[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fb_35B8FqsdWrIdj8vYgtP-TR7QcqHPZ6nAzB_80ittM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":142,"fingerprints":224},"alex-wrong-password","Wrong Password","9.0","Anthony","https:\u002F\u002Fprofiles.wordpress.org\u002Fadzbierajewski\u002F","\u003Cp>When someone gets a password wrong or uses the forgotten password form on your site, the administrator is emailed with the details that were entered.\u003Cbr \u002F>\nThe best way to get fast support is by posting your question in a comment at http:\u002F\u002Fanthony.strangebutfunny.net\u002Fmy-plugins\u002Fwrong-password\u002F\u003C\u002Fp>\n","When someone gets a password wrong or uses the forgotten password form on your site, the administrator is emailed with the details that were entered.",10,4010,0,"2013-05-07T03:28:00.000Z","3.5.2","3.4.1","",[19,20,21,22,23],"incorrect","login","password","wp-login","wp-login-php","http:\u002F\u002Fanthony.strangebutfunny.net\u002Fmy-plugins\u002Fwrong-password\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falex-wrong-password.9.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"adzbierajewski",6,80,30,84,"2026-04-04T16:46:25.357Z",[38,60,80,101,122],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":17,"download_link":57,"security_score":58,"vuln_count":11,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"wps-hide-login","WPS Hide Login","1.9.18","Remy Perona","https:\u002F\u002Fprofiles.wordpress.org\u002Ftabrisrp\u002F","\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> is a very light plugin that lets you easily and safely change the url of the login form page to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.\u003C\u002Fp>\n\u003Cp>This plugin is kindly proposed by \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> the specialized WordPress web host.\u003C\u002Fp>\n\u003Cp>Discover also our other free extensions:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"ugc\">WPS Limit Login\u003C\u002Fa> to block brute force attacks.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"ugc\">WPS Bidouille\u003C\u002Fa> to optimize your WordPress and get more info.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"ugc\">WPS Cleaner\u003C\u002Fa> to clean your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin is only maintained, which means we do not guarantee free support. Consider reporting a problem and be patient.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> est un plugin très léger qui vous permet de changer facilement et en toute sécurité l’url de la page de formulaire de connexion. Il ne renomme pas littéralement ou ne modifie pas les fichiers dans le noyau, ni n’ajoute des règles de réécriture. Il intercepte simplement les demandes de pages et fonctionne sur n’importe quel site WordPress. Le répertoire wp-admin et la page wp-login.php deviennent inaccessibles, vous devez donc ajouter un signet ou vous souvenir de l’URL. Désactiver ce plugin ramène votre site exactement à l’état dans lequel il était auparavant.\u003C\u002Fp>\n\u003Cp>Ce plugin vous est gentiment proposé par \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> l’hébergeur spécialisé WordPress.\u003C\u002Fp>\n\u003Cp>Plus d’infos sur son utilisation : \u003Ca href=\"https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Découvrez également nos autres extensions gratuites :\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"nofollow ugc\">WPS Limit Login\u003C\u002Fa> pour bloquer les attaques par force brute.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"nofollow ugc\">WPS Bidouille\u003C\u002Fa> pour optimiser votre WordPress et faire le plein d’infos.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"nofollow ugc\">WPS Cleaner\u003C\u002Fa> pour nettoyer votre site WordPress.\u003C\u002Fp>\n\u003Cp>Ce plugin est seulement maintenu, ce qui signifie que nous ne garantissons pas un support gratuit. Envisagez de signaler un problème et soyez patient.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>Requires WordPress 4.1 or higher. All login related things such as the registration form, lost password form, login widget and expired sessions just keep working.\u003C\u002Fp>\n\u003Cp>It’s also compatible with any plugin that hooks in the login form, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Obviously it doesn’t work with plugins or themes that \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Works with multisite, with subdomains and subfolders. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.\u003C\u002Fp>\n\u003Cp>If you’re using a \u003Cstrong>page caching plugin\u003C\u002Fstrong> other than WP Rocket, you should add the slug of the new login url to the list of pages not to cache. WP Rocket is already fully compatible with the plugin.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>Nécessite WordPress 4.1 ou supérieur. Toutes les choses liées à la connexion telles que le formulaire d’inscription, le formulaire de mot de passe perdu, le widget de connexion et les sessions expirées continuent de fonctionner.\u003C\u002Fp>\n\u003Cp>Il est également compatible avec tout plugin qui se connecte au formulaire de connexion, notamment:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Évidemment, cela ne fonctionne pas avec les plugins ou les thèmes \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Fonctionne en multisite, avec sous-domaines ou sous dossiers. L’activer pour un réseau vous permet de définir une valeur par défaut pour l’ensemble du réseau. Les sites individuels peuvent toujours renommer leur page de connexion pour autre chose.\u003C\u002Fp>\n\u003Cp>Si vous utilisez un \u003Cstrong>plugin de mise en cache de pages\u003C\u002Fstrong> autre que WP Rocket, vous devez ajouter le slug de la nouvelle URL de connexion à la liste des pages à ne pas mettre en cache. WP Rocket est déjà entièrement compatible avec le plugin.\u003C\u002Fp>\n","Change wp-login.php to anything you want.",2000000,30498017,96,2101,"2026-01-12T08:47:00.000Z","6.9.4","4.1","7.0",[55,20,56,22,23],"custom-login-url","rename","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwps-hide-login.1.9.18.zip",95,"2024-06-24 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":17,"tags":75,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"rename-wp-loginphp-to-anything-you-want","Rename wp-login.php to anything you want","2.0.1","travispluse","https:\u002F\u002Fprofiles.wordpress.org\u002Ftravispluse\u002F","\u003Cp>This plugin changes the way you login into your website.\u003C\u002Fp>\n\u003Cp>–loginsecurity includes–\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blocks IP after maximum retries allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Extended Lockout after maximum lockouts allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Email notification to admin after max lockouts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blacklist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Whitelist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Check logs of failed attempts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Create IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Delete IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Licensed under GNU GPL version 3\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Safe & Secure\u003Cbr \u002F>\u003C\u002Fp>\n","This plugin changes the way you login into your website.",500,8851,100,5,"2016-08-13T06:36:00.000Z","4.5.33","3.0",[76,55,20,77,23],"custom","login-custom","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frename-wp-loginphp-to-anything-you-want\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frename-wp-loginphp-to-anything-you-want.2.0.1.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":70,"num_ratings":90,"last_updated":91,"tested_up_to":51,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":17,"download_link":97,"security_score":98,"vuln_count":99,"unpatched_count":13,"last_vuln_date":100,"fetched_at":28},"login-me-now","Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPress","1.14","Pluginly","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginly\u002F","\u003Ch4>What is Login Me Now?\u003C\u002Fh4>\n\u003Cp>Login Me Now is a modern login and access control solution for WordPress. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Grant temporary access with secure one-time links\u003C\u002Fli>\n\u003Cli>Log in without passwords\u003C\u002Fli>\n\u003Cli>Offer Google and Facebook social login\u003C\u002Fli>\n\u003Cli>Switch between user accounts instantly\u003C\u002Fli>\n\u003Cli>Use browser extensions for one-click dashboard access\u003C\u002Fli>\n\u003Cli>Verify users with SMS-based one-time passwords\u003C\u002Fli>\n\u003Cli>Track login history and activity\u003C\u002Fli>\n\u003Cli>Manage modules, integrations, and features from a single hub\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>New: Phone OTP Login\u003Cbr \u002F>\nAllow users to verify identity with one-time passwords delivered via SMS using Firebase or Twilio.\u003C\u002Fp>\n\u003Cp>Improved Email Magic Link\u003Cbr \u002F>\nRefined modal, confirmation step, and updated email template for a more professional experience.\u003C\u002Fp>\n\u003Ch4>Video Overview\u003C\u002Fh4>\n\u003Cp>Watch a quick 38-second overview of the problem, solution, and features:\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmLKvHphKX0E?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Ch3>Passwordless & Temporary Login\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Generate secure login links with expiration time (hours or days)\u003C\u002Fli>\n\u003Cli>No passwords needed — secure login with one click\u003C\u002Fli>\n\u003Cli>Control access using validity periods and conditional settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Social Login\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Google and Facebook login support\u003C\u002Fli>\n\u003Cli>Use shortcodes to place login buttons anywhere\u003C\u002Fli>\n\u003Cli>Pro: Sync profile photo and name\u003C\u002Fli>\n\u003Cli>Pro: Redirect users to any page after login\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Phone OTP Login (New)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>OTP delivery through Firebase or Twilio Verify\u003C\u002Fli>\n\u003Cli>Rate limiting, resend cooldown, and reCAPTCHA supported\u003C\u002Fli>\n\u003Cli>Country flag selector and restriction options\u003C\u002Fli>\n\u003Cli>Store and normalize phone numbers in user profiles\u003C\u002Fli>\n\u003Cli>Works via shortcode or wp-login.php login provider interface\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>User Switching\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Instantly switch between user accounts\u003C\u002Fli>\n\u003Cli>No logout\u002Flogin cycles required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Email Magic Link\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Single-use secure login links\u003C\u002Fli>\n\u003Cli>Clean modal with validation and success confirmation\u003C\u002Fli>\n\u003Cli>Friendly email template with clear CTA\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Activity Log\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Integrates with Simple History\u003C\u002Fli>\n\u003Cli>Track who logged in and how they authenticated\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Browser Extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fchrome.google.com\u002Fwebstore\u002Fdetail\u002Flogin-me-now-wordpress-lo\u002Fkkkofomlfhbepmpiplggmfpomdnkljoh\" rel=\"nofollow ugc\">Chrome Extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faddons.mozilla.org\u002Fen-US\u002Ffirefox\u002Faddon\u002Flogin-me-now\u002F\" rel=\"nofollow ugc\">Firefox Add-on\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Uses encrypted JWT tokens for secure and fast access\u003C\u002Fli>\n\u003Cli>No passwords are stored in the extension\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Modules Hub (New)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Toggle modules, integrations, and upcoming features from one dashboard\u003C\u002Fli>\n\u003Cli>Search, filter, and manage active, available, and upcoming modules\u003C\u002Fli>\n\u003Cli>Module state persists automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>Use these shortcodes to display login buttons anywhere:\u003C\u002Fp>\n\u003Cp>[login_me_now_google_button]\u003Cbr \u002F>\n[login_me_now_facebook_button]\u003Cbr \u002F>\n[login_me_now_phone_otp_button]\u003Cbr \u002F>\n[login_me_now_email_magic_link_button]\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Site Owners: Give temporary access without sharing passwords\u003C\u002Fli>\n\u003Cli>Developers: Request secure client access instead of asking for admin credentials\u003C\u002Fli>\n\u003Cli>Agencies: Switch between multiple user accounts easily\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All-in-One Content Restriction\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads\u003C\u002Fli>\n\u003Cli>Directorist\u003C\u002Fli>\n\u003Cli>Simple History\u003C\u002Fli>\n\u003Cli>Fluent Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Coming Soon: Tutor LMS, BuddyBoss, BuddyPress, Dokan, bbPress\u003C\u002Fp>\n\u003Ch4>Why Choose Login Me Now?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Encrypted, time-sensitive authentication\u003C\u002Fli>\n\u003Cli>Faster, smoother login flows\u003C\u002Fli>\n\u003Cli>Works for both beginners and power users\u003C\u002Fli>\n\u003Cli>Actively updated and maintained\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Social login profile sync (name, avatar)\u003C\u002Fli>\n\u003Cli>Custom redirect after login\u003C\u002Fli>\n\u003Cli>More integrations (coming soon)\u003C\u002Fli>\n\u003Cli>WooCommerce express login (coming soon)\u003C\u002Fli>\n\u003Cli>Advanced OTP enhancements (coming soon)\u003C\u002Fli>\n\u003Cli>Priority support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro version:\u003Cbr \u002F>\nhttps:\u002F\u002Floginmenow.com\u002Fpricing\u002F\u003C\u002Fp>\n\u003Ch3>FIND AN ISSUE?\u003C\u002Fh3>\n\u003Cp>Support forum:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flogin-me-now\u002F\u003C\u002Fp>\n\u003Cp>Please search existing topics before opening a new one.\u003C\u002Fp>\n","Login Me Now combines Passwordless Login, Email Magic Links, Phone OTP Verification, Temporary Logins, Social Logins (Google & Facebook), User Swi &hellip;",400,13043,9,"2026-01-12T11:26:00.000Z","5.6","7.4",[20,21,95,96,22],"secure-login","social-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-me-now.1.14.zip",98,1,"2025-02-26 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":98,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":17,"tags":115,"homepage":120,"download_link":121,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"blue-login-style","Blue Login Style","1.4.0","Alimir","https:\u002F\u002Fprofiles.wordpress.org\u002Falimir\u002F","\u003Cp>Blue Login Style is a tiny WordPress plugin that allows you to customize your login page with beautiful themes. Its features: ability to add message, change the login logo, ability to set login, logout and register redirect links and many more…\u003Cbr \u002F>\nScreenshots are available in \u003Ca href=\"http:\u002F\u002Fpreview.alimir.ir\u002Fwordpress-blue-login-style\u002F\" rel=\"nofollow ugc\">Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ability to choose nice themes with great options.\u003C\u002Fli>\n\u003Cli>Ability to add message in your login page.\u003C\u002Fli>\n\u003Cli>Add a custom logo of your wordPress blog as piece of cake.\u003C\u002Fli>\n\u003Cli>Add custom background image.\u003C\u002Fli>\n\u003Cli>Ability to set \u003Ccode>login\u003C\u002Fcode>, \u003Ccode>logout\u003C\u002Fcode> and \u003Ccode>register\u003C\u002Fcode> redirect links.\u003C\u002Fli>\n\u003Cli>Simple configuration panel.\u003C\u002Fli>\n\u003Cli>And so on…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Author\u003C\u002Fh4>\n\u003Cp>Website: \u003Ca href=\"http:\u002F\u002Fabout.alimir.ir\" rel=\"nofollow ugc\">Ali Mirzaei\u003C\u002Fa>\u003Cbr \u002F>\nFollow on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Falimir.ir\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003Cbr \u002F>\nYou can catch catch me on twitter as @alimirir\u003C\u002Fp>\n","Blue Login Style is a tiny plugin which allows to customize your wp-login theme easily with a click.",300,29099,17,"2014-12-26T19:38:00.000Z","4.1.42","3.5",[116,117,118,119,22],"admin","customize-wp-login-php-plugin","front-end-login","login-form","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblue-login-style\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblue-login-style.1.4.0.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":114,"requires_php":17,"tags":136,"homepage":140,"download_link":141,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"nomorepass-forget-your-passwords","NoMorePass Login","1.10.3","yoprogramo","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoprogramo\u002F","\u003Cp>\u003Cstrong>NoMorePass\u003C\u002Fstrong> is a secure and easy to use technology to provide you two factor autentication on every situation. This plugin allows you to login to wordpress using just your mobile phone, with no other requirement. No registering, no API keys, install, activate and that’s all.\u003Cbr \u002F>\nYour passwords will be \u003Cstrong>only on your mobile phone\u003C\u002Fstrong>, no copies over your computers, not even on nomorepass servers, fully anonymous. Login just scanning a one-time qr-code.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Safe\u003C\u002Fstrong> Your passwords are encrypted all the time, all transfers are on https and the credentials are encrypted with single-use keys.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Personal\u003C\u002Fstrong> Your passwords always go with you. No servers, no insecure transfers, no browser dependencies. Fully anonymous.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy\u003C\u002Fstrong> Magic! You can send passwords to your favorite websites without any effort. Just scan a qr-code with the app.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>IMPORTANT\u003C\u002Fstrong>: Install the app in your phone:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplay.google.com\u002Fstore\u002Fapps\u002Fdetails?id=com.biblioeteca.apps.NoMorePass\" rel=\"nofollow ugc\">Google Play\u003C\u002Fa> Android.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fitunes.apple.com\u002Fus\u002Fapp\u002Fno-more-pass\u002Fid1199780162\" rel=\"nofollow ugc\">Apple Appstore\u003C\u002Fa> iOS \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Instant user registration\u003C\u002Fstrong>\u003Cbr \u002F>\nYou have a new configuration option named “Auto-login after registration” that allows your users scan the provided qr-code only providing username and email, then the password is sent to the mobile phone and the user is registered immediately.\u003Cbr \u002F>\nRegister your users in just one step, safely.\u003C\u002Fp>\n\u003Cp>Avoid force brute attacks\u003Cbr \u002F>\nYou can force users to use NoMorePass app to login to your site, making impossible force-brute attacs. Even if the attackers guess the correct user an password they will be unable to enter if not using the mobile app.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Allow access from every page\u002Fpost\u002Fwidget\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can use a shortcode to include a login form in any page or post or include in your sidebar.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NoMorePass support\u003C\u002Fstrong>,\u003Cbr \u002F>\nif you find a bug please open a ticket in the support request or go to \u003Ca href=\"https:\u002F\u002Fwww.nomorepass.com\" rel=\"nofollow ugc\">NoMorePass.com\u003C\u002Fa>.\u003Cbr \u002F>\nEvery issue will be fixed asap!\u003C\u002Fp>\n\u003Cp>\u003Cstrong> NoMorePass\u003C\u002Fstrong> plugin is also compatible with any plugin that hooks in the login form, including\u003C\u002Fp>\n\u003Col>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Limit Login Attempts,\u003C\u002Fli>\n\u003Cli>Captcha plugins.\u003C\u002Fli>\n\u003Cli>etc.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How to create a custom login page with nomorepass\u003C\u002Fh3>\n\u003Cp>In order to create a login form or custom login page for WordPress with the default options, all you need to do is use this shortcode:\u003C\u002Fp>\n\u003Cp>[nmp_login_form]\u003C\u002Fp>\n\u003Cp>You can use parameters in the shortcode:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>redirect\u003C\u002Fstrong> An absolute URL to which the user will be redirected after a successful login\u003C\u002Fli>\n\u003Cli>\u003Cstrong>form_id\u003C\u002Fstrong> Custom ID for the login form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>label_xxx\u003C\u002Fstrong> (xxx can be username, password, remember, log_in) Text to use as label in your form for the indicated field\u003C\u002Fli>\n\u003Cli>\u003Cstrong>remember\u003C\u002Fstrong> Specify if the “Remember Me” checkbox should be shown\u003C\u002Fli>\n\u003Cli>\u003Cstrong>value_xxx\u003C\u002Fstrong> (xxx can be username, password, remember) placeholder for text field or (0|1) for remember.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>lost_password\u003C\u002Fstrong> Specify if the “Lost password” link should be shown\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>In the admin page you have 5 different options:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Show login form : shows or hide the user and password fields. If hidden only using QR is possible login.\u003C\u002Fli>\n\u003Cli>Show password reset : shows or hide the password field when resetting password. If hidden the password is sent to the mobile phone using QR directly.\u003C\u002Fli>\n\u003Cli>Auto-launch QR : makes the NoMorePass QR be launched when login page loads.\u003C\u002Fli>\n\u003Cli>Auto-login : if you select this option the user will login directly after the registration without email verification. Use with caution, this option will reduce the registration dramatically (just 1 step) but the emails are not verified (but you know people registered have used nomorepass, so they are humans).\u003C\u002Fli>\n\u003Cli>Only Nomorepass : allows logins only using nomorepass app\u003C\u002Fli>\n\u003Cli>Custom Logo: allows to upload a new icon for login\u003C\u002Fli>\n\u003Cli>Custom Message: allows to change the login message\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How it works\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FOVL7cuiS77g?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Use your mobile phone to login into wordpress. Allow users instant registration. Fully protection against force brute attacks",70,5164,90,8,"2025-04-19T19:40:00.000Z","6.8.5",[20,137,21,138,139],"nomorepass","wordpress-login","wp-login-form","https:\u002F\u002Fwww.nomorepass.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnomorepass-forget-your-passwords.zip",{"attackSurface":143,"codeSignals":171,"taintFlows":184,"riskAssessment":211,"analyzedAt":223},{"hooks":144,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":13,"unprotectedCount":13},[145,150,155,159,163],{"type":146,"name":147,"callback":148,"file":149,"line":111},"action","admin_head","stats_function","wrong-password.php",{"type":151,"name":152,"callback":153,"file":149,"line":154},"filter","wp_login_failed","alex_wrong_password",121,{"type":151,"name":156,"callback":157,"file":149,"line":158},"retrieve_password","alex_forgot_password",122,{"type":151,"name":160,"callback":161,"file":149,"line":162},"wp_loaded","alex_wrong_password_post",123,{"type":146,"name":164,"callback":165,"file":149,"line":166},"admin_menu","the_admin_page_menu",125,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":176,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":183},[],{"prepared":174,"raw":13,"locations":175},2,[],{"escaped":13,"rawEcho":174,"locations":177},[178,181],{"file":149,"line":179,"context":180},15,"raw output",{"file":149,"line":182,"context":180},137,[],[185,203],{"entryPoint":186,"graph":187,"unsanitizedCount":99,"severity":202},"the_admin_page (wrong-password.php:129)",{"nodes":188,"edges":199},[189,194],{"id":190,"type":191,"label":192,"file":149,"line":193},"n0","source","$_POST['when']",134,{"id":195,"type":196,"label":197,"file":149,"line":193,"wp_function":198},"n1","sink","update_option() [Settings Manipulation]","update_option",[200],{"from":190,"to":195,"sanitized":201},false,"low",{"entryPoint":204,"graph":205,"unsanitizedCount":99,"severity":202},"\u003Cwrong-password> (wrong-password.php:0)",{"nodes":206,"edges":209},[207,208],{"id":190,"type":191,"label":192,"file":149,"line":193},{"id":195,"type":196,"label":197,"file":149,"line":193,"wp_function":198},[210],{"from":190,"to":195,"sanitized":201},{"summary":212,"deductions":213},"The \"alex-wrong-password\" v9.0 plugin exhibits a strong security posture in several key areas. It has a clean vulnerability history with no recorded CVEs, suggesting a consistent focus on security from the developers. The absence of dangerous functions, file operations, and external HTTP requests is also a positive sign. Crucially, all SQL queries are prepared, mitigating the risk of SQL injection.  However, there are significant concerns raised by the static analysis.  The complete lack of output escaping for all identified outputs is a critical weakness, potentially exposing the site to Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis reveals two flows with unsanitized paths, which, although not classified as critical or high severity in this report, warrant investigation as they indicate potential pathways for attackers to inject malicious data. The absence of capability checks and nonce checks on any potential entry points, though the attack surface is reported as zero, leaves room for concern if future updates introduce such points without adequate protection.",[214,216,218,221],{"reason":215,"points":133},"All outputs are unescaped",{"reason":217,"points":71},"Taint analysis shows unsanitized paths",{"reason":219,"points":220},"No capability checks present",3,{"reason":222,"points":220},"No nonce checks present","2026-03-17T00:46:43.678Z",{"wat":225,"direct":231},{"assetPaths":226,"generatorPatterns":227,"scriptPaths":228,"versionParams":230},[],[],[229],"http:\u002F\u002Fmrstats.strangebutfunny.net\u002Fstatsscript.php",[],{"cssClasses":232,"htmlComments":234,"htmlAttributes":235,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":238},[233],"wrap",[],[],[],[],[]]