[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fROj_k0zufvuIxB7udRpngl-zw4wKKGQYBaQ_07dyixQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":119,"fingerprints":253},"agent-ai-bot-protect","Agent AI Bot Protect","1.0.0","botshield","https:\u002F\u002Fprofiles.wordpress.org\u002Fbotshield\u002F","\u003Cp>Agent AI Bot Protect is a powerful WordPress security plugin designed to protect your valuable content from being scraped by AI bots and crawlers. As AI technologies advance, more bots are harvesting web content without permission to train large language models and other AI systems.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Real-time Monitoring\u003C\u002Fstrong> – Track and analyze bot activity with detailed logs and reports\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Low Performance Impact\u003C\u002Fstrong> – Optimized code ensures minimal impact on your site’s loading speed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong> – Simple setup with no technical knowledge required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Agent AI Bot Protect helps website owners maintain control over their intellectual property by preventing unauthorized data harvesting while ensuring legitimate users and search engines can still access your content normally.\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>To contribute to this project please see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FAgentMantis\u002Fagent-ai-bot-protect\" rel=\"nofollow ugc\">Github Repo\u003C\u002Fa>\u003C\u002Fp>\n","Agent AI Bot Protect protects your WordPress content from AI scraping bots, preventing unauthorized data harvesting for AI training.",0,290,"2025-06-02T04:35:00.000Z","6.8.5","5.0","7.4",[18,19,20,21,22],"ai-protection","anti-scraping","bot-protection","content-protection","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fagent-ai-bot-protect.1.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-04T04:22:54.131Z",[35,51,68,82,102],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":25,"num_ratings":45,"last_updated":23,"tested_up_to":14,"requires_at_least":46,"requires_php":16,"tags":47,"homepage":23,"download_link":49,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":50},"ai-scraping-protector","AI Scraping Protector","1.1.0","Debashish Mondal","https:\u002F\u002Fprofiles.wordpress.org\u002Fdba6060\u002F","\u003Cp>AI Scraping Protector helps safeguard your WordPress site from automated AI content scraping tools like ChatGPT, Claude, and other aggressive crawlers.\u003C\u002Fp>\n\u003Cp>The plugin combines \u003Cstrong>bot detection, IP blocking, rate limiting, and content protection\u003C\u002Fstrong> to ensure your valuable content stays safe while keeping the site experience smooth for legitimate visitors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Content Protection\u003C\u002Fstrong> – Prevents automated tools from copying your posts\u002Fpages.\u003Cbr \u002F>\n* \u003Cstrong>Advanced Bot Detection\u003C\u002Fstrong> – Identifies AI scrapers and malicious bots via user agent patterns and IP ranges.\u003Cbr \u002F>\n* \u003Cstrong>Rate Limiting\u003C\u002Fstrong> – Two-tier protection:\u003Cbr \u002F>\n  – Burst: 30 requests per minute\u003Cbr \u002F>\n  – Standard: 1000 requests per hour\u003Cbr \u002F>\n* \u003Cstrong>Security Headers\u003C\u002Fstrong> – Adds multiple HTTP headers (X-Frame-Options, X-Robots-Tag, etc.) for extra protection.\u003Cbr \u002F>\n* \u003Cstrong>Per-Post\u002FPage Control\u003C\u002Fstrong> – Enable or disable protection individually.\u003Cbr \u002F>\n* \u003Cstrong>Extensive Bot Network Blocking\u003C\u002Fstrong> – Includes Google, Microsoft, and other known scraper networks.\u003Cbr \u002F>\n* \u003Cstrong>Admin Tools\u003C\u002Fstrong> – Logging, status reporting, and reset options.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect or process personal data of any kind.\u003C\u002Fp>\n","Protect your WordPress content from AI scraping bots with advanced detection, rate limiting, and security measures.",80,1129,2,"5.8",[18,19,48,21,22],"bot-blocker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fai-scraping-protector.1.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":25,"num_ratings":30,"last_updated":61,"tested_up_to":14,"requires_at_least":62,"requires_php":16,"tags":63,"homepage":66,"download_link":67,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"selective-image-guard","Selective Image Guard | A deterrent for unauthorized downloads and scraping","2.1.4","Jose Mortellaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuse\u002F","\u003Cp>\u003Cstrong>Selective Image Guard\u003C\u002Fstrong> is a lightweight WordPress plugin that adds multiple layers of protection to your website’s images. It’s ideal for photographers, designers, and content creators who want to deter theft and unauthorized use of their visual content.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Desktop Screenshot Prevention\u003C\u002Fstrong>: Applies a blur filter to protected images when specific keyboard shortcuts for screenshots are detected. This is a deterrent, not a foolproof solution.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Print Protection\u003C\u002Fstrong>: Blurs protected images when a user attempts to print the page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Selective Protection\u003C\u002Fstrong>: You control which images are protected. The plugin only affects images you mark as protected in the media library.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to your media library and select the image you want to protect.\u003C\u002Fli>\n\u003Cli>Check the \u003Cstrong>“Protect this image”\u003C\u002Fstrong> option.\u003C\u002Fli>\n\u003Cli>The plugin will automatically apply front-end protections to the selected image to help prevent unauthorized access.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cp>The free version gives you solid protection against common image theft techniques:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>DevTools Detection\u003C\u002Fstrong> – Prevents users from opening browser developer tools to inspect and steal images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript Disabling Detection\u003C\u002Fstrong> – Detects when JavaScript is disabled, ensuring protections remain active.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Desktop Screenshot Prevention\u003C\u002Fstrong> – Blocks most attempts to capture screenshots of your images on desktop.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Print Protection\u003C\u002Fstrong> – Prevents printing of protected images directly from the browser.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>PRO Features\u003C\u002Fh3>\n\u003Cp>The PRO version unlocks advanced and flexible controls for complete image protection:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bulk Protection\u003C\u002Fstrong> – Quickly apply protection to all images across your website with a single setting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Featured Images Protection\u003C\u002Fstrong> – Protects your WordPress featured images from theft.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protection by Post Type\u003C\u002Fstrong> – Apply image protection only where you need it (e.g., posts, pages, custom post types).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Product Galleries\u003C\u002Fstrong> – Keep your product images safe and protect your online shop from unauthorized copying.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Watermark\u003C\u002Fstrong> – Automatically add a customizable watermark to your images for extra security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support\u003C\u002Fstrong> – Get direct, priority support from the plugin author.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Don’t understimate the value of a deterrent.\u003C\u002Fh3>\n\u003Cp>This plugin provides a deterrent, not a foolproof solution. No client-side technique can offer 100% protection against a determined attacker.\u003Cbr \u002F>\nBut don’t underestimate the value of a deterrent.\u003C\u002Fp>\n\u003Cp>Think about the methods used to keep mosquitoes away. Even if they don’t work 100%, would you rather be surrounded by hundreds of mosquitoes or just a couple? That’s the idea of a deterrent.\u003C\u002Fp>\n\u003Ch3>Examples of Use\u003C\u002Fh3>\n\u003Cp>Here are several examples where you would want to display an image on a site but discourage people from sharing it:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Online course slides – You want students to see diagrams or infographics, but not download or redistribute them outside your platform.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Stock photography previews – You show high-resolution images to logged-in subscribers, but do not want those same images shared publicly without a license.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Members-only content – For example, fitness programs or meal plans with recipe cards as images, visible only to paying members.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Confidential documents – An internal portal where staff see charts or scanned reports, but you do not want them forwarded outside the company.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Product prototypes – Showing early design mockups (e.g. fashion sketches or unreleased product photos) to investors or testers, but preventing leaks to competitors.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Protection against unauthorized scraping – Preventing automated bots from copying images and republishing them without permission.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>E-commerce product photos – Protecting your catalog from competitors scraping product images to use in their own stores.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Real estate listings – Preventing property photos from being scraped and reused on unauthorized portals.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Artistic portfolios – Protecting photographers, illustrators, and designers from having their portfolio images scraped and reused without attribution.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>News and media outlets – Protecting journalistic images from being scraped and re-hosted by content farms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Stock agencies – Protecting preview images (with or without watermarks) from being scraped in bulk to avoid licensing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Recipe or DIY blogs – Protecting step-by-step photos from being scraped and republished elsewhere.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>More Information About Image Protection\u003C\u002Fh3>\n\u003Cp>For more details about image protection and the limitations of client-side techniques, read the article: \u003Ca href=\"https:\u002F\u002Fsupporthost.com\u002Fprotect-images-on-wordpress\u002F\" rel=\"nofollow ugc\">How to Protect Images on WordPress (And How to Prevent Theft)\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fjosemortellaro.com\" rel=\"nofollow ugc\">Jose Mortellaro\u003C\u002Fa>\u003C\u002Fp>\n","Protect your images from unauthorized downloads and scraping.",60,1089,"2025-12-10T09:30:00.000Z","4.9",[19,21,64,65,22],"image-protection","photography","https:\u002F\u002Fjosemortellaro.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fselective-image-guard.2.1.4.zip",{"slug":69,"name":70,"version":6,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":11,"downloaded":75,"rating":11,"num_ratings":11,"last_updated":76,"tested_up_to":14,"requires_at_least":23,"requires_php":23,"tags":77,"homepage":80,"download_link":81,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bot-lockout","Bot Lockout","kognetiks","https:\u002F\u002Fprofiles.wordpress.org\u002Fkognetiks\u002F","\u003Cp>Bot Lockout is a security plugin that implements a lightweight cryptographic challenge system to distinguish between real browsers and automated bots. Unlike traditional CAPTCHA systems, it uses JavaScript-based cryptographic operations that are easy for humans but difficult for most bots to solve.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight Protection\u003C\u002Fstrong>: Uses minimal resources and doesn’t impact site performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cryptographic Challenges\u003C\u002Fstrong>: SHA-256 hashing with date and user agent binding\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Whitelisting\u003C\u002Fstrong>: Allow trusted bots (Google, Bing, etc.) and IP addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Configuration\u003C\u002Fstrong>: Exclude specific pages and customize block messages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Logging\u003C\u002Fstrong>: Track blocked attempts for analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Styling\u003C\u002Fstrong>: Add custom CSS to match your site’s design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Daily Token Expiration\u003C\u002Fstrong>: Prevents long-term bypass attempts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Initial Request\u003C\u002Fstrong>: When a visitor accesses your site, the plugin checks for a valid challenge token\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript Challenge\u003C\u002Fstrong>: If no token exists, a cryptographic challenge is presented\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Token Generation\u003C\u002Fstrong>: The challenge combines the current date with the user agent string and creates a SHA-256 hash\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Storage\u003C\u002Fstrong>: The hash is base64 encoded, truncated, and stored as a secure cookie\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Validation\u003C\u002Fstrong>: Subsequent requests are validated against the stored token\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Security Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cryptographically Secure\u003C\u002Fstrong>: Uses SHA-256 hashing algorithm\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time-Bound\u003C\u002Fstrong>: Tokens expire daily to prevent long-term bypass\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser-Specific\u003C\u002Fstrong>: User agent binding prevents token sharing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Cookies\u003C\u002Fstrong>: Implements proper cookie security settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Support\u003C\u002Fstrong>: Allow trusted services and IP addresses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Multi-Site Support\u003C\u002Fh4>\n\u003Cp>Bot Lockout supports WordPress Multi-Site installations with both network-wide and site-specific configurations:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Network Activation\u003C\u002Fstrong>: Apply settings to all sites in the network\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site-Specific Activation\u003C\u002Fstrong>: Independent settings for each site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mixed Configuration\u003C\u002Fstrong>: Network-wide defaults with site-specific overrides\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Advisory\u003C\u002Fh3>\n\u003Cp>Bot Lockout is one layer in a broader security strategy, not a silver bullet.\u003C\u002Fp>\n\u003Cp>While Bot Lockout is designed to deter automated bots and AI scrapers through cryptographic JavaScript challenges, no single solution can offer complete protection. Web scraping technologies continue to evolve, and determined actors may find ways to bypass front-end defenses.\u003C\u002Fp>\n\u003Cp>This plugin should be used as part of a multi-layered approach to website security. For best results, we recommend combining Bot Lockout with additional tools such as server-level firewalls, rate limiting, CAPTCHA systems, behavior-based threat detection, and CDN-level bot mitigation.\u003C\u002Fp>\n\u003Cp>Kognetiks makes no guarantee that this plugin will block all unwanted bot traffic. It is intended as a proactive, lightweight defense mechanism—not a comprehensive security system. Users are responsible for evaluating their own threat model and deploying appropriate complementary protections.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, please visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbot-lockout\u002F\" rel=\"ugc\">WordPress.org support forums\u003C\u002Fa> or check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbot-lockout\u002F\" rel=\"ugc\">plugin documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Developer\u003C\u002Fstrong>: Kognetiks\u003C\u002Fp>\n\u003Cp>This plugin is licensed under the GPL v3 or later.\u003C\u002Fp>\n","A lightweight WordPress plugin that protects your site from AI scrapers and bad bots using cryptographic JavaScript challenges.",269,"2025-07-29T13:21:00.000Z",[19,20,78,79,22],"captcha","javascript-challenge","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbot-lockout\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbot-lockout.1.0.0.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":15,"requires_php":23,"tags":96,"homepage":100,"download_link":101,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wordpress-protection","eDarpan: Website Protection","9.1","Chris Hudson","https:\u002F\u002Fprofiles.wordpress.org\u002Fchris-hudson\u002F","\u003Cp>eDarpan: Website Protection provides complete security for your website content. It helps prevent plagiarists from copying your text and images.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n*   \u003Cstrong>Disable Keyboard Shortcuts\u003C\u002Fstrong>: Blocks Ctrl+C, Ctrl+X, Ctrl+V, etc.\u003Cbr \u002F>\n*   \u003Cstrong>Disable Text Selection\u003C\u002Fstrong>: Prevents highlighting of text.\u003Cbr \u002F>\n*   \u003Cstrong>Disable Right Click\u003C\u002Fstrong>: Blocks the context menu.\u003Cbr \u002F>\n*   \u003Cstrong>SEO Friendly\u003C\u002Fstrong>: Search engines can still crawl your site.\u003C\u002Fp>\n","eDarpan: Website Protection ensures your content remains yours by preventing common methods of data theft like right-click and text selection.",200,49065,76,5,"2025-12-15T15:40:00.000Z","6.9.4",[21,97,98,22,99],"copyright","no-right-click","text-selection","http:\u002F\u002Fwww.edarpan.com\u002Fpages\u002Fwordpress-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-protection.9.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":25,"num_ratings":30,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":23,"download_link":118,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"killbot","KillBot","1.0.3","VOWE","https:\u002F\u002Fprofiles.wordpress.org\u002Fvowe\u002F","\u003Cp>The KillBot plugin for WordPress uses the external KillBot service to protect websites from bots and automated traffic.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>What is this service, and what is it used for?\u003Cbr \u002F>\nKillBot is an anti-bot system that analyzes traffic, detects bots, and can either block them or present a CAPTCHA. The plugin interacts with the KillBot service to check users for signs of automated behavior and detect the use of proxies or VPNs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>What data is sent and when?\u003Cbr \u002F>\nThe plugin sends the following data to the KillBot server upon each new visit session:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– The window.navigator object\u003Cbr \u002F>\n– The window.screen object\u003Cbr \u002F>\n– The window object (excluding string-based parameter values)\u003Cbr \u002F>\nImportant: KillBot does not receive any personal user data, such as names, email addresses, or account identifiers.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Links to Terms of Service and Privacy Policy\u003Cbr \u002F>\nKillBot Terms of Service: https:\u002F\u002Fmy.kill-bot.net\u002Fnode\u002F7\u003Cbr \u002F>\nKillBot Privacy Policy: https:\u002F\u002Fmy.kill-bot.net\u002Fnode\u002F29\u003C\u002Fli>\n\u003C\u002Fol>\n","The KillBot plugin for WordPress uses the external KillBot service to protect websites from bots and automated traffic.",50,882,"2025-04-30T09:45:00.000Z","6.7.5","6.4","7.1",[20,103,22,117],"spam-prevention","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkillbot.zip",{"attackSurface":120,"codeSignals":222,"taintFlows":246,"riskAssessment":247,"analyzedAt":252},{"hooks":121,"ajaxHandlers":174,"restRoutes":175,"shortcodes":219,"cronEvents":220,"entryPointCount":221,"unprotectedCount":30},[122,128,132,138,140,144,147,151,155,159,163,166,170],{"type":123,"name":124,"callback":125,"file":126,"line":127},"action","plugins_loaded","agent_ai_bot_protect_check_db_updates","agent-ai-bot-protect.php",129,{"type":123,"name":129,"callback":130,"priority":30,"file":126,"line":131},"init","agent_ai_bot_protect_check_and_block",313,{"type":133,"name":134,"callback":135,"priority":136,"file":126,"line":137},"filter","script_loader_tag","closure",10,346,{"type":133,"name":134,"callback":135,"priority":136,"file":126,"line":139},371,{"type":123,"name":141,"callback":142,"file":126,"line":143},"admin_enqueue_scripts","agent_ai_bot_protect_enqueue_scripts",398,{"type":123,"name":145,"callback":142,"file":126,"line":146},"wp_enqueue_scripts",399,{"type":133,"name":148,"callback":149,"file":126,"line":150},"plugin_action_links_agent-ai-bot-protect\u002Fagent-ai-bot-protect.php","agent_ai_bot_protect_add_settings_link",407,{"type":123,"name":152,"callback":153,"file":126,"line":154},"admin_menu","agent_ai_bot_protect_add_admin_menu",430,{"type":123,"name":156,"callback":157,"file":126,"line":158},"rest_api_init","agent_ai_bot_protect_register_routes",541,{"type":133,"name":160,"callback":161,"file":126,"line":162},"robots_txt","agent_ai_bot_protect_serve_robots_txt",600,{"type":123,"name":156,"callback":135,"priority":164,"file":126,"line":165},15,737,{"type":133,"name":167,"callback":168,"file":126,"line":169},"rest_pre_serve_request","agent_ai_bot_protect_add_cors_headers",739,{"type":123,"name":171,"callback":172,"file":126,"line":173},"admin_head","agent_ai_bot_protect_admin_styles",767,[],[176,183,189,194,200,205,210,215],{"namespace":177,"route":178,"methods":179,"callback":181,"permissionCallback":135,"file":126,"line":182},"agent-ai-bot-protect\u002Fv1","\u002Fsave-robots-txt",[180],"POST","agent_ai_bot_protect_save_robots_txt",434,{"namespace":177,"route":184,"methods":185,"callback":187,"permissionCallback":135,"file":126,"line":188},"\u002Fanalyze-logs",[186],"GET","agent_ai_bot_protect_analyze_logs",443,{"namespace":177,"route":190,"methods":191,"callback":192,"permissionCallback":135,"file":126,"line":193},"\u002Fbot-stats",[186],"agent_ai_bot_protect_get_stats",452,{"namespace":177,"route":195,"methods":196,"callback":197,"permissionCallback":198,"file":126,"line":199},"\u002Flog-visit",[180],"agent_ai_bot_protect_log_visit","__return_true",471,{"namespace":177,"route":201,"methods":202,"callback":203,"permissionCallback":135,"file":126,"line":204},"\u002Ftoggle-blocking",[180],"agent_ai_bot_protect_toggle_blocking",495,{"namespace":177,"route":206,"methods":207,"callback":208,"permissionCallback":135,"file":126,"line":209},"\u002Fblocking-status",[186],"agent_ai_bot_protect_get_blocking_status",510,{"namespace":177,"route":211,"methods":212,"callback":213,"permissionCallback":135,"file":126,"line":214},"\u002Frobots-txt-url",[186],"agent_ai_bot_protect_get_robots_txt_url",519,{"namespace":177,"route":211,"methods":216,"callback":217,"permissionCallback":135,"file":126,"line":218},[180],"agent_ai_bot_protect_save_robots_txt_url",527,[],[],8,{"dangerousFunctions":223,"sqlUsage":224,"outputEscaping":235,"fileOperations":30,"externalRequests":11,"nonceChecks":11,"capabilityChecks":221,"bundledLibraries":245},[],{"prepared":136,"raw":225,"locations":226},3,[227,230,233],{"file":126,"line":228,"context":229},624,"$wpdb->get_row() with variable interpolation",{"file":126,"line":231,"context":232},641,"$wpdb->get_results() with variable interpolation",{"file":126,"line":234,"context":232},657,{"escaped":236,"rawEcho":225,"locations":237},6,[238,241,243],{"file":126,"line":239,"context":240},228,"raw output",{"file":126,"line":242,"context":240},229,{"file":126,"line":244,"context":240},230,[],[],{"summary":248,"deductions":249},"The \"agent-ai-bot-protect\" plugin v1.0.0 exhibits a generally good security posture with several positive indicators. The absence of dangerous functions, zero known vulnerabilities, and a high percentage of SQL queries using prepared statements are strong points. The plugin also leverages capability checks for most of its entry points. However, there is a notable concern regarding its REST API implementation. One REST API route lacks a permission callback, creating a potential unauthorized access vector. While taint analysis did not reveal any critical or high severity issues, this unprotected endpoint represents a direct attack surface that could be exploited if sensitive operations are exposed. The limited number of file operations and external HTTP requests also suggest a contained scope, which is beneficial for security.",[250],{"reason":251,"points":136},"REST API route without permission callbacks","2026-03-17T06:31:29.126Z",{"wat":254,"direct":260},{"assetPaths":255,"generatorPatterns":257,"scriptPaths":258,"versionParams":259},[256],"\u002Fwp-content\u002Fplugins\u002Fagent-ai-bot-protect\u002Fdist\u002Fassets\u002Frobots.txt",[],[],[],{"cssClasses":261,"htmlComments":262,"htmlAttributes":263,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":266},[],[],[],[],[],[]]