[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiVXBqXKis85Xr9NZVgAGw6Gd4AzRbMgpN7gDGdPuJKU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":133,"fingerprints":212},"admin-notify","Admin Notify","1.0.5","Eliyahna","https:\u002F\u002Fprofiles.wordpress.org\u002Feliyahna\u002F","\u003Cp>The \u003Cstrong>Admin Notify\u003C\u002Fstrong> plugin sends email notifications to the administrator whenever an \u003Cstrong>administrator account\u003C\u002Fstrong> is:\u003Cbr \u002F>\n– Added\u003Cbr \u002F>\n– Password is changed\u003Cbr \u002F>\n– Downgraded\u003Cbr \u002F>\n– Deleted\u003C\u002Fp>\n\u003Cp>This plugin helps keep your WordPress site secure by notifying the administrator of important changes to user accounts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Email notification when a new administrator is added.\u003Cbr \u002F>\n– Email notification when an administrator’s password is changed.\u003Cbr \u002F>\n– Email notification when an administrator is deleted.\u003Cbr \u002F>\n– Email notification when an administrator is downgraded.\u003Cbr \u002F>\n– Easily configurable via the plugin settings page.\u003C\u002Fp>\n\u003Cp>This plugin requires the administrator’s email to be configured in the plugin settings.\u003C\u002Fp>\n\u003Ch3>Acknowledgments\u003C\u002Fh3>\n\u003Cp>Special thanks to the contributors at WordPress.org for providing a platform for plugins and helping make WordPress an open and secure CMS.\u003C\u002Fp>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cp>This plugin has been developed with security in mind and follows WordPress best practices for securing input and output. However, it is important to:\u003Cbr \u002F>\n– Ensure that your WordPress installation and all plugins are kept up to date.\u003Cbr \u002F>\n– Use strong passwords for your administrator accounts.\u003Cbr \u002F>\n– Regularly monitor your site’s user activity.\u003C\u002Fp>\n","Short Description: Admin Notify sends email notifications when administrator accounts are added, updated, or deleted.",10,733,100,1,"2025-04-16T18:58:00.000Z","6.8.5","5.0","",[20,21,22,23,24],"admin-notification","admin-role-change","password-change","security","user-management","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-notify.1.0.5.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"eliyahna",3,30,94,"2026-04-04T05:50:39.743Z",[37,60,78,95,110],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":13,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":58,"download_link":59,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"password-reset-enforcement","Password Reset Enforcement","1.11.1","Teydea Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fteydeastudio\u002F","\u003Cp>\u003Cstrong>Enhance your WordPress website’s security by forcing users to reset their passwords.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Password Reset Enforcement is a simple yet powerful security plugin that allows site administrators to require users to update their passwords—ideal after a potential data breach, routine security checks, or during onboarding\u002Foffboarding processes.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Force password reset for all users\u003C\u002Fstrong>, specific user roles, or individual users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional email notification\u003C\u002Fstrong> to users with a direct reset link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible login behavior\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Cem>Allow login before resetting\u003C\u002Fem>: users log in with the old password, are immediately prompted to set a new one.\u003C\u002Fli>\n\u003Cli>\u003Cem>Block login until reset\u003C\u002Fem>: users must reset their password before accessing the dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose reset timing\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Cem>Immediately\u003C\u002Fem>: forces logout and password reset on next login.\u003C\u002Fli>\n\u003Cli>\u003Cem>After session expiry\u003C\u002Fem>: users are asked to reset after their current session ends.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI support\u003C\u002Fstrong> for command-line password management and automation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite compatible\u003C\u002Fstrong> (network-wide reset only).\u003C\u002Fli>\n\u003Cli>Optimized for performance on large-scale and enterprise WordPress installations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Responding to a \u003Cstrong>security breach\u003C\u002Fstrong> or suspected compromise.\u003C\u002Fli>\n\u003Cli>Enforcing \u003Cstrong>routine password changes\u003C\u002Fstrong> in corporate environments.\u003C\u002Fli>\n\u003Cli>Applying \u003Cstrong>onboarding\u002Foffboarding security policies\u003C\u002Fstrong> for teams or membership sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Works on both single-site and multisite (network) WordPress setups.\u003C\u002Fli>\n\u003Cli>Supports PHP 7.4+ and WordPress 6.6 through 6.8.\u003C\u002Fli>\n\u003Cli>Compatible with modern WordPress admin experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WP-CLI Commands\u003C\u002Fh3>\n\u003Cp>This plugin provides WP-CLI commands for automated password reset management:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Force Password Reset\u003C\u002Fstrong>\u003Cbr \u002F>\n    wp password-reset-enforcement force [–to_all] [–to_roles=] [–to_users=] [–applicability=] [–with_email] [–with_current_password_allowed] [–limit=] [–paged=]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clear Password Reset Enforcement\u003C\u002Fstrong>\u003Cbr \u002F>\n    wp password-reset-enforcement clear [–to_all] [–to_roles=] [–to_users=] [–limit=] [–paged=]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>List Users with Enforced Password Reset\u003C\u002Fstrong>\u003Cbr \u002F>\n    wp password-reset-enforcement list [–limit=] [–paged=]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Check Password Reset Status\u003C\u002Fstrong>\u003Cbr \u002F>\n    wp password-reset-enforcement status [–to_all] [–to_roles=] [–to_users=] [–limit=] [–paged=]\u003C\u002Fp>\n\u003Ch4>Command Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>--to_all\u003C\u002Fcode>: Target all users on the site\u003C\u002Fli>\n\u003Cli>\u003Ccode>--to_roles=\u003Croles>\u003C\u002Fcode>: Comma-separated list of user roles (e.g., editor,administrator)\u003C\u002Fli>\n\u003Cli>\u003Ccode>--to_users=\u003Cuser_ids>\u003C\u002Fcode>: Comma-separated list of specific user IDs (e.g., 1,5,10)\u003C\u002Fli>\n\u003Cli>\u003Ccode>--applicability=\u003Cwhen>\u003C\u002Fcode>: When reset takes effect (immediately, after_session_expiry)\u003C\u002Fli>\n\u003Cli>\u003Ccode>--with_email\u003C\u002Fcode>: Send email notifications to affected users (default: true)\u003C\u002Fli>\n\u003Cli>\u003Ccode>--with_current_password_allowed\u003C\u002Fcode>: Allow users to reuse current password (default: false)\u003C\u002Fli>\n\u003Cli>\u003Ccode>--limit=\u003Cnumber>\u003C\u002Fcode>: Maximum users to process in single operation\u003C\u002Fli>\n\u003Cli>\u003Ccode>--paged=\u003Cpage>\u003C\u002Fcode>: Page number for pagination\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Command Examples\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>wp password-reset-enforcement force --to_all\nwp password-reset-enforcement force --to_roles=editor,administrator --applicability=after_session_expiry\nwp password-reset-enforcement clear --to_users=1,5,10\nwp password-reset-enforcement list --limit=50 --paged=2\nwp password-reset-enforcement status --to_all --limit=50 --paged=2\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Want to go beyond forced password resets? Check our \u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002F?utm_source=Password+Reset+Enforcement\" rel=\"nofollow ugc\">WP Password Policy\u003C\u002Fa> plugin to enforce strong password rules, block weak passwords, and set automatic expiry policies — so you’ll never need to force a password reset again. [https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-requirements\u002F](Free version available on WordPress.org).\u003C\u002Fp>\n","Easily enforce password reset for WordPress users. Choose to force password changes site-wide, by user and\u002For by role, to boost your site's security.",3589,80,2,"2025-11-28T14:31:00.000Z","6.9.4","6.6","7.4",[53,54,55,56,57],"force-password-change","password-enforcement","reset-password","secure-login","wordpress-security","https:\u002F\u002Fteydeastudio.com\u002F?utm_source=Password+Reset+Enforcement","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-reset-enforcement.1.11.1.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":26,"downloaded":68,"rating":26,"num_ratings":26,"last_updated":69,"tested_up_to":49,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"last-login-info-display","Last Login Info Display","1.1.1","Ahmod Musa","https:\u002F\u002Fprofiles.wordpress.org\u002Fmusabin\u002F","\u003Cp>Last Login Info Display is a lightweight WordPress plugin that helps administrators track user activity by displaying the last login time and total login count for each user in the WordPress admin users list.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Last Login Tracking\u003C\u002Fstrong>: Adds a sortable “Last Login” column showing when each user last logged in\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Count\u003C\u002Fstrong>: Tracks and displays the total number of logins for each user\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sortable Columns\u003C\u002Fstrong>: Sort users by last login time or login count\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite Compatible\u003C\u002Fstrong>: Works perfectly with WordPress Multisite installations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong>: Includes .pot file for translations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong>: Optimized for performance with minimal database overhead\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Configuration Needed\u003C\u002Fstrong>: Works out of the box after activation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Uninstall\u003C\u002Fstrong>: Removes all plugin data when uninstalled\u003C\u002Fli>\n\u003C\u002Ful>\n","Track user activity with a detailed \"Last Login\" and \"Login Count\" column in the WordPress Users dashboard.",334,"2026-01-02T13:44:00.000Z","4.9","7.0",[73,74,23,24,75],"admin","login","users","https:\u002F\u002Fahmodmusa.com\u002Flast-login-info-display\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flast-login-info-display.1.1.1.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":26,"downloaded":86,"rating":26,"num_ratings":26,"last_updated":18,"tested_up_to":49,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":92,"download_link":93,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":94},"permanent-user-password","Permanent User Password","1.0.1","Fahid Javid","https:\u002F\u002Fprofiles.wordpress.org\u002Ffahidjavid\u002F","\u003Cp>Permanent User Password is a simple yet powerful plugin that allows administrators to set permanent passwords for users on their WordPress websites. Enhance security and provide long-term access to selected users with ease.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Flexibility\u003C\u002Fstrong>: Admins can set permanent passwords for users, ensuring long-term access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: Enhanced security by allowing the creation of permanent passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ease of Use\u003C\u002Fstrong>: Simple interface for admins to manage permanent passwords on their WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Front-end Login Compatibility\u003C\u002Fstrong>: Very useful when front-end login and user profile is enabled.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Demo User Setup\u003C\u002Fstrong>: Ideal for setting up demo users for demonstration purposes, avoiding visitors to change passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n","A light-weight WordPress plugin that empowers administrators to set permanent passwords for users on their websites.",545,"6.0","8.3",[90,91,79,23,24],"password","permanent-password","https:\u002F\u002Fgithub.com\u002Ffahidjavid\u002Fpermanent-user-password","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpermanent-user-password.1.0.1.zip","2026-03-15T10:48:56.248Z",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":26,"downloaded":103,"rating":26,"num_ratings":26,"last_updated":104,"tested_up_to":16,"requires_at_least":17,"requires_php":51,"tags":105,"homepage":18,"download_link":109,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"storm-clean-admin","Storm Clean Admin","1.0.0","Wpstorm Genius","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpstormdev\u002F","\u003Cp>\u003Cstrong>Storm Clean Admin\u003C\u002Fstrong> is a lightweight and performance-focused WordPress plugin that helps site administrators manage inactive users, track activity, and maintain a clean, secure dashboard.\u003C\u002Fp>\n\u003Cp>Built with a modern React-powered interface and adhering to WordPress coding standards, it provides a seamless experience for both administrators and site managers.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🚀 \u003Cstrong>Fast & Lightweight\u003C\u002Fstrong> – Uses native WordPress APIs for optimal performance.\u003C\u002Fli>\n\u003Cli>🧍‍♂️ \u003Cstrong>Smart User Management\u003C\u002Fstrong> – Detect, deactivate, or delete inactive users automatically.\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – Monitor user login activity, registrations, and engagement.\u003C\u002Fli>\n\u003Cli>⚙️ \u003Cstrong>Custom Automation\u003C\u002Fstrong> – Schedule cleanups and inactivity checks.\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Security Focused\u003C\u002Fstrong> – Protects admin and critical roles from accidental removal.\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Modern UI\u003C\u002Fstrong> – Clean, responsive React interface integrated with WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use Storm Clean Admin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keep your user database clean and efficient\u003C\u002Fli>\n\u003Cli>Identify dormant or risky accounts\u003C\u002Fli>\n\u003Cli>Automate routine maintenance tasks\u003C\u002Fli>\n\u003Cli>Improve visibility on user activity\u003C\u002Fli>\n\u003Cli>Maintain GDPR compliance by removing unused accounts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built For Admins and Developers\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fully compatible with WordPress coding and security standards\u003C\u002Fli>\n\u003Cli>Translation-ready and fully localizable\u003C\u002Fli>\n\u003Cli>Uses WordPress REST API for scalability and speed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Works with WordPress 5.0+\u003C\u002Fli>\n\u003Cli>Tested up to 6.8.3\u003C\u002Fli>\n\u003Cli>Supports classic and block themes\u003C\u002Fli>\n\u003Cli>Translation-ready with included \u003Ccode>.pot\u003C\u002Fcode> file\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Inactive Users Management\u003C\u002Fstrong> – Automatically detect and manage inactive accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Activity Tracking\u003C\u002Fstrong> – Track login times and last activity\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automated Cleanup\u003C\u002Fstrong> – Schedule automatic cleanup of inactive users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> – View site and user activity trends\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Exclusions\u003C\u002Fstrong> – Exclude specific user roles from inactivity checks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Actions\u003C\u002Fstrong> – Deactivate or delete inactive users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Charts\u003C\u002Fstrong> – Visualize login and registration patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Actions\u003C\u002Fstrong> – Apply actions to multiple users simultaneously\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security-Focused\u003C\u002Fstrong> – Built with WordPress best practices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong> – Responsive React dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Navigate to \u003Cstrong>Storm Clean Admin\u003C\u002Fstrong> in the WordPress admin menu.\u003C\u002Fli>\n\u003Cli>Configure inactivity thresholds and exclusion rules.\u003C\u002Fli>\n\u003Cli>Enable automatic cleanup or manage users manually.\u003C\u002Fli>\n\u003Cli>Monitor user activity and manage accounts from the dashboard.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>All user login times are tracked locally in your database. No external data transmission occurs. Data remains on your WordPress installation.\u003C\u002Fp>\n\u003Ch3>Roadmap\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multisite compatibility\u003C\u002Fli>\n\u003Cli>Email notifications for inactive users\u003C\u002Fli>\n\u003Cli>Export\u002Fimport cleanup logs\u003C\u002Fli>\n\u003Cli>WooCommerce integration for user activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Documentation, FAQs, and support: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\u002Fclean-admin\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u002Fclean-admin\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Feedback & Contribution\u003C\u002Fh3>\n\u003Cp>Report issues or share ideas: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\u002Fsupport\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u002Fsupport\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Cstrong>Wpstorm Team\u003C\u002Fstrong>\u003Cbr \u002F>\nWebsite: \u003Ca href=\"https:\u002F\u002Fwpstorm.ir\" rel=\"nofollow ugc\">https:\u002F\u002Fwpstorm.ir\u003C\u002Fa>\u003C\u002Fp>\n","A modern WordPress plugin to manage inactive users, monitor site activity, and keep your site optimized and secure.",125,"2025-11-29T20:28:00.000Z",[106,107,108,23,24],"admin-tools","inactive-users","optimization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstorm-clean-admin.1.0.0.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":34,"num_ratings":120,"last_updated":121,"tested_up_to":49,"requires_at_least":122,"requires_php":71,"tags":123,"homepage":128,"download_link":129,"security_score":130,"vuln_count":131,"unpatched_count":26,"last_vuln_date":132,"fetched_at":28},"wordfence","Wordfence Security – Firewall, Malware Scan, and Login Security","8.1.4","Mark Maunder","https:\u002F\u002Fprofiles.wordpress.org\u002Fmmaunder\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fi4ZN2TwlaBE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER\u003C\u002Fh4>\n\u003Cp>WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.\u003C\u002Fp>\n\u003Cp>Choose the right protection for you: \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fpricing\u002F\" rel=\"nofollow ugc\">Wordfence Free, Premium, Care or Response\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.\u003C\u002Fp>\n\u003Cp>At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.\u003C\u002Fp>\n\u003Cp>The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more.\u003C\u002Fstrong> Our \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002F\" rel=\"nofollow ugc\">Threat Defense Feed\u003C\u002Fa> arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.\u003C\u002Fp>\n\u003Cp>Rounded out by 2FA and a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.\u003C\u002Fp>\n\u003Ch3>🔥 WORDPRESS FIREWALL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002F\" rel=\"nofollow ugc\">Web Application Firewall\u003C\u002Fa>\u003C\u002Fstrong> identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time firewall rule and malware signature [Premium]\u003C\u002Fstrong> updates via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002F\" rel=\"nofollow ugc\">Real-time IP Blocklist\u003C\u002Fa> [Premium]\u003C\u002Fstrong> blocks all requests from the most malicious IPs, protecting your site while reducing load.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protects your site at the endpoint\u003C\u002Fstrong>, enabling deep integration with WordPress. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fscan\u002F\" rel=\"nofollow ugc\">Integrated malware scanner\u003C\u002Fa>\u003C\u002Fstrong> blocks requests that include malicious code or content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002Fbrute-force\u002F\" rel=\"nofollow ugc\">Protection from brute force\u003C\u002Fa>\u003C\u002Fstrong> attacks by limiting login attempts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📡 WORDPRESS SECURITY SCANNER\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malware scanner\u003C\u002Fstrong> checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time malware signature updates [Premium]\u003C\u002Fstrong> via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compares with WordPress.org repository\u003C\u002Fstrong> your core files, themes and plugins, checking their integrity and reporting any changes to you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Repair WordPress core, theme, and plugin files\u003C\u002Fstrong> that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malware Removal Tools\u003C\u002Fstrong> “Delete File” and “Delete All Deletable Files” options allow for efficient malware removal. Remember to investigate the scan results and backup files first!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your site for known security vulnerabilities\u003C\u002Fstrong> and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your content safety\u003C\u002Fstrong> by scanning file contents, posts and comments for dangerous URLs and suspicious content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks to see if your site or IP have been blocklisted [Premium]\u003C\u002Fstrong> for malicious activity, generating spam or other security issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔒 LOGIN SECURITY\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">Two-factor authentication (2FA)\u003C\u002Fa>\u003C\u002Fstrong>, one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F\" rel=\"nofollow ugc\">Login Page CAPTCHA\u003C\u002Fa>\u003C\u002Fstrong> stops bots from logging in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F#woocommerce-and-custom-integrations\" rel=\"nofollow ugc\">2FA for WooCommerce and custom integrations\u003C\u002Fa>\u003C\u002Fstrong> allow for 2FA to be setup on custom account pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC\u003C\u002Fstrong> options including disabling or adding 2FA.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Security:\u003C\u002Fstrong> Block logins for administrators using known compromised passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 SECURITY AUDIT LOG [Premium]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Faudit-log\" rel=\"nofollow ugc\">The Audit Log\u003C\u002Fa>\u003C\u002Fstrong> monitors all changes and actions in security-sensitive areas of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remote tamper-proof data storage\u003C\u002Fstrong> via Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor events and actions\u003C\u002Fstrong> ranging  from user creation and editing to plugin\u002Ftheme installation and updates to post and page changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable\u003C\u002Fstrong> to log all events or significant events only, which includes all authentication, site configuration, and site functionality events.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 WORDFENCE CENTRAL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fwordfence-central\u002F\" rel=\"nofollow ugc\">Wordfence Central\u003C\u002Fa>\u003C\u002Fstrong> is a powerful and efficient way to manage the security for multiple sites in one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Centralized management:\u003C\u002Fstrong> Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful templates\u003C\u002Fstrong> make configuring Wordfence a breeze.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly configurable alerts\u003C\u002Fstrong> can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Track and alert on important security events\u003C\u002Fstrong> including administrator logins, breached password usage and surges in attack activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free to use\u003C\u002Fstrong> for unlimited sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ SECURITY TOOLS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Flive-traffic\u002F\" rel=\"nofollow ugc\">Live Traffic\u003C\u002Fa>\u003C\u002Fstrong> monitors visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block attackers by IP\u003C\u002Fstrong> or build advanced rules based on IP Range, Hostname, User Agent and Referrer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002Fcountry-blocking\u002F\" rel=\"nofollow ugc\">Country blocking\u003C\u002Fa>\u003C\u002Fstrong> available with Wordfence Premium.\u003C\u002Fli>\n\u003C\u002Ful>\n","Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.",5000000,406617999,4829,"2025-12-20T21:06:00.000Z","4.7",[124,125,126,127,23],"2fa","firewall","malware","scanner","https:\u002F\u002Fwww.wordfence.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordfence.8.1.4.zip",96,12,"2022-09-06 00:00:00",{"attackSurface":134,"codeSignals":169,"taintFlows":177,"riskAssessment":205,"analyzedAt":211},{"hooks":135,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":26,"unprotectedCount":26},[136,142,146,150,153,157,161],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","Eliyahna\\AdminNotify\\admin_notify_menu","admin-notify.php",34,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_init","Eliyahna\\AdminNotify\\admin_notify_register_settings",75,{"type":137,"name":147,"callback":148,"priority":11,"file":140,"line":149},"profile_update","Eliyahna\\AdminNotify\\admin_notify_user_updated",105,{"type":137,"name":151,"callback":148,"priority":11,"file":140,"line":152},"user_register",106,{"type":137,"name":154,"callback":155,"priority":11,"file":140,"line":156},"set_user_role","Eliyahna\\AdminNotify\\admin_notify_role_changed",126,{"type":137,"name":158,"callback":159,"file":140,"line":160},"delete_user","Eliyahna\\AdminNotify\\admin_notify_user_deleted",135,{"type":137,"name":162,"callback":163,"file":140,"line":164},"admin_post_save_eliyahna_admin_notify_settings","Eliyahna\\AdminNotify\\admin_notify_save_settings",160,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":26,"externalRequests":26,"nonceChecks":14,"capabilityChecks":26,"bundledLibraries":176},[],{"prepared":26,"raw":26,"locations":172},[],{"escaped":174,"rawEcho":26,"locations":175},8,[],[],[178,197],{"entryPoint":179,"graph":180,"unsanitizedCount":26,"severity":196},"admin_notify_save_settings (admin-notify.php:150)",{"nodes":181,"edges":193},[182,187],{"id":183,"type":184,"label":185,"file":140,"line":186},"n0","source","$_POST",153,{"id":188,"type":189,"label":190,"file":140,"line":191,"wp_function":192},"n1","sink","update_option() [Settings Manipulation]",154,"update_option",[194],{"from":183,"to":188,"sanitized":195},true,"low",{"entryPoint":198,"graph":199,"unsanitizedCount":26,"severity":196},"\u003Cadmin-notify> (admin-notify.php:0)",{"nodes":200,"edges":203},[201,202],{"id":183,"type":184,"label":185,"file":140,"line":186},{"id":188,"type":189,"label":190,"file":140,"line":191,"wp_function":192},[204],{"from":183,"to":188,"sanitized":195},{"summary":206,"deductions":207},"The \"admin-notify\" plugin v1.0.5 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified dangerous functions, SQL queries executed without prepared statements, unsanitized taint flows, and properly escaped output are all excellent indicators of secure coding practices. Furthermore, the plugin has no recorded vulnerabilities, including CVEs, which suggests a history of diligent security maintenance and a lack of previously discovered exploitable flaws. The presence of a nonce check is a positive sign, although the lack of capability checks on entry points warrants attention.\n\nWhile the plugin appears secure on the surface with a zero attack surface and no critical or high severity issues identified in taint analysis, the absence of capability checks on all entry points presents a potential area for concern. If any of the zero identified entry points were to become exposed or if a future update introduces them, the lack of proper authorization enforcement could lead to privilege escalation or unauthorized actions. The plugin's history of no vulnerabilities is a significant strength, indicating a low likelihood of immediate risk, but it's crucial to ensure that future development continues to adhere to these secure coding standards, particularly regarding authorization checks.",[208],{"reason":209,"points":210},"Missing capability checks on entry points",5,"2026-03-16T23:59:32.248Z",{"wat":213,"direct":218},{"assetPaths":214,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[],[],[],[],{"cssClasses":219,"htmlComments":222,"htmlAttributes":225,"restEndpoints":229,"jsGlobals":230,"shortcodeOutput":231},[220,221],"wrap","form-table",[223,224],"\u003C!-- Add nonce field for security -->","\u003C!-- Ensure this is the very first line in the file -->",[226,227,228],"name=\"eliyahna_admin_notify_email\"","name=\"eliyahna_admin_notify_nonce\"","value=\"\u003C?php echo esc_attr(get_option(ELIYAHNA_ADMIN_NOTIFY_OPTION)); ?>\"",[],[],[232,233],"\u003Ch1>Admin Notify Settings\u003C\u002Fh1>","\u003Cdiv style=\"text-align: left; font-size: 14px; margin-bottom: 10px;\">בס״ד\u003C\u002Fdiv>"]