[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNgaHyYhTb-x2_1w9CNGxaEKnjX9_V7R9KomIbEK-HrU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":137,"fingerprints":214},"cfb-must-login","CFB Must Login","1.0.0","Code For Broke","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodeforbroke\u002F","\u003Cp>Must Login is a lightweight, user-friendly plugin that allows you to require login for your entire site with just one click. Perfect for membership sites, private blogs, intranets, or any site that needs to restrict access to registered users only.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-Click Toggle\u003C\u002Fstrong> – Enable or disable login requirement instantly from the admin bar\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Protection\u003C\u002Fstrong> – Configurable authentication requirement for REST API endpoints\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Cache Clearing\u003C\u002Fstrong> – Automatically clears popular caching plugins when toggling protection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Bar Status Indicator\u003C\u002Fstrong> – Always see at a glance whether login is required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple Settings Page\u003C\u002Fstrong> – Easy-to-use settings interface\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Override\u003C\u002Fstrong> – Administrators always have access, even when login is required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Redirects\u003C\u002Fstrong> – Users are redirected to login and then back to their intended page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Selective Endpoint Access\u003C\u002Fstrong> – Allow specific REST API endpoints for forms and authentication\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache Compatibility\u003C\u002Fstrong> – Works with WP Super Cache, W3 Total Cache, WP Rocket, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Configuration Needed\u003C\u002Fstrong> – Works perfectly out of the box\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight\u003C\u002Fstrong> – Minimal impact on site performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong> – Fully internationalized and ready for translation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Click the lock icon in the admin bar to toggle login requirement\u003C\u002Fli>\n\u003Cli>That’s it! Your site is now protected\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>When enabled, all visitors must log in to view any page on your site. Administrators can quickly toggle this on or off from anywhere on the site using the admin bar.\u003C\u002Fp>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Ch4>Filters\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>cfb_must_login_redirect_url\u003C\u002Fstrong> – Customize the login redirect URL\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('cfb_must_login_redirect_url', function($redirect_url, $redirect_to) {\n    return 'https:\u002F\u002Fexample.com\u002Fcustom-login';\n}, 10, 2);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>cfb_must_login_allowed_rest_routes\u003C\u002Fstrong> – Allow additional REST API endpoints\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('cfb_must_login_allowed_rest_routes', function($routes) {\n    $routes[] = '\u002Fmy-plugin\u002Fv1\u002Fpublic';\n    return $routes;\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Actions\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>cfb_must_login_clear_cache\u003C\u002Fstrong> – Triggered when cache is cleared\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action('cfb_must_login_clear_cache', function() {\n    \u002F\u002F Custom cache clearing logic\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Capabilities\u003C\u002Fh4>\n\u003Cp>The plugin uses the \u003Ccode>cfb_must_login_manage\u003C\u002Fcode> capability, which is mapped to \u003Ccode>manage_options\u003C\u002Fcode> by default. You can customize this using the \u003Ccode>map_meta_cap\u003C\u002Fcode> filter.\u003C\u002Fp>\n","Require users to log in before viewing your site with easy admin toggle controls. Includes REST API protection and automatic cache clearing.",0,112,"2025-12-31T18:50:00.000Z","6.9.4","5.0","7.4",[18,19,20,21,22],"login","members","private","rest-api","security","https:\u002F\u002Fgithub.com\u002Fcodeforbroke\u002Fmust-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcfb-must-login.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"codeforbroke",2,10,30,94,"2026-04-04T13:47:41.759Z",[37,60,81,99,118],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":14,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":31,"unpatched_count":11,"last_vuln_date":59,"fetched_at":27},"jonradio-private-site","My Private Site","4.1.0","David Gewirtz","https:\u002F\u002Fprofiles.wordpress.org\u002Fdgewirtz\u002F","\u003Cp>\u003Cstrong>My Private Site\u003C\u002Fstrong> makes your WordPress site private so only logged-in users can see your content. With one click, you can restrict access to all posts and pages, automatically redirect visitors to the login screen, and keep your site visible only to people you trust.\u003C\u002Fp>\n\u003Cp>Unlike full membership or subscription systems, My Private Site focuses on strong privacy without unnecessary complexity. It is ideal for family sites, schools, clubs, client previews, or development environments where you want to share content with a trusted audience without managing payments, profiles, or custom roles.\u003C\u002Fp>\n\u003Ch3>Ideal Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Family sites and school projects\u003C\u002Fstrong>: Share personal updates, photos, or assignments only with family members, classmates, or teachers you choose.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development and staging sites\u003C\u002Fstrong>: Safely show work-in-progress to clients or teammates without exposing unfinished content or letting it be indexed by search engines.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clubs, groups, and internal blogs\u003C\u002Fstrong>: Create a private online space for members or staff without the overhead of a complex membership system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Digital Fortress protection\u003C\u002Fh3>\n\u003Cp>My Private Site helps protect the “front door” of your private site with built-in safeguards for login and user registration, including registration spam protection and optional reCAPTCHA support. It also includes AI Crawler Defense to discourage automated collection of your site’s content.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Make your entire WordPress site private with a single setting  \u003C\u002Fli>\n\u003Cli>Redirect logged-out visitors automatically to the login page  \u003C\u002Fli>\n\u003Cli>Choose where users land after login (requested page, home, dashboard, or custom URL)  \u003C\u002Fli>\n\u003Cli>Support user self-registration on private sites when enabled  \u003C\u002Fli>\n\u003Cli>Protect registration with built-in spam controls and optional reCAPTCHA  \u003C\u002Fli>\n\u003Cli>Optionally block unauthenticated access to the WordPress REST API  \u003C\u002Fli>\n\u003Cli>Simple, no-code setup using standard WordPress settings \u003C\u002Fli>\n\u003Cli>Privacy shortcode lets you selectively show or hide content within a page or post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built-in AI Crawler Defense\u003C\u002Fh3>\n\u003Cp>The internet is rapidly changing, with AI crawlers and bots harvesting content without consent. My Private Site helps you defend your work with integrated \u003Cstrong>AI Crawler Defense\u003C\u002Fstrong> features:\u003Cbr \u002F>\n* \u003Cstrong>NoAI and NoImageAI tags\u003C\u002Fstrong>: Automatically add meta tags and headers that signal compliant AI systems not to use your text or images for training.\u003Cbr \u002F>\n* \u003Cstrong>Block GPTBot\u003C\u002Fstrong>: Add a robots.txt rule to prevent OpenAI’s crawler from accessing your site.\u003Cbr \u002F>\n* \u003Cstrong>Really Simple Licensing (RSL)\u003C\u002Fstrong>: Publish a machine-readable license that explicitly prohibits AI training on your content.\u003C\u002Fp>\n\u003Cp>These protections are included free in the core plugin, easy to enable with a checkbox, and designed to safeguard your site without affecting normal visitors or search engines. You can use them even if you’re not using any other site privacy features.\u003C\u002Fp>\n\u003Ch3>Watch the Video Overview and Demo\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fjry3DHD-OB8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Premium Add-ons\u003C\u002Fh3>\n\u003Cp>Premium add-ons turn My Private Site into a comprehensive privacy suite, giving you enterprise-style layered security defenses, smarter oversight, and flexible access, without the complexity or cost.\u003C\u002Fp>\n\u003Cp>Advanced AI Crawler Defense, Visitor Intelligence, and Block IP provide protections regardless of whether you’re using any site privacy features.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FB6s8O9VZLc0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-public-pages\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Public Pages 2.0\u003C\u002Fstrong>\u003C\u002Fa>: Allows site operators to designate certain specific pages, or pages with specified prefix, to be available to the public without login. Now also allows public site, private pages. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fu7BuYtzS_pI\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-advanced-ai-defense\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Advanced AI Crawler Defense\u003C\u002Fstrong>\u003C\u002Fa>: Protect WordPress content from AI crawlers using licensing, opt-out tags, selective bot blocking, and firewall defenses to control and safeguard your data. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FEb4qQDafaRk\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-visitor-intelligence\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Visitor Intelligence\u003C\u002Fstrong>\u003C\u002Fa>: Track logins, logouts, failed attempts, and bot activity with a unified log, anomaly detection, and export tools for stronger site oversight and security. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FTTK8bGVD8pM\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-guest-access\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Guest Access\u003C\u002Fstrong>\u003C\u002Fa>: Grant temporary, secure access to private WordPress content using unique shareable links with expiration, one-time use, and full admin-controlled invite management. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fj1vYV8lhqcc\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-block-ip\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Block IP\u003C\u002Fstrong>\u003C\u002Fa>: Block unwanted visitors by IP address or range with full IPv4\u002FIPv6 support, configurable scope, and fast enforcement to secure your WordPress site. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FvsxLqYXWITs\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-tags-and-categories\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Tags & Categories\u003C\u002Fstrong>\u003C\u002Fa>: Allows you to make pages public or (with Public Pages 2.0) private based on tags and categories. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FdEv7lXxU5lo\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-selective-content\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Selective Content\u003C\u002Fstrong>\u003C\u002Fa>: Allows hiding, showing, and obscurifying page content through the use of shortcodes. Can also selectively hide widgets and sidebars. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FexgJrJJSCNY\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-pricing\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Digital Fortress Bundle\u003C\u002Fstrong>\u003C\u002Fa>: All add-ons are available in bundle form.  \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FB6s8O9VZLc0\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Limits\u003C\u002Fh3>\n\u003Cp>This plugin does not hide non-WordPress web pages, such as .html and .php files. It also won’t restrict images and other media and text files directly accessed by their URL. If your hosting provider’s filesystem protections haven’t been set up correctly, files may also be accessed by directory listing.\u003C\u002Fp>\n\u003Ch3>Support Note\u003C\u002Fh3>\n\u003Cp>Support has moved to the ZATZLabs site and is no longer provided on the WordPress.org forums. If you need a timely reply from the developer, please \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">open a ticket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Mailing List\u003C\u002Fh3>\n\u003Cp>If you’d like to keep up with the latest updates to this plugin, please visit \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Flab-notes\u002F\" rel=\"nofollow ugc\">David’s Lab Notes\u003C\u002Fa> and add yourself to the mailing list.\u003C\u002Fp>\n","Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.",20000,568968,90,80,"2026-01-28T21:00:00.000Z","4.4","5.4",[18,53,54,55,22],"privacy","private-site","registration","http:\u002F\u002Fzatzlabs.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjonradio-private-site.4.1.0.zip",99,"2024-02-16 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":14,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":79,"download_link":80,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"expire-user-passwords","Expire User Passwords","1.4.2","Matt Miller","https:\u002F\u002Fprofiles.wordpress.org\u002Fmillermedianow\u002F","\u003Cp>Note: This is a forked version of the now unsupported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexpire-passwords\u002F\" rel=\"ugc\">Expire Passwords\u003C\u002Fa> plugin. The notes below are copied over from the original plugin and will be updated as relevant updates become available. Please help by contributing to the GitHub repository \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">Expire Passwords\u003C\u002Fa> on GitHub\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-user-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Albanian (Shqip)\u003C\u002Fli>\n\u003Cli>Arabic (العربية)\u003C\u002Fli>\n\u003Cli>Armenian (Հայերեն)\u003C\u002Fli>\n\u003Cli>Basque (Euskara)\u003C\u002Fli>\n\u003Cli>Bengali (বাংলা)\u003C\u002Fli>\n\u003Cli>Bulgarian (Български)\u003C\u002Fli>\n\u003Cli>Catalan (Català)\u003C\u002Fli>\n\u003Cli>Chinese Simplified (简体中文)\u003C\u002Fli>\n\u003Cli>Croatian (Hrvatski)\u003C\u002Fli>\n\u003Cli>Czech (Čeština)\u003C\u002Fli>\n\u003Cli>Danish (Dansk)\u003C\u002Fli>\n\u003Cli>Dutch (Nederlands)\u003C\u002Fli>\n\u003Cli>Estonian (Eesti)\u003C\u002Fli>\n\u003Cli>Finnish (Suomi)\u003C\u002Fli>\n\u003Cli>French (Français)\u003C\u002Fli>\n\u003Cli>Galician (Galego)\u003C\u002Fli>\n\u003Cli>Georgian (ქართული)\u003C\u002Fli>\n\u003Cli>German (Deutsch)\u003C\u002Fli>\n\u003Cli>Greek (Ελληνικά)\u003C\u002Fli>\n\u003Cli>Hebrew (עברית)\u003C\u002Fli>\n\u003Cli>Hindi (हिन्दी)\u003C\u002Fli>\n\u003Cli>Hungarian (Magyar)\u003C\u002Fli>\n\u003Cli>Indonesian (Bahasa Indonesia)\u003C\u002Fli>\n\u003Cli>Irish (Gaeilge)\u003C\u002Fli>\n\u003Cli>Italian (Italiano)\u003C\u002Fli>\n\u003Cli>Japanese (日本語)\u003C\u002Fli>\n\u003Cli>Korean (한국어)\u003C\u002Fli>\n\u003Cli>Latvian (Latviešu)\u003C\u002Fli>\n\u003Cli>Lithuanian (Lietuvių)\u003C\u002Fli>\n\u003Cli>Macedonian (Македонски)\u003C\u002Fli>\n\u003Cli>Norwegian (Norsk)\u003C\u002Fli>\n\u003Cli>Persian (فارسی)\u003C\u002Fli>\n\u003Cli>Persian – Afghanistan (دری)\u003C\u002Fli>\n\u003Cli>Polish (Polski)\u003C\u002Fli>\n\u003Cli>Portuguese – Brazil (Português do Brasil)\u003C\u002Fli>\n\u003Cli>Portuguese – Portugal (Português)\u003C\u002Fli>\n\u003Cli>Romanian (Română)\u003C\u002Fli>\n\u003Cli>Russian (Русский)\u003C\u002Fli>\n\u003Cli>Serbian (Српски)\u003C\u002Fli>\n\u003Cli>Slovak (Slovenčina)\u003C\u002Fli>\n\u003Cli>Slovenian (Slovenščina)\u003C\u002Fli>\n\u003Cli>Spanish (Español)\u003C\u002Fli>\n\u003Cli>Swedish (Svenska)\u003C\u002Fli>\n\u003Cli>Tamil (தமிழ்)\u003C\u002Fli>\n\u003Cli>Thai (ไทย)\u003C\u002Fli>\n\u003Cli>Turkish (Türkçe)\u003C\u002Fli>\n\u003Cli>Ukrainian (Українська)\u003C\u002Fli>\n\u003Cli>Urdu (اردو)\u003C\u002Fli>\n\u003Cli>Vietnamese (Tiếng Việt)\u003C\u002Fli>\n\u003Cli>Welsh (Cymraeg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",3000,57937,84,5,"2026-02-17T09:27:00.000Z","4.0","8.1",[18,76,77,22,78],"membership","passwords","users","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-user-passwords.1.4.2.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":25,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":79,"tags":95,"homepage":79,"download_link":97,"security_score":98,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"prevent-concurrent-logins","Prevent Concurrent Logins","0.4.0","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fprevent-concurrent-logins\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Deters members\u002Fsubscribers from sharing their accounts with others\u003C\u002Fli>\n\u003Cli>Hardens security by destoying old sessions automatically\u003C\u002Fli>\n\u003Cli>Prompts old sessions to login again if they want to continue\u003C\u002Fli>\n\u003Cli>Ideal for membership sites and web applications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> If you plan to network-activate this plugin on a multisite network, please install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproper-network-activation\u002F\" rel=\"ugc\">Proper Network Activation\u003C\u002Fa> plugin \u003Cem>beforehand\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fprevent-concurrent-logins\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Prevents users from staying logged into the same account from multiple places.",900,17293,17,"2016-08-16T22:21:00.000Z","4.6.30","4.1",[18,76,22,96,78],"sensei","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-concurrent-logins.0.4.0.zip",85,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":25,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":15,"requires_php":112,"tags":113,"homepage":116,"download_link":117,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"private-website","Private Website – Login Required","0.2.9","roehler","https:\u002F\u002Fprofiles.wordpress.org\u002Froehler\u002F","\u003Cp>\u003Cstrong>Private Website – Login Required\u003C\u002Fstrong> is a simple and straightforward WordPress plugin designed to restrict access to your website. By activating this plugin, users must be logged in to view any content on your site. This is ideal for websites that host sensitive or exclusive content and want to ensure that only authenticated users can access it.\u003C\u002Fp>\n\u003Cp>There are no complicated settings to configure. Simply activate the plugin to enforce the login requirement and deactivate it to remove the restriction.\u003C\u002Fp>\n\u003Cp>This plugin was developed by \u003Ca href=\"https:\u002F\u002Froehler.nrw\" rel=\"nofollow ugc\">Robin Oehler\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Private Website – Login Required uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK does not gather any data by default. The SDK only starts gathering basic telemetry data when a user allows it via the admin notice. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK DOES NOT IMMEDIATELY start gathering data, without confirmation from users in any case.\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Bugs & Feedback\u003C\u002Fh3>\n\u003Cp>Your feedback is important to me. If you find mistakes, have wishes, ideas, or suggestions, please send an email to \u003Ca href=\"mailto:mail@roehler.nrw\" rel=\"nofollow ugc\">mail@roehler.nrw\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Legal notice (German): \u003Ca href=\"https:\u002F\u002Froehler.nrw\u002Fimpressum\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Froehler.nrw\u002Fimpressum\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You are free to use it on any website across countries to protect the privacy of your users.\u003C\u002Fp>\n\u003Cp>Note: Activating this plugin cannot guarantee that your website is completely compliant with GDPR. When using Google Analytics, Facebook pixels, or other similar tools, additional measures may need to be taken.\u003C\u002Fp>\n","This plugin requires users to be logged in to view the website. Activate the plugin to enforce login, and deactivate it to remove the restriction.",200,2528,1,"2025-09-08T20:58:00.000Z","6.8.5","7.0",[18,19,20,114,115],"restrict-access","user-authentication","https:\u002F\u002Fwww.roehler.nrw","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-website.0.2.9.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":25,"downloaded":126,"rating":11,"num_ratings":11,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":79,"tags":130,"homepage":135,"download_link":136,"security_score":98,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"admin-ssl-secure-admin","Admin SSL","2.0-b2","blenjee","https:\u002F\u002Fprofiles.wordpress.org\u002Fblenjee\u002F","\u003Cp>Admin SSL secures login page, admin area, posts, pages – whatever you want – using Private SSL.\u003Cbr \u002F>\nOnce you have activated the plugin please go to the Admin SSL config page to enable SSL, and\u003Cbr \u002F>\nread the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Each time you update Admin SSL, please read the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003Cbr \u002F>\nand \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> in\u003Cbr \u002F>\ncase there is some important information relating to the update.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Forces SSL on all pages where passwords can be entered.\u003C\u002Fli>\n\u003Cli>Works with Private SSL.\u003C\u002Fli>\n\u003Cli>Custom additional URLS (e.g. wp-admin\u002F) can be secured through the config page.\u003C\u002Fli>\n\u003Cli>You can choose where you want the Admin SSL config page to appear!\u003C\u002Fli>\n\u003Cli>Works on WordPress 3.0 – 3.1.1; for previous versions of WordPress please use version 1.4.1,\u003Cbr \u002F>\nbut note it is no longer supported – you should upgrade to the latest WordPress version.\u003C\u002Fli>\n\u003C\u002Fol>\n","Admin SSL secures login page, admin area, posts, pages - whatever you want - using Private SSL.",53005,"2011-04-24T15:21:00.000Z","3.1.4","3.0",[131,132,22,133,134],"private-ssl","secure-login","shared-ssl","ssl","http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-ssl-secure-admin.2.0.zip",{"attackSurface":138,"codeSignals":197,"taintFlows":209,"riskAssessment":210,"analyzedAt":213},{"hooks":139,"ajaxHandlers":183,"restRoutes":194,"shortcodes":195,"cronEvents":196,"entryPointCount":31,"unprotectedCount":11},[140,145,149,153,157,161,165,169,173,176,181],{"type":141,"name":142,"callback":142,"file":143,"line":144},"action","init","cfb-must-login.php",55,{"type":141,"name":146,"callback":147,"file":143,"line":148},"admin_menu","add_admin_menu",58,{"type":141,"name":150,"callback":151,"file":143,"line":152},"admin_init","register_settings",59,{"type":141,"name":154,"callback":155,"priority":25,"file":143,"line":156},"admin_bar_menu","add_admin_bar_item",62,{"type":141,"name":158,"callback":159,"file":143,"line":160},"admin_notices","display_cache_warning",66,{"type":141,"name":162,"callback":163,"file":143,"line":164},"admin_enqueue_scripts","enqueue_admin_assets",70,{"type":141,"name":166,"callback":167,"file":143,"line":168},"wp_enqueue_scripts","enqueue_frontend_assets",71,{"type":141,"name":170,"callback":171,"file":143,"line":172},"template_redirect","enforce_login",74,{"type":141,"name":150,"callback":174,"file":143,"line":175},"enforce_admin_login",75,{"type":177,"name":178,"callback":179,"priority":58,"file":143,"line":180},"filter","rest_authentication_errors","enforce_rest_api_authentication",78,{"type":177,"name":182,"callback":182,"priority":32,"file":143,"line":70},"map_meta_cap",[184,190],{"action":185,"nopriv":186,"callback":187,"hasNonce":188,"hasCapCheck":188,"file":143,"line":189},"cfb_must_login_toggle_status",false,"ajax_toggle_status",true,63,{"action":191,"nopriv":186,"callback":192,"hasNonce":188,"hasCapCheck":188,"file":143,"line":193},"cfb_must_login_dismiss_cache_notice","dismiss_cache_notice",67,[],[],[],{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":201,"fileOperations":11,"externalRequests":11,"nonceChecks":31,"capabilityChecks":207,"bundledLibraries":208},[],{"prepared":11,"raw":11,"locations":200},[],{"escaped":202,"rawEcho":109,"locations":203},13,[204],{"file":143,"line":205,"context":206},352,"raw output",7,[],[],{"summary":211,"deductions":212},"The \"cfb-must-login\" plugin v1.0.0 exhibits a strong security posture based on the provided static analysis.  It demonstrates excellent adherence to secure coding practices by implementing nonce checks and capability checks for all identified entry points, which are limited to two AJAX handlers. The absence of dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), file operations, and external HTTP requests further bolsters its security. Crucially, the code passes taint analysis with no identified unsanitized flows, indicating robust input validation and sanitization where applicable.\n\nWhile the static analysis reveals a very clean codebase with no immediate vulnerabilities, the limited scope of the analysis (zero taint flows analyzed) means there's a theoretical possibility of undiscovered issues, especially in more complex interactions not captured. The plugin's vulnerability history is also clean, with no recorded CVEs, which is a positive indicator of developer diligence. However, this can also be a double-edged sword; it might mean the plugin hasn't been extensively scrutinized by security researchers, or its functionality is simple enough to avoid common pitfalls.\n\nOverall, \"cfb-must-login\" v1.0.0 appears to be a securely developed plugin. Its strengths lie in its minimal attack surface, proper authentication and authorization for its entry points, and avoidance of common web vulnerabilities. The primary area for potential, albeit currently unevidenced, concern is the unknown thoroughness of taint analysis. For its current version and without historical issues, it presents a low-risk profile.",[],"2026-03-17T07:06:48.910Z",{"wat":215,"direct":228},{"assetPaths":216,"generatorPatterns":221,"scriptPaths":222,"versionParams":223},[217,218,219,220],"\u002Fwp-content\u002Fplugins\u002Fcfb-must-login\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcfb-must-login\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fcfb-must-login\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fcfb-must-login\u002Fjs\u002Ffrontend.js",[],[218,220],[224,225,226,227],"cfb-must-login\u002Fcss\u002Fadmin.css?ver=","cfb-must-login\u002Fjs\u002Fadmin.js?ver=","cfb-must-login\u002Fcss\u002Ffrontend.css?ver=","cfb-must-login\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":229,"htmlComments":231,"htmlAttributes":232,"restEndpoints":234,"jsGlobals":236,"shortcodeOutput":238},[230],"cfb-must-login-admin-settings",[],[233],"data-toggle-url",[235],"\u002Fwp-json\u002Fcfb-must-login\u002Fv1\u002Fstatus",[237],"cfbMustLoginAdmin",[]]