of historical vulnerabilities point to a generally secure and well-maintained component.

Key Concerns

  • Unsanitized paths in taint analysis
Vulnerabilities
None known

Adaptive Login Action Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Adaptive Login Action Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
0
119 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

100% escaped119 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
AdaptiveLoginAction_Action_login_form (adaptive-login-action.php:54)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Adaptive Login Action Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actioninitadaptive-login-action.php:27
actionlogin_enqueue_scriptsadaptive-login-action.php:36
actionlogin_formadaptive-login-action.php:53
filterwp_authenticate_useradaptive-login-action.php:280
actionwp_loginadaptive-login-action.php:375
actionwp_login_failedadaptive-login-action.php:445
filterlogin_errorsadaptive-login-action.php:536
actionadmin_menuincludes\admin\admin.php:12
actionadmin_enqueue_scriptsincludes\admin\admin.php:25
filterplugin_action_links_adaptive-login-action/adaptive-login-action.phpincludes\admin\admin.php:39
Maintenance & Trust

Adaptive Login Action Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 3, 2026
PHP min version5.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Adaptive Login Action Alternatives

Wordfence Login Security

Wordfence Login Security

wordfence-login-security

A
92

Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.

70K No CVEs
Admintosh – WordPress admin customization and security tools

Admintosh – WordPress admin customization and security tools

admintosh

A
100

login attempts, Firewall, reCAPTCHA, country restriction, Login History, change wp-login.php to anything make sure your site security.

50 No CVEs
Greyfu Login Captcha

Greyfu Login Captcha

greyfu-login-captcha

A
100

A lightweight captcha that protects your WordPress login page from automated bot attacks using a simple math challenge.

0 No CVEs
All-In-One Security (AIOS) – Security and Firewall

All-In-One Security (AIOS) – Security and Firewall

all-in-one-wp-security-and-firewall

A
93

Protect your website investment with All-In-One Security (AIOS) – a comprehensive and easy to use security plugin designed especially for WordPress.

1.0M 26 CVEs
SiteGuard WP Plugin

SiteGuard WP Plugin

siteguard

B
76

SiteGurad WP Plugin is the plugin specialized for the protection against the attack to the management page and login.

600K 1 unpatched
Developer Profile

Adaptive Login Action Developer Profile

wpgear

15 plugins · 2K total installs

86
trust score
Avg Security Score
97/100
Avg Patch Time
33 days
View full developer profile
Detection Fingerprints

How We Detect Adaptive Login Action

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/adaptive-login-action/style.css
Version Parameters
adaptive-login-action/style.css?ver=

HTML / DOM Fingerprints

CSS Classes
adaptive-login-action_thresholdadaptive-login-action_blockedadaptive-login-action_blocked_timeoutadaptive-login-action_security_field_ipadaptive-login-action_field_secretkeyadaptive-login-action_trusted_field_ip
Data Attributes
id="adaptive-login-action_secretkey"name="adaptive-login-action_secretkey"
FAQ

Frequently Asked Questions about Adaptive Login Action