[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBeFI_Y2K6AKjCS7dTYaWKYw5Hu3pNvVquuErm-YEtl8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":31,"analysis":93,"fingerprints":173},"archive-bot-blocker","Archive Bot Blocker","1.1","wpsunny","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpsunny\u002F","\u003Cp>\u003Cstrong>Archive Bot Blocker – Super fast, light-weight plugin to block Bots – Backlink crawling bots, Wayback like archive crawling bots. Archive Bot Blocker users User-agent String to Block these bots.\u003C\u002Fstrong>\u003C\u002Fp>\n","Archive Bot Blocker - Super fast, light-weight plugin to block Bots - Backlink crawling bots, Wayback like archive crawling bots.",10,1223,0,"2019-09-30T07:31:00.000Z","5.2.24","4.0","",[19],"block-bots","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farchive-bot-blocker.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":21,"avg_patch_time_days":28,"trust_score":29,"computed_at":30},2,310,30,84,"2026-04-04T10:36:06.428Z",[32,53,75],{"slug":33,"name":34,"version":35,"author":36,"author_profile":37,"description":38,"short_description":39,"active_installs":40,"downloaded":41,"rating":42,"num_ratings":43,"last_updated":44,"tested_up_to":45,"requires_at_least":16,"requires_php":17,"tags":46,"homepage":51,"download_link":52,"security_score":42,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"cloudfilt-codes","CloudFilt Bot & Spam Protection","1.0.20","CloudFilt","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudfilt\u002F","\u003Cp>Prevent and block bot traffic, web scraping, Tor traffic, spam submissions (comments and contact forms), online fraud, business logic abuse, and denial-of-service (DDoS) attacks.\u003Cbr \u002F>\nThis plugin inserts the CloudFilt tracking and security codes into your website, enabling the protection services available at https:\u002F\u002Fcloudfilt.com\u002F\u003Cbr \u002F>\nYou can read the full documentation at: https:\u002F\u002Fdocs.cloudfilt.com\u002F\u003C\u002Fp>\n\u003Cp>Terms and Conditions: https:\u002F\u002Fcloudfilt.com\u002Fdocs\u002Fpt_cloudfilt_07302025.pdf\u003C\u002Fp>\n\u003Cp>Tags: web security, bot blocking, web application firewall, antispam, stop bad bots\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Authentification form\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using your public and private key to connect your WordPress website to your CloudFilt account and enable CloudFilt features.\u003C\u002Fli>\n\u003Cli>Check if your website is still connected to your CloudFilt account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enabled CloudFilt features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prevents and stop bots traffic, Web Scraping, Tor traffic, Spam Submissions, Web Fraud, Business logic and Denial of service (DDoS).\u003C\u002Fli>\n\u003Cli>Injects JS into pages to track and detect potentially dangerous users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Login to your CloudFilt account and go to https:\u002F\u002Fapp.cloudfilt.com\u002Fwebsites.\u003C\u002Fli>\n\u003Cli>Select the website and go to Settings > Integration & Plugins.\u003C\u002Fli>\n\u003Cli>In the “WordPress” tab, retrieve the public key and the private key.\u003C\u002Fli>\n\u003Cli>Login to the administration page of your WordPress and select the “CloudFilt” plugin from the menu.\u003C\u002Fli>\n\u003Cli>In the form, paste the keys you retrieved from your CloudFilt account.\u003C\u002Fli>\n\u003Cli>Once it is done, you can go back to https:\u002F\u002Fapp.cloudfilt.com and access to your website’s security statistics. Bots can’t be anymore go on your website and users are tracked.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To learn more, see the screenshots section.\u003C\u002Fp>\n","Prevent and stop bots traffic. This plugin inserts in your website the CloudFilt codes for the security tracking available on https:\u002F\u002Fcloudfilt.com\u002F.",600,18891,100,3,"2026-02-17T10:43:00.000Z","6.9.4",[47,19,48,49,50],"antispam","stop-bad-bots","web-application-firewall","web-security","https:\u002F\u002Fcloudfilt.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudfilt-codes.1.0.20.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":42,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":73,"download_link":74,"security_score":42,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"bot-traffic-shield","Bot Traffic Shield – Block Bad Bots and Stop AI Bots Crawlers","1.0.4","Delower Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdelower\u002F","\u003Cp>In the age of AI, your valuable website content is a prime target for data crawlers from large tech companies. \u003Cstrong>Bot Traffic Shield\u003C\u002Fstrong> is your first line of defense against content theft and unauthorized scraping.\u003C\u002Fp>\n\u003Cp>This lightweight yet powerful plugin identifies and blocks a wide range of AI bots and data scrapers before they can access and harvest your content, protecting your intellectual property while reducing unnecessary server load.\u003C\u002Fp>\n\u003Ch3>🛡️ Why You Need Bot Traffic Shield\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Protect Your Content\u003C\u002Fstrong> – Stop AI companies from training their models on your hard work\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Server Load\u003C\u002Fstrong> – Block unwanted traffic that wastes your bandwidth and resources\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO-Safe Blocking\u003C\u002Fstrong> – Only blocks harmful bots; legitimate search engines like Google and Bing remain unaffected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Take Control\u003C\u002Fstrong> – Decide who can and cannot access your valuable content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Real-Time Bot Blocking\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Actively blocks bots by their User-Agent on every page request\u003Cbr \u002F>\n*   Immediate protection with zero configuration needed\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Comprehensive Default Blocklist\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Pre-configured list of 20+ known AI crawlers and scrapers\u003Cbr \u002F>\n*   Includes ChatGPT-User, Google-Extended, GPTBot, CCBot, Bytespider, Amazonbot, Applebot, and more\u003Cbr \u002F>\n*   Regularly updated with new bot signatures\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Logging & Analytics\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Track every blocked bot attempt with detailed logs\u003Cbr \u002F>\n*   View bot name, IP address, user agent, and timestamp\u003Cbr \u002F>\n*   \u003Cstrong>Pagination system\u003C\u002Fstrong> – Browse through logs easily (20 entries per page)\u003Cbr \u002F>\n*   Running statistics showing total blocked requests\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CSV Export Capability\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Export your block logs to CSV format\u003Cbr \u002F>\n*   Filter exports by date range (7 days, 30 days, or all time)\u003Cbr \u002F>\n*   Perfect for analysis, reporting, or compliance\u003C\u002Fp>\n\u003Cp>\u003Cstrong>robots.txt Integration\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Automatically adds \u003Ccode>Disallow\u003C\u002Fcode> rules to your virtual robots.txt\u003Cbr \u002F>\n*   Provides an additional layer of protection for well-behaved bots\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Fully Customizable\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Add your own custom User-Agent strings to block\u003Cbr \u002F>\n*   Simple textarea interface – one bot per line\u003Cbr \u002F>\n*   Enable\u002Fdisable logging with a single toggle\u003Cbr \u002F>\n*   Master on\u002Foff switch for all blocking features\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Modern, Intuitive Interface\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Beautiful, clean admin UI with tabbed navigation\u003Cbr \u002F>\n*   Modern toggle switches and card-based design\u003Cbr \u002F>\n*   Mobile-responsive admin panel\u003Cbr \u002F>\n*   No learning curve – start protecting immediately\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lightweight & Performance-Optimized\u003C\u002Fstrong>\u003Cbr \u002F>\n*   Minimal impact on site speed\u003Cbr \u002F>\n*   Efficient code that runs before page load\u003Cbr \u002F>\n*   No external API calls or database queries on frontend\u003C\u002Fp>\n\u003Ch3>🎯 Who Is This Plugin For?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Content Creators\u003C\u002Fstrong> – Protect your articles, tutorials, and creative work\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bloggers\u003C\u002Fstrong> – Keep your unique content from being scraped\u003C\u002Fli>\n\u003Cli>\u003Cstrong>News Sites\u003C\u002Fstrong> – Prevent unauthorized content aggregation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-commerce\u003C\u002Fstrong> – Protect product descriptions and pricing data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Any WordPress Site\u003C\u002Fstrong> – That values their content and server resources\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Bot Traffic Shield immediately starts blocking known bad bots\u003C\u002Fli>\n\u003Cli>Monitor blocked attempts in the logs\u003C\u002Fli>\n\u003Cli>Add custom bots to block as needed\u003C\u002Fli>\n\u003Cli>Export logs for analysis or record-keeping\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>No complicated setup. No API keys. No subscriptions.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🔒 Privacy & Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>All data stays on your server\u003C\u002Fli>\n\u003Cli>No external services or third-party dependencies\u003C\u002Fli>\n\u003Cli>GDPR compliant – you control all logged data\u003C\u002Fli>\n\u003Cli>Logs can be cleared at any time by disabling logging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📊 Perfect For\u003C\u002Fh3>\n\u003Cp>✅ Reducing bandwidth costs\u003Cbr \u002F>\n✅ Protecting original content\u003Cbr \u002F>\n✅ Improving server performance\u003Cbr \u002F>\n✅ Maintaining competitive advantage\u003Cbr \u002F>\n✅ Preventing AI training on your data\u003C\u002Fp>\n\u003Cp>Stop letting AI companies profit from your hard work. Install Bot Traffic Shield and take back control of your content today!\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Bot Traffic Shield logs the following information when a bot is blocked (if logging is enabled):\u003Cbr \u002F>\n*   User-Agent string\u003Cbr \u002F>\n*   IP address\u003Cbr \u002F>\n*   Request timestamp\u003Cbr \u002F>\n*   Requested URL\u003C\u002Fp>\n\u003Cp>All data is stored locally in your WordPress database. No information is sent to external servers. You can disable logging or clear logs at any time from the plugin settings.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, feature requests, or bug reports:\u003Cbr \u002F>\n*   Visit our website: \u003Ca href=\"https:\u002F\u002Fmonarchwp.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fmonarchwp.com\u002F\u003C\u002Fa>\u003Cbr \u002F>\n*   Email: info@monarchwp.com\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fmonarchwp.com\u002F\" rel=\"nofollow ugc\">MonarchWP\u003C\u002Fa>\u003C\u002Fp>\n","A powerful and user-friendly plugin to block AI crawlers and malicious data scraper bots, protecting your content and server resources.",200,1052,1,"2025-11-26T04:55:00.000Z","6.8.5","6.0","7.4",[69,70,19,71,72],"ai-spider","bad-bots","fail2ban","stop-bots","https:\u002F\u002Fmonarchwp.com\u002Fbot-traffic-shield","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbot-traffic-shield.1.0.4.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":11,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":65,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":90,"download_link":91,"security_score":42,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":92},"botless-core","Botless Core","1.0.1","webgardengeek","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebgardengeek\u002F","\u003Cp>Are bots and spam views skewing your video analytics or consuming unnecessary bandwidth? Botless Video is here to help!\u003C\u002Fp>\n\u003Cp>This plugin provides a lightweight and user-friendly solution to protect your embedded videos (YouTube, Vimeo, self-hosted HTML5) from automated bot interactions. By implementing various configurable techniques, Botless Video aims to ensure that your video views are from genuine human users, providing more accurate engagement metrics and reducing resource waste.\u003C\u002Fp>\n","Protect your embedded HTML videos from unwanted bot traffic. Save bandwidth by blocking bots from downloading video content.",279,"6.2","8.0",[87,19,88,89],"bandwidth-reducer","bot-protection","html5-video","https:\u002F\u002Fplugins.webgardenllc.com\u002Fbotless-core","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbotless-core.1.0.1.zip","2026-03-15T10:48:56.248Z",{"attackSurface":94,"codeSignals":110,"taintFlows":127,"riskAssessment":166,"analyzedAt":172},{"hooks":95,"ajaxHandlers":106,"restRoutes":107,"shortcodes":108,"cronEvents":109,"entryPointCount":13,"unprotectedCount":13},[96,102],{"type":97,"name":98,"callback":99,"file":100,"line":101},"action","admin_menu","abb_admin_menu","archive-bot-blocker.php",19,{"type":97,"name":103,"callback":104,"file":100,"line":105},"wp","abb_send_headers",21,[],[],[],[],{"dangerousFunctions":111,"sqlUsage":112,"outputEscaping":114,"fileOperations":13,"externalRequests":13,"nonceChecks":63,"capabilityChecks":63,"bundledLibraries":126},[],{"prepared":13,"raw":13,"locations":113},[],{"escaped":63,"rawEcho":115,"locations":116},4,[117,120,122,124],{"file":100,"line":118,"context":119},89,"raw output",{"file":100,"line":121,"context":119},101,{"file":100,"line":123,"context":119},107,{"file":100,"line":125,"context":119},110,[],[128,155],{"entryPoint":129,"graph":130,"unsanitizedCount":13,"severity":154},"abb_settings_page (archive-bot-blocker.php:61)",{"nodes":131,"edges":150},[132,137,143,146],{"id":133,"type":134,"label":135,"file":100,"line":136},"n0","source","$_POST (x2)",76,{"id":138,"type":139,"label":140,"file":100,"line":141,"wp_function":142},"n1","sink","update_option() [Settings Manipulation]",78,"update_option",{"id":144,"type":134,"label":145,"file":100,"line":136},"n2","$_POST",{"id":147,"type":139,"label":148,"file":100,"line":121,"wp_function":149},"n3","echo() [XSS]","echo",[151,153],{"from":133,"to":138,"sanitized":152},true,{"from":144,"to":147,"sanitized":152},"low",{"entryPoint":156,"graph":157,"unsanitizedCount":13,"severity":154},"\u003Carchive-bot-blocker> (archive-bot-blocker.php:0)",{"nodes":158,"edges":163},[159,160,161,162],{"id":133,"type":134,"label":135,"file":100,"line":136},{"id":138,"type":139,"label":140,"file":100,"line":141,"wp_function":142},{"id":144,"type":134,"label":145,"file":100,"line":136},{"id":147,"type":139,"label":148,"file":100,"line":121,"wp_function":149},[164,165],{"from":133,"to":138,"sanitized":152},{"from":144,"to":147,"sanitized":152},{"summary":167,"deductions":168},"The archive-bot-blocker plugin version 1.1 exhibits a generally good security posture based on the static analysis. The absence of entry points such as AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate robust practices like 100% use of prepared statements for SQL queries, the presence of nonce and capability checks, and no dangerous function usage or file operations. Taint analysis also shows no identified vulnerabilities. \n\nHowever, there are areas for improvement. The most notable concern is the low percentage of properly escaped output (20%), which, while not immediately exploitable due to the limited attack surface, presents a potential risk for cross-site scripting (XSS) vulnerabilities if any new entry points are introduced or if the existing code base is expanded without careful attention to output sanitization. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a diligent approach to security by the developers or a lack of targeted attacks. \n\nIn conclusion, this plugin appears to be relatively secure due to its minimal attack surface and good general coding practices in key areas. The primary weakness lies in output escaping, which, though not currently critical given the lack of entry points, should be addressed to ensure long-term security and prevent potential vulnerabilities in future updates or integrations.",[169],{"reason":170,"points":171},"Low percentage of properly escaped output",6,"2026-03-16T23:49:18.894Z",{"wat":174,"direct":179},{"assetPaths":175,"generatorPatterns":176,"scriptPaths":177,"versionParams":178},[],[],[],[],{"cssClasses":180,"htmlComments":184,"htmlAttributes":185,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[181,182,183],"postbox","hndle","inside",[],[186,187,188,189,190],"name=\"abb_user_agent\"","name=\"abb_error_code\"","name=\"submit\"","name=\"abb_nonce\"","nonce=\"abb_nonce_action\"",[],[],[]]