[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBGIt8qrcppFjSnSmwoTomRmG-KvYUBvRGeh2PFd5DPI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":139,"fingerprints":171},"cf-email-domain-check","eMail Domain Check Processor for Caldera Forms","1.1.0","Martin Mattel","https:\u002F\u002Fprofiles.wordpress.org\u002Fmmattel01\u002F","\u003Cp>This plugin adds an eMail domain check processor to \u003Ca href=\"https:\u002F\u002Fcalderaforms.com\" rel=\"nofollow ugc\">Caldera Forms\u003C\u002Fa>.\u003Cbr \u002F>\nIt checks if the domain of the eMail given is most likely capable recieving eMails.\u003Cbr \u002F>\nUseful to aviod misusage or mistyped eMails without additional confirmations.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Define a Caldera Form layout including at least one eMail address field.\u003C\u002Fli>\n\u003Cli>Go to the Caldera Form Processors tab and add this processor.\u003C\u002Fli>\n\u003Cli>In Processors Settings add\u002Fselect the magic eMail tag of your eMail field. Use only one tag!\u003C\u002Fli>\n\u003Cli>In Processors Conditions, enable the processor.\u003C\u002Fli>\n\u003C\u002Ful>\n","Processor for Caldera Forms to check if the domain of the eMail given is most likely capable recieving eMails. Useful to aviod misusage or mistyped eM …",10,1849,0,"2020-11-24T07:38:00.000Z","5.6.17","5.2","5.6",[19,20,21,22],"caldera-forms","dns","domain","email","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcf-email-domain-check\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf-email-domain-check.1.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"mmattel01",1,30,84,"2026-04-04T07:16:27.524Z",[36,56,79,100,123],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":11,"last_updated":47,"tested_up_to":15,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":54,"download_link":55,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"email-domain-verification-in-cf7","Contact Form 7 Email Validation","3.5.2","Clarion Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Fclarionwpdeveloper\u002F","\u003Cp>Add a customized functionality to add a email field validation check point to the popular Contact Form 7 plugin. A DNS verification validation has been integrated to verify email address from a valid domain.\u003C\u002Fp>\n","Contact Form 7 Email Validation plugin adds an extended validation to verify domain in email address  for email fields of Contact Form 7 plugin.",1000,26436,66,"2020-12-18T12:23:00.000Z","4.9","",[51,52,22,53],"contact-form-7","domain-verification","validation","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-domain-verification-in-cf7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-domain-verification-in-cf7.3.5.2.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":44,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":49,"tags":70,"homepage":76,"download_link":77,"security_score":78,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"gf-block-email-domains","Gravity Forms Block Email Domains","1.0.2","GravityKit","https:\u002F\u002Fprofiles.wordpress.org\u002Fgravityview\u002F","\u003Cp>Gravity Forms Block Email Domains is an add-on plugin for Gravity Forms that allows you to define a comma separated list of email domains to block on each email field. Custom validation messages can be set as well. Blocked email domains will prevent the form from being submitted and prompt the user to enter a non-blocked email address.\u003C\u002Fp>\n","Easily set a list of email domains to block on email fields in Gravity Forms.",10966,82,9,"2024-11-05T03:30:00.000Z","6.7.5","5.0.0",[71,72,73,74,75],"blacklist","block-domain","block-email","blocklist","gravity-forms","http:\u002F\u002Froadwarriorcreative.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgf-block-email-domains.1.0.2.zip",92,{"slug":80,"name":81,"version":6,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":31,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":49,"tags":92,"homepage":98,"download_link":99,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"block-email-cf7","Contact Form 7 – Blacklist Unwanted Email","abahalkar","https:\u002F\u002Fprofiles.wordpress.org\u002Fabahalkar\u002F","\u003Ch4>Description\u003C\u002Fh4>\n\u003Cp>Contact form 7 – Blacklist unwanted email plugin is designed to restrict Blacklisted, Spam, Generic and Competitor Email domains preventing your valuable downloadable resources or limiting registrations on your website blogs. The plugin is Free and allows blacklisting of around 4750+ free and unwanted domains. Whether you have a small startup or an established online portal you can use our plugin to restrict your undesired subscribers.\u003C\u002Fp>\n\u003Cp>Through CF7 – Blacklist unwanted emails plugin, site admin can manage email field validation. Create a list of unwanted email domains that could cause a validation error and block them e.g. Gmail.com, Yahoo.com, Live.com or Competitorsdomain.com, etc.\u003C\u002Fp>\n\u003Cp>Default settings can be added in the ‘Block Email CF7’ > Enter ‘List of Email Fields to Validate’ > Enter ‘Default Error Message’ > Enter ‘List of Domains to be Blocked\u002FBlacklisted’ followed by a comma.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allowed only Business or Company email submission.\u003C\u002Fli>\n\u003Cli>Restrict free domains email (likes gmail.com, yahoo.com etc.) from registrations and submissions of forms.\u003C\u002Fli>\n\u003Cli>Block to registrations and submissions of specific form.\u003C\u002Fli>\n\u003Cli>Block a specific email field in case there are multiple email fields in the form.\u003C\u002Fli>\n\u003Cli>Inbuilt plugin functionalities offers blacklisting around 4750+ free and spam domains. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details please visit [Official website:]( \u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwpprml\" rel=\"nofollow ugc\"> http:\u002F\u002Fwpstudio.org \u003C\u002Fa> )\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Here is a demo link for this plugin:\u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwppdl\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Enjoy! And please don’t forget to rate and ask for support if you face any troubles.\u003C\u002Fp>\n","This is a free add-on plugin for contact form 7, which validates the email field and restrict unwanted email submission as well as allowed only busine …",400,6005,100,"2019-10-15T18:53:00.000Z","5.3.21","4.2",[93,94,95,96,97],"blacklist-email-domain-for-contact-form-7","block-email-domain-for-contact-form-7","cf7","restrict-email-domain-submission-for-contact-form-7","validate-email-domain-for-contact-form-7","http:\u002F\u002Fwpstudio.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-email-cf7.1.1.1.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":88,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":121,"download_link":122,"security_score":88,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"email-and-domain-blocker","Email and Domain Blocker for WooCommerce","1.1","Kaleem Abbasi","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaleemabbasi\u002F","\u003Cp>Tired of fake signups and spam accounts in your WooCommerce store?\u003Cbr \u002F>\n\u003Cstrong>Email and Domain Blocker for WooCommerce\u003C\u002Fstrong> lets you block unwanted emails or domains from registering — keeping your store clean and your customers real.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Block specific email addresses (e.g. \u003Ccode>baduser@gmail.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Block entire domains (e.g. \u003Ccode>@spam.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Wildcard support (e.g. \u003Ccode>*@gmail.com\u003C\u002Fcode>, \u003Ccode>*@*.ru\u003C\u002Fcode>)\u003Cbr \u002F>\n* Test Email Checker (instantly check if an email is allowed or blocked)\u003Cbr \u002F>\n* Optional logging of blocked attempts\u003Cbr \u002F>\n* Logs tab to view, clear, and download blocked attempts as CSV\u003Cbr \u002F>\n* Simple admin UI with usage examples\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use cases:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Stop spam signups with disposable or free mail services\u003Cbr \u002F>\n* Block competitors or fraud-prone domains\u003Cbr \u002F>\n* Restrict registrations to company emails only\u003C\u002Fp>\n","Block emails or domains from WooCommerce signups. Supports wildcards, logging, CSV export, and test email checker.",300,2068,3,"2025-09-03T21:51:00.000Z","6.6.5","5.8","7.2",[116,117,118,119,120],"domain-blocker","email-blocker","registration","spam-prevention","woocommerce","https:\u002F\u002Fkaleemabbasi.com\u002Femail-and-domain-blocker-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-and-domain-blocker.1.1.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":108,"downloaded":131,"rating":65,"num_ratings":66,"last_updated":132,"tested_up_to":49,"requires_at_least":133,"requires_php":49,"tags":134,"homepage":49,"download_link":137,"security_score":33,"vuln_count":31,"unpatched_count":13,"last_vuln_date":138,"fetched_at":27},"user-domain-whitelist","User Domain Whitelist","v1.5.1","Warren Harrison","https:\u002F\u002Fprofiles.wordpress.org\u002Fhungrymedia\u002F","\u003Cp>The User Domain Whitelist\u002FBlacklist plugin limits user registration to only registrants with an email address from the domain white list below OR prevents registrants with an email address from the domain black list below from registering. For example, \u003Cem>hortense@example.com\u003C\u002Fem> would only be allowed to register if \u003Cem>example.com\u003C\u002Fem> appeared in the domain white list. Conversely,  \u003Cem>hortense@example.com\u003C\u002Fem> would \u003Cstrong>not\u003C\u002Fstrong> be allowed to register if \u003Cem>example.com\u003C\u002Fem> appeared in the domain black list. Anyone attempting to register using an email address outside the white list or inside te black list will receive the error message below.Anyone attempting to register using an email address outside the white list will receive an error message. Both the domain whitelist and the error message can be modified via the plugin options page (available under the Settings menu).\u003C\u002Fp>\n","The User Domain Whitelist\u002FBlacklist plugin limits user registration to only registrants with an email address from the domain white list provided by t …",13738,"2017-12-25T21:53:00.000Z","2.8.2",[71,21,135,118,136],"email-address","whitelist","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-domain-whitelist.zip","2014-02-22 00:00:00",{"attackSurface":140,"codeSignals":152,"taintFlows":163,"riskAssessment":164,"analyzedAt":170},{"hooks":141,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":13,"unprotectedCount":13},[142],{"type":143,"name":144,"callback":145,"file":146,"line":147},"filter","caldera_forms_get_form_processors","EDCCF_email_domain_processor","cf-email-check.php",28,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":162},[],{"prepared":13,"raw":13,"locations":155},[],{"escaped":13,"rawEcho":31,"locations":157},[158],{"file":159,"line":160,"context":161},"config.php",4,"raw output",[],[],{"summary":165,"deductions":166},"The \"cf-email-domain-check\" plugin v1.1.0 presents a seemingly secure profile based on the provided static analysis.  The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. Furthermore, the code analysis reveals no dangerous functions, file operations, or external HTTP requests, and all SQL queries utilize prepared statements, which are excellent security practices. The lack of any recorded vulnerabilities in its history is also a positive indicator of past security diligence.\n\nHowever, the static analysis does highlight a critical weakness: 100% of the single output found is not properly escaped. This represents a significant risk, as unsanitized output can lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the user's browser. While the attack surface is minimal, this single unescaped output presents a tangible threat that could be exploited if the plugin generates any visible output. The absence of nonce and capability checks, while not directly exploitable due to the limited attack surface, indicates a potential for future security gaps if new entry points are introduced without corresponding security measures.\n\nIn conclusion, while the plugin benefits from a very small attack surface and a clean vulnerability history, the unescaped output is a significant concern that requires immediate attention. The lack of security checks on potential entry points, although currently mitigated by their absence, suggests that future development should prioritize robust authentication and authorization mechanisms.",[167],{"reason":168,"points":169},"Unescaped output found",5,"2026-03-17T01:27:16.546Z",{"wat":172,"direct":177},{"assetPaths":173,"generatorPatterns":174,"scriptPaths":175,"versionParams":176},[],[],[],[],{"cssClasses":178,"htmlComments":179,"htmlAttributes":180,"restEndpoints":186,"jsGlobals":187,"shortcodeOutput":188},[],[],[181,182,183,184,185],"data-field-id","data-field-type","data-field-required","data-field-magic","data-field-label",[],[],[]]