[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2FUBsbKnp-t_A2lke5_k_YP3fOH76mb4hc_h5FXjq2E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":48,"crawl_stats":38,"alternatives":56,"analysis":152,"fingerprints":361},"booter-bots-crawlers-manager","Booter – Bots & Crawlers Manager","1.5.8","uPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fupress\u002F","\u003Cp>Booter – Bots & Crawlers Manager is a preventative measure (treatment in advance) and treatment of damages caused by crawlers and bots.\u003Cbr \u002F>\nThe plugin uses a number of existing technologies which are known by crawlers and bots and takes them one step forward – smartly and almost completely automatically.\u003Cbr \u002F>\nTo allow the plugin to function correctly, you must follow the instructions and manually enter some data (which must be done by a human being to avoid errors).\u003C\u002Fp>\n\u003Ch4>At the prevention level\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Booter allows you to manage and create an advanced dynamic robots.txt file.\u003C\u002Fli>\n\u003Cli>View a 404 error log to see the most common bad links.\u003C\u002Fli>\n\u003Cli>Blocking bad bots that cause high server loads due to very frequent page crawls, or are used to search for security vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>At the treatment level\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Booter allows you to limit the amount of requests from crawlers and bots, if or when they exceed the specified amount of requests per minute, it will be rejected for a specified period of time.\u003C\u002Fli>\n\u003Cli>Rejecting links that we do not want in the fastest way, not by just blocking but by sending the appropriate HTTP status code to make search engines forget them.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Instructions for use in case of damage treatment\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Activate the plugin.\u003C\u002Fli>\n\u003Cli>Enable the 404 error log option.\u003C\u002Fli>\n\u003Cli>Set the access rate limit.\u003C\u002Fli>\n\u003Cli>Watch the 404 log, try to find common parts in the URLs that repeats most often.\u003C\u002Fli>\n\u003Cli>Enter the common parts to the “reject links” page, and ensure the rejection code is 410.\u003C\u002Fli>\n\u003Cli>Clear the 404 error log.\u003C\u002Fli>\n\u003Cli>Repeat the process once every few hours until the 404 error log remains blank.\u003C\u002Fli>\n\u003Cli>Check the status of your website’s index coverage every few days.\u003C\u002Fli>\n\u003C\u002Fol>\n","Booter - Bots & Crawlers Manager is a preventative measure (treatment in advance) and treatment of damages caused by crawlers and bots.",8000,69358,88,13,"2026-02-16T10:26:00.000Z","6.9.4","4.0","",[20,21,22,23,24],"hosting","rate-limit","request","security","upress","https:\u002F\u002Fbooter.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooter-bots-crawlers-manager.zip",99,1,0,"2026-01-25 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2026-24534","booter-missing-authorization","Booter \u003C= 1.5.7 - Missing Authorization","The Booter plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.5.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=1.5.7","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-02-25 14:38:38",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2e798eea-786a-43e2-b535-842ca666ff0f?source=api-prod",32,{"slug":24,"display_name":49,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},"SecuPress",4,65000,98,156,78,"2026-04-04T15:36:36.119Z",[57,79,100,119,134],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":16,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":78,"fetched_at":31},"hostinger","Hostinger Tools","3.0.59","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,16730722,60,25,"2026-03-03T11:48:00.000Z","5.5","8.1",[58,73,74,23,75],"https","maintenance","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.59.zip","2024-01-05 00:00:00",{"slug":80,"name":81,"version":82,"author":7,"author_profile":8,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":97,"download_link":98,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"ezcache","ezCache","1.6.6","\u003Cp>EzCache is an easy and innovative cache plugin that will help you significantly improve your site speed.\u003Cbr \u002F>\nThe plugin comes in a simple and easy installation, without the need for advanced technical knowledge, offers you the opportunity to make your site much faster in a few simple steps, cache pages on your site, automatically optimize images using WebP format to reduce the size of your site’s images by tens of percent and save You need the extra image minimization plugin.\u003C\u002Fp>\n\u003Cp>In addition, the plugin allows you to minimize advanced HTML files, JAVA SCRIPT files\u003Cbr \u002F>\nAnd CSS files\u003Cbr \u002F>\nIn the advanced settings of the extension, you can easily save advanced settings, such as:\u003Cbr \u002F>\nConfigure caching by page type, set cached links,\u003Cbr \u002F>\nExclude certain user types.\u003Cbr \u002F>\nAnd of course, you can always view statistics that will always keep you updated on your site’s caching performance.\u003C\u002Fp>\n\u003Cp>We created ezCash to take the new decade’s speed experience and bring it to your WordPress sites easily and quickly\u003C\u002Fp>\n","EzCache is an easy and innovative cache plugin that will help you significantly improve your site speed.",10000,113930,92,5,"2025-07-30T13:37:00.000Z","6.8.5","4.6","5.6",[94,95,20,96,24],"boost","cache","speed","https:\u002F\u002Fezcache.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fezcache.zip",100,{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":29,"num_ratings":29,"last_updated":110,"tested_up_to":111,"requires_at_least":17,"requires_php":18,"tags":112,"homepage":116,"download_link":117,"security_score":118,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"upress-link","uPress Link","1.3.1","Ilan Firsov","https:\u002F\u002Fprofiles.wordpress.org\u002Filanraid\u002F","\u003Cp>uPress Link is a companion plugin for the WordPress hosting manager \u003Ca href=\"https:\u002F\u002Fwww.upress.io\" rel=\"nofollow ugc\">uPress\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple interface to manage the most frequently used features from uPress\u003C\u002Fli>\n\u003Cli>Manage auto updating, auto redirection and firewall settings\u003C\u002Fli>\n\u003Cli>Manage CDN (Content Delivery Network) settings\u003C\u002Fli>\n\u003Cli>Manage uPress optimization settings\u003C\u002Fli>\n\u003Cli>More features coming soon…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>NOTE\u003C\u002Fstrong>\u003Cbr \u002F>\n* This plugin does not work as a standalone. It requires an account with \u003Ca href=\"https:\u002F\u002Fwww.upress.io\" rel=\"nofollow ugc\">uPress\u003C\u002Fa>.\u003Cbr \u002F>\n* Some features require that specific settings will be enabled in uPress\u003C\u002Fp>\n","uPress Link is a companion plugin for the WordPress hosting manager at https:\u002F\u002Fwww.upress.io",200,2815,"2016-12-07T12:02:00.000Z","4.6.30",[113,20,114,115,24],"companion","link","manager","https:\u002F\u002Fwww.upress.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupress-link.1.3.1.zip",85,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":99,"downloaded":127,"rating":29,"num_ratings":29,"last_updated":128,"tested_up_to":16,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":18,"download_link":133,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"weborado-helper","Weborado Helper","1.0.4","Weborado","https:\u002F\u002Fprofiles.wordpress.org\u002Fweborado\u002F","\u003Cp>Weborado Helper is a practical WordPress plugin that provides essential tools for site administrators to maintain and optimize their WordPress websites. This plugin focuses on version monitoring, security enhancements, and performance recommendations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Security Features\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays current WordPress version with update recommendations\u003C\u002Fli>\n\u003Cli>Shows PHP version with compatibility checks\u003C\u002Fli>\n\u003Cli>XML-RPC protection to enhance site security\u003C\u002Fli>\n\u003Cli>Security recommendations based on best practices\u003C\u002Fli>\n\u003Cli>Easy-to-use security controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Performance Optimization\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress performance best practices recommendations\u003C\u002Fli>\n\u003Cli>Caching strategy guidance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Marketing Guidance\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lead generation recommendations for WordPress sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Weborado Helper is designed to be your essential companion for WordPress site management, providing practical tools and recommendations to keep your site secure, optimized, and effective.\u003C\u002Fp>\n","Essential tools for WordPress site administrators to monitor versions, enhance security, and improve performance.",1253,"2026-01-06T07:50:00.000Z","5.8","7.4",[20,74,132,23,75],"performance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fweborado-helper.1.0.4.zip",{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":67,"downloaded":142,"rating":99,"num_ratings":28,"last_updated":143,"tested_up_to":90,"requires_at_least":144,"requires_php":145,"tags":146,"homepage":18,"download_link":151,"security_score":99,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"anti-browser-ddos-protection","Anti Browser DDoS Protection","2.26","sourcecode347","https:\u002F\u002Fprofiles.wordpress.org\u002Fsourcecode347\u002F","\u003Cp>The \u003Cstrong>Anti Browser DDoS Protection\u003C\u002Fstrong> plugin provides robust protection against denial-of-service (DoS) attacks on your WordPress site. It implements IP-based rate limiting, with configurable settings for subscribers, non-logged-in users, and verified bots, while excluding administrators and other non-subscriber roles. It features advanced bot detection to identify and limit suspicious bots, immediate blocking of malicious bots by User Agent, and supports Cloudflare for accurate client IP detection. Static assets (e.g., CSS, JS, images) are excluded to maintain site performance. An intuitive admin panel allows you to configure rate limits, bot exclusions, trusted bot IP ranges (with automatic duplicate removal), blocked bots by User Agent, log expiration settings, and view logs for blocked IPs, banned IPs, and high traffic bots with auto-refresh every 30 seconds, all with User Agent details and timestamps. You can export \u003Cstrong>Excluded Bots\u003C\u002Fstrong>, \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong>, and \u003Cstrong>Blocked Bots\u003C\u002Fstrong> lists to .txt files and import new entries to append to existing lists without duplicates. Daily bar charts for Blocked IPs, Banned IPs, and High Traffic Bots are displayed above the logs for quick visual insights.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Rate limiting based on IP for subscribers and non-logged-in users, with configurable maximum requests and time window.\u003C\u002Fli>\n\u003Cli>Excludes non-subscriber logged-in users (e.g., administrators, editors) from rate limiting.\u003C\u002Fli>\n\u003Cli>Advanced bot detection to identify suspicious bots (bots using trusted User Agents but from unverified IPs).\u003C\u002Fli>\n\u003Cli>Suspicious bots are subject to the same rate limiting as regular users and logged with User Agent in the Blocked IPs Log.\u003C\u002Fli>\n\u003Cli>Immediate blocking of malicious bots by User Agent (e.g., MJ12bot, SemrushBot, DotBot by default) with customizable settings and logging.\u003C\u002Fli>\n\u003Cli>Configurable rate limiting for verified excluded bots (default: 100 requests per minute), with logging for bots exceeding this limit.\u003C\u002Fli>\n\u003Cli>High Traffic Excluded Bots Log to track verified bots with excessive requests, including IP, User Agent, and timestamp.\u003C\u002Fli>\n\u003Cli>Admin panel to configure maximum requests, time window, excluded bots, trusted bot IP ranges, blocked bots (User Agents), blocks before ban, ban duration, high traffic bot limits, and log expiration (days).\u003C\u002Fli>\n\u003Cli>Export \u003Cstrong>Excluded Bots\u003C\u002Fstrong>, \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong>, and \u003Cstrong>Blocked Bots\u003C\u002Fstrong> lists to .txt files for backup or transfer.\u003C\u002Fli>\n\u003Cli>Import .txt files for \u003Cstrong>Excluded Bots\u003C\u002Fstrong>, \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong>, and \u003Cstrong>Blocked Bots\u003C\u002Fstrong> to append new entries to existing lists, with automatic duplicate removal.\u003C\u002Fli>\n\u003Cli>Automatic removal of duplicate IP ranges in the \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong> field on save, keeping the first occurrence.\u003C\u002Fli>\n\u003Cli>Support for Cloudflare real IP detection using \u003Ccode>CF-Connecting-IP\u003C\u002Fcode> and \u003Ccode>X-Forwarded-For\u003C\u002Fcode> headers.\u003C\u002Fli>\n\u003Cli>Excludes static assets (CSS, JS, images, fonts, etc.) from rate limiting to optimize performance.\u003C\u002Fli>\n\u003Cli>Logs blocked IPs, banned IPs, and high traffic bots with IP, User Agent, and timestamps using the WordPress timezone, viewable in the admin panel with options to clear logs and auto-refresh every 30 seconds.\u003C\u002Fli>\n\u003Cli>Daily bar charts for Blocked IPs, Banned IPs, and High Traffic Bots displayed above the logs in the admin panel for visual statistics.\u003C\u002Fli>\n\u003Cli>Automatic log expiration (Blocked IPs, Banned IPs, High Traffic Bots) after a configurable number of days (default: 5 days), with hourly cleanup via WordPress Scheduler.\u003C\u002Fli>\n\u003Cli>All error messages and logs prefixed with “Anti Browser DDoS Protection: ” for clarity.\u003C\u002Fli>\n\u003Cli>Donate link in the admin panel to support the project.\u003C\u002Fli>\n\u003Cli>Automatic cleanup of transients, blocked IPs, banned IPs, high traffic bots, blocked bots, bot IP ranges, and log expiration settings on plugin deactivation to prevent database bloat.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Ideal for WordPress sites seeking enhanced security against automated attacks, with seamless integration for Cloudflare users, advanced bot management, efficient log management, visual charts for statistics, and easy export\u002Fimport for bot lists.\u003C\u002Fp>\n\u003Ch3>Plugin Assets img\u002F\u003C\u002Fh3>\n\u003Ch3>Icon Image\u003C\u002Fh3>\n\u003Cp>Normal: icon-128×128.png\u003Cbr \u002F>\nHigh-DPI (Retina): icon-256×256.png\u003C\u002Fp>\n\u003Ch3>Bugs\u003C\u002Fh3>\n\u003Cp>Caching plugins such as WP Super Cache, W3 Total Cache, and others may bypass the DDoS protection provided by Anti Browser DDoS Protection, serving cached pages without triggering the plugin’s checks for blocked bots, rate limiting, or banned IPs.\u003Cbr \u002F>\n– \u003Cstrong>Solution\u003C\u002Fstrong>: Disable all WordPress caching plugins to ensure full DDoS protection. Instead, enable Browser Caching using a service like Cloudflare to improve performance without compromising security.\u003Cbr \u002F>\n   Enable standard type Caching and Configure Cloudflare Browser Cache TTL (e.g., 8 days) via \u003Cstrong>Caching > Configuration\u003C\u002Fstrong> in the Cloudflare dashboard.- \u003Cstrong>Cloudflare Compatibility\u003C\u002Fstrong>: Ensure Cloudflare is configured to pass \u003Ccode>CF-Connecting-IP\u003C\u002Fcode> headers for accurate IP detection. Check your Cloudflare dashboard if logged IPs are incorrect.\u003Cbr \u002F>\n– \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong>: Update the \u003Cstrong>Bot IP Ranges\u003C\u002Fstrong> field every 6 months (next update: March 2026) using official sources (e.g., Google, Bing, Yandex documentation). Duplicate ranges are automatically removed on save. Export to .txt for backup or import from .txt to append new ranges.\u003Cbr \u002F>\n– \u003Cstrong>Blocked Bots\u003C\u002Fstrong>: Add malicious bots to the \u003Cstrong>Blocked Bots (User Agents)\u003C\u002Fstrong> field (e.g., MJ12bot, SemrushBot, DotBot) to block them immediately. Blocked bots are logged with their IP and User Agent. Export to .txt for backup or import from .txt to append new entries.\u003Cbr \u002F>\n– \u003Cstrong>Excluded Bots\u003C\u002Fstrong>: Add trusted bots (e.g., Googlebot, Bingbot) to the \u003Cstrong>Excluded Bots\u003C\u002Fstrong> field to exempt them from regular rate limiting (if from verified IPs). Export to .txt for backup or import from .txt to append new entries.\u003Cbr \u002F>\n– \u003Cstrong>High Traffic Bots\u003C\u002Fstrong>: Verified bots exceeding the configured limit (default: 100 requests per minute) are logged for monitoring but not blocked. Check the High Traffic Excluded Bots Log regularly.\u003Cbr \u002F>\n– \u003Cstrong>Log Expiration\u003C\u002Fstrong>: Set the \u003Cstrong>Log Expires (Days)\u003C\u002Fstrong> setting to control how long logs are retained (default: 5 days). Cleanup runs hourly via WordPress Scheduler. Logs older than the specified days are automatically deleted.\u003Cbr \u002F>\n– \u003Cstrong>Timezone\u003C\u002Fstrong>: Set the WordPress timezone correctly (e.g., \u003Ccode>Europe\u002FAthens\u003C\u002Fcode> for Greece) in Settings > General > Timezone to ensure accurate timestamp display in logs and charts.\u003Cbr \u002F>\n– \u003Cstrong>Performance\u003C\u002Fstrong>: For high-traffic sites, clear the Blocked IPs Log, Banned IPs Log, and High Traffic Excluded Bots Log regularly, or set a lower \u003Cstrong>Log Expires (Days)\u003C\u002Fstrong> value to prevent database growth.\u003Cbr \u002F>\n– \u003Cstrong>Customization\u003C\u002Fstrong>: Contact the author for additional features like custom error pages, email notifications for high traffic bots, or advanced logging.\u003Cbr \u002F>\n– \u003Cstrong>Support the Project\u003C\u002Fstrong>: If you find this plugin useful, consider supporting its development via the \u003Ca href=\"https:\u002F\u002Fbuy.stripe.com\u002FbIY5o70SSfam8Qo7ss\" rel=\"nofollow ugc\">donation link\u003C\u002Fa> in the admin panel or plugin page.\u003C\u002Fp>\n","Protects WordPress from DDoS with rate limiting, bot detection, blocking, Cloudflare support, logs, charts, and bot list export\u002Fimport.",422,"2025-09-19T04:53:00.000Z","5.0","8.3",[147,148,149,150,23],"bot-blocking","ddos-protection","ip-blocking","rate-limiting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanti-browser-ddos-protection.2.26.zip",{"attackSurface":153,"codeSignals":249,"taintFlows":349,"riskAssessment":350,"analyzedAt":360},{"hooks":154,"ajaxHandlers":226,"restRoutes":239,"shortcodes":240,"cronEvents":241,"entryPointCount":248,"unprotectedCount":29},[155,161,165,170,174,177,181,186,189,193,197,199,203,206,209,212,215,218,223],{"type":156,"name":157,"callback":158,"file":159,"line":160},"action","booter_404_log_cleanup","cron_404_log_cleanup","includes\\Log404.php",21,{"type":156,"name":162,"callback":163,"file":159,"line":164},"booter_404_log_report","cron_404_log_report",22,{"type":166,"name":167,"callback":168,"file":159,"line":169},"filter","cron_schedules","add_cron_schedules",23,{"type":156,"name":171,"callback":172,"file":159,"line":173},"template_redirect","maybe_log_404",24,{"type":156,"name":175,"callback":176,"priority":99,"file":159,"line":68},"init","schedule_cronjobs",{"type":156,"name":175,"callback":178,"file":179,"line":180},"load_translation","includes\\Plugin.php",45,{"type":156,"name":182,"callback":183,"file":184,"line":185},"muplugins_loaded","maybe_rate_limit","includes\\RateLimiter.php",20,{"type":156,"name":182,"callback":187,"file":188,"line":160},"maybe_block_request","includes\\RequestBlocker.php",{"type":166,"name":167,"callback":190,"file":191,"line":192},"add_cron_schedule","includes\\RobotsWriter.php",26,{"type":156,"name":194,"callback":195,"file":191,"line":196},"booter_write_robots_file","maybe_write_robots_file",27,{"type":156,"name":175,"callback":176,"priority":99,"file":191,"line":198},28,{"type":156,"name":200,"callback":201,"file":202,"line":173},"admin_init","register_settings","includes\\Settings.php",{"type":156,"name":204,"callback":205,"file":202,"line":68},"admin_menu","register_menu",{"type":156,"name":207,"callback":208,"file":202,"line":192},"admin_enqueue_scripts","enqueue_scripts",{"type":156,"name":210,"callback":211,"file":202,"line":198},"admin_notices","maybe_notice_404_plugins",{"type":156,"name":210,"callback":213,"file":202,"line":214},"maybe_notice_plugins_deactivated",29,{"type":156,"name":216,"callback":216,"priority":217,"file":202,"line":47},"admin_bar_menu",9999,{"type":156,"name":219,"callback":220,"priority":221,"file":202,"line":222},"pre_update_option_booter_settings","clear_logs",10,33,{"type":156,"name":219,"callback":224,"priority":221,"file":202,"line":225},"reschedule_404_logs",34,[227,233,236],{"action":228,"nopriv":229,"callback":230,"hasNonce":231,"hasCapCheck":231,"file":232,"line":185},"booter_disable_404_plugins",false,"disable_404_plugins",true,"includes\\AjaxHandlers.php",{"action":234,"nopriv":229,"callback":235,"hasNonce":231,"hasCapCheck":231,"file":232,"line":160},"booter_download_disavow_list","download_disavow_list",{"action":237,"nopriv":229,"callback":238,"hasNonce":231,"hasCapCheck":231,"file":232,"line":164},"booter_get_bad_robots_list","ajax_get_bad_robots_list",[],[],[242,244,246],{"hook":157,"callback":157,"file":159,"line":243},50,{"hook":162,"callback":162,"file":159,"line":245},71,{"hook":194,"callback":194,"file":191,"line":247},59,3,{"dangerousFunctions":250,"sqlUsage":251,"outputEscaping":265,"fileOperations":14,"externalRequests":28,"nonceChecks":248,"capabilityChecks":88,"bundledLibraries":348},[],{"prepared":50,"raw":88,"locations":252},[253,256,259,262,263],{"file":159,"line":254,"context":255},140,"$wpdb->query() with variable interpolation",{"file":159,"line":257,"context":258},175,"$wpdb->get_var() with variable interpolation",{"file":159,"line":260,"context":261},176,"$wpdb->get_results() with variable interpolation",{"file":179,"line":254,"context":255},{"file":202,"line":264,"context":255},441,{"escaped":266,"rawEcho":267,"locations":268},51,42,[269,272,274,277,280,281,283,286,289,291,292,294,296,297,299,301,304,306,307,309,310,311,313,314,316,317,319,321,323,326,328,329,331,332,334,336,337,339,341,342,344,346],{"file":202,"line":270,"context":271},274,"raw output",{"file":202,"line":273,"context":271},287,{"file":275,"line":276,"context":271},"views\\options-tabs\\404-log.php",18,{"file":278,"line":279,"context":271},"views\\options-tabs\\about.php",2,{"file":278,"line":214,"context":271},{"file":278,"line":282,"context":271},47,{"file":284,"line":285,"context":271},"views\\options-tabs\\bad-bots.php",15,{"file":287,"line":288,"context":271},"views\\options-tabs\\block.php",30,{"file":287,"line":290,"context":271},31,{"file":287,"line":267,"context":271},{"file":287,"line":293,"context":271},52,{"file":287,"line":295,"context":271},68,{"file":287,"line":54,"context":271},{"file":287,"line":298,"context":271},89,{"file":287,"line":300,"context":271},90,{"file":302,"line":303,"context":271},"views\\options-tabs\\debug.php",16,{"file":305,"line":303,"context":271},"views\\options-tabs\\disavow.php",{"file":305,"line":303,"context":271},{"file":305,"line":308,"context":271},19,{"file":305,"line":47,"context":271},{"file":305,"line":47,"context":271},{"file":312,"line":173,"context":271},"views\\options-tabs\\general.php",{"file":312,"line":225,"context":271},{"file":312,"line":315,"context":271},44,{"file":312,"line":247,"context":271},{"file":312,"line":318,"context":271},69,{"file":312,"line":320,"context":271},87,{"file":312,"line":322,"context":271},96,{"file":324,"line":325,"context":271},"views\\options-tabs\\help.php",70,{"file":327,"line":308,"context":271},"views\\options-tabs\\rate-limit.php",{"file":327,"line":288,"context":271},{"file":327,"line":330,"context":271},43,{"file":327,"line":315,"context":271},{"file":327,"line":333,"context":271},61,{"file":335,"line":185,"context":271},"views\\options-tabs\\robots.php",{"file":335,"line":214,"context":271},{"file":335,"line":338,"context":271},39,{"file":335,"line":340,"context":271},49,{"file":335,"line":243,"context":271},{"file":335,"line":343,"context":271},65,{"file":335,"line":345,"context":271},76,{"file":347,"line":276,"context":271},"views\\options.php",[],[],{"summary":351,"deductions":352},"The 'booter-bots-crawlers-manager' plugin, version 1.5.8, exhibits a generally positive security posture based on the static analysis. It has a limited attack surface with all identified entry points (AJAX handlers, cron events) appearing to have authorization checks. The absence of direct SQL injection vulnerabilities and taint flows is also a strong indicator of good coding practices. The plugin also demonstrates a good practice of using nonces and capability checks where appropriate.\n\nHowever, there are areas for improvement. While the majority of SQL queries use prepared statements, 44% do not, presenting a potential risk for SQL injection if those non-prepared queries handle user-supplied data without proper sanitization. Similarly, over half of the output escaping is not properly handled, which could lead to cross-site scripting (XSS) vulnerabilities, especially if the unescaped output is rendered in a user-facing context. The presence of a past medium-severity vulnerability, despite being patched, suggests that the development team has addressed security issues, but it also implies that vulnerabilities have existed in the past, requiring continued vigilance.\n\nOverall, the plugin appears to be developed with security in mind, but the unescaped output and the use of raw SQL queries without prepared statements are concerning areas that could be exploited. The plugin's history of a medium vulnerability should be considered, and the developers should continue to prioritize thorough sanitization and escaping of all user inputs and outputs to mitigate potential risks.",[353,355,358],{"reason":354,"points":221},"SQL queries not using prepared statements",{"reason":356,"points":357},"Output escaping not properly handled",8,{"reason":359,"points":221},"Past medium severity vulnerability","2026-03-16T17:56:51.786Z",{"wat":362,"direct":373},{"assetPaths":363,"generatorPatterns":367,"scriptPaths":368,"versionParams":369},[364,365,366],"\u002Fwp-content\u002Fplugins\u002Fbooter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fjs\u002Fnotice.js","\u002Fwp-content\u002Fplugins\u002Fbooter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fjs\u002Foptions.js","\u002Fwp-content\u002Fplugins\u002Fbooter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fcss\u002Foptions.css",[],[364,365],[370,371,372],"booter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fjs\u002Fnotice.js?ver=","booter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fjs\u002Foptions.js?ver=","booter-bots-crawlers-manager\u002Fassets\u002Fdist\u002Fcss\u002Foptions.css?ver=",{"cssClasses":374,"htmlComments":375,"htmlAttributes":376,"restEndpoints":377,"jsGlobals":378,"shortcodeOutput":381},[],[],[],[],[379,380],"wp_booter_notices","wp_booter",[]]