[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_ClZsT0ReHmdb0QHuRp8AMl9Xzf1l05TH-a60mElkuo":3,"$fQEB3d40CsMDvG9riW5wues2TP9SPFrR4UvDWUw_9g4Y":186},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":130,"fingerprints":172},"checkout-bot-shield","Checkout Bot Shield","1.0.0","Pluximo","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluximo\u002F","\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Blocks suspicious, rapid-fire checkout attempts so fake orders and carding bots cannot overwhelm your store. Legit customers still get through.\u003Cbr \u002F>\n\u003Cstrong>Battle tested:\u003C\u002Fstrong> The Pro edition is trusted by 1,000+ stores; this Lite version is a hands-on demo so you can see how it behaves before upgrading.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why you might want it:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Protects revenue and inventory from bot abuse and testing-card attacks.\u003Cbr \u002F>\n– Reduces server load from repeated checkout calls.\u003Cbr \u002F>\n– Gives you visibility via WooCommerce log files without adding new dashboards (source name: \u003Ccode>cbshield\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Limits rapid checkout retries from the same visitor.\u003C\u002Fli>\n\u003Cli>Shows a friendly message when the limit is reached.\u003C\u002Fli>\n\u003Cli>Works with WooCommerce checkout (Store API).\u003C\u002Fli>\n\u003Cli>Adds entries to WooCommerce logs for easy review (\u003Ccode>WooCommerce \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Status \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Logs \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> cbshield-*.log\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>Runs quietly in the background—no extra setup screens.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.8 or later.\u003C\u002Fli>\n\u003Cli>WooCommerce active.\u003C\u002Fli>\n\u003Cli>PHP 7.4 or later.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to verify it works\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Place a few quick checkout attempts from the same browser\u002Fsession; the first attempts should work.\u003C\u002Fli>\n\u003Cli>Another quick attempt right after should be blocked with “Too many checkout attempts. Please try again later.”\u003C\u002Fli>\n\u003Cli>Check WooCommerce logs (source \u003Ccode>cbshield\u003C\u002Fcode>) to see recorded attempts and any blocks.\u003C\u002Fli>\n\u003C\u002Ful>\n","Checkout Bot Shield adds lightweight rate limiting to stop repeated automated orders while keeping real shoppers moving.",0,102,"2026-01-02T08:50:00.000Z","6.9.4","6.8","7.4",[18,19,20,21],"bot","checkout","protection","shield","https:\u002F\u002Fpluximo.com\u002Fcheckout-bot-shield-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-bot-shield.1.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"pluximo",3,30,94,"2026-04-08T08:55:45.733Z",[35,57,74,98,118],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":24,"num_ratings":45,"last_updated":46,"tested_up_to":14,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"carticy-checkout-shield-for-woocommerce","Checkout Shield for WooCommerce – Stop Fake Orders, Spam Bots & Card Testing","1.1.0","carticy","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarticy\u002F","\u003Cp>\u003Cstrong>Checkout Shield\u003C\u002Fstrong> stops fake checkout orders and card testing attacks — the kind that bypass your CAPTCHA.\u003C\u002Fp>\n\u003Cp>Card testing bots don’t fill out your checkout form. They hit your store’s checkout API directly, completely skipping any reCAPTCHA or hCaptcha you’ve set up. That’s why CAPTCHA alone doesn’t stop them.\u003C\u002Fp>\n\u003Cp>This plugin verifies that every checkout request comes from a real browser session. Bots that can’t prove they loaded your checkout page get blocked before WooCommerce processes the order.\u003C\u002Fp>\n\u003Ch4>Why Store Owners Choose This Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Catches what CAPTCHA misses\u003C\u002Fstrong> — blocks bots hitting your checkout API directly\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with any caching\u003C\u002Fstrong> — LiteSpeed, Cloudflare, WP Rocket, W3TC — no conflicts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero configuration\u003C\u002Fstrong> — activate and you’re protected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No external services\u003C\u002Fstrong> — everything runs on your server, no subscriptions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No performance impact\u003C\u002Fstrong> — validation adds microseconds, not seconds\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features (Free)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic bot blocking\u003C\u002Fstrong> — works the moment you activate, no setup needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>4 protection levels\u003C\u002Fstrong> — Learning, Permissive, Balanced, and Strict — choose how aggressive you want to be\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dashboard overview\u003C\u002Fstrong> — see blocked vs verified orders at a glance with a 7-day chart\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order status tracking\u003C\u002Fstrong> — know which orders were flagged, passed, or blocked\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP whitelist\u003C\u002Fstrong> — let trusted addresses through, supports CIDR notation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API key authentication\u003C\u002Fstrong> — for headless and custom checkout setups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with all checkout types\u003C\u002Fstrong> — classic, block-based, and all payment gateways\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HPOS compatible\u003C\u002Fstrong> — works with High-Performance Order Storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce logging\u003C\u002Fstrong> — full integration with WooCommerce Status logs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cp>Take control with advanced tools:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Smart logging\u003C\u002Fstrong> — choose what gets logged: nothing, blocked attempts only, or everything with full details\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recent blocks feed\u003C\u002Fstrong> — see the last 50 blocked attempts right on your dashboard, with email, payment method, and block reason\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic CDN\u002Fproxy detection\u003C\u002Fstrong> — correctly identifies visitor IPs behind Cloudflare, Sucuri, or Akamai without manual configuration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stronger permissive mode\u003C\u002Fstrong> — adds referrer verification on top of session checks for tighter bot detection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout details in logs\u003C\u002Fstrong> — see exactly which email and payment method bots tried to use\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer blocklist\u003C\u002Fstrong> — block repeat offenders by email, name, address, phone, IP, or postal code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order block metabox\u003C\u002Fstrong> — add customers to the blocklist directly from any order screen\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcarticy.com\u002Fplugins\u002Fcheckout-shield-for-woocommerce\u002F\" rel=\"nofollow ugc\">Learn more about Pro features\u003C\u002Fa>\u003C\u002Fp>\n","Stops fake checkout orders, card testing attacks, and spam bots that bypass CAPTCHA. Works instantly with all checkout types.",80,332,1,"2026-03-08T12:38:00.000Z","6.0","8.0",[50,19,51,52,53],"bot-protection","fraud","security","woocommerce","https:\u002F\u002Fcarticy.com\u002Fcheckout-shield","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcarticy-checkout-shield-for-woocommerce.1.1.0.zip","2026-04-06T09:54:40.288Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":11,"downloaded":65,"rating":11,"num_ratings":11,"last_updated":66,"tested_up_to":14,"requires_at_least":47,"requires_php":16,"tags":67,"homepage":72,"download_link":73,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"checkout-origin-guard","Checkout Origin Guard","1.7.1","POTAR","https:\u002F\u002Fprofiles.wordpress.org\u002Fpotar\u002F","\u003Cp>\u003Cstrong>Checkout Origin Guard\u003C\u002Fstrong> protects your WooCommerce store from fake, fraudulent, or automated checkout attempts by identifying and blocking abusive origins before they clutter your order table or your logs.\u003C\u002Fp>\n\u003Cp>The plugin runs \u003Cstrong>client-origin heuristics\u003C\u002Fstrong>, \u003Cstrong>IP controls\u003C\u002Fstrong>, and \u003Cstrong>sequence analysis\u003C\u002Fstrong> to detect non-human traffic and suspicious behavior at checkout. It adds \u003Cstrong>Company Shield\u003C\u002Fstrong> for business and email sanity checks and an optional \u003Cstrong>AVS “U” signal handler\u003C\u002Fstrong> for gateways that report “Address not checked \u002F unavailable”.\u003C\u002Fp>\n\u003Cp>All controls live on a \u003Cstrong>single admin screen\u003C\u002Fstrong>; you can adjust sensitivity, manage allowlists and blocklists, and review traffic logs in one place.\u003C\u002Fp>\n\u003Ch3>Three layers of protection\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bot Block (traffic level)\u003C\u002Fstrong>\u003Cbr \u002F>\nDetects and throttles abusive requests before they become orders:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Analyzes user agents, referrers, and known bot signatures  \u003C\u002Fli>\n\u003Cli>Watches rapid-fire hits to checkout and wc-ajax endpoints  \u003C\u002Fli>\n\u003Cli>Supports monitor, soft, and hard blocking modes  \u003C\u002Fli>\n\u003Cli>Built-in allowlist for search engines, uptime monitors, and core WordPress services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Company Shield (checkout level)\u003C\u002Fstrong>\u003Cbr \u002F>\nValidates business identity and email quality at checkout:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Flags suspicious or synthetic business names  \u003C\u002Fli>\n\u003Cli>Detects repeated syllables, odd vowel ratios, and gibberish patterns  \u003C\u002Fli>\n\u003Cli>Identifies disposable email domains and role-based accounts (admin, info, sales, etc.)  \u003C\u002Fli>\n\u003Cli>Can run in:\n\u003Cul>\n\u003Cli>\u003Cstrong>Monitor\u003C\u002Fstrong>; log and annotate orders  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Soft\u003C\u002Fstrong>; create the order and automatically place it on hold or pending  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hard\u003C\u002Fstrong>; block checkout with a user-facing error message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment AVS signals (post-payment; optional)\u003C\u002Fstrong>\u003Cbr \u002F>\nFor gateways that expose AVS results in order meta, Checkout Origin Guard can treat “AVS: U; unavailable \u002F not checked” as a \u003Cstrong>risk signal\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Does not change how your gateway authorizes or captures payments  \u003C\u002Fli>\n\u003Cli>Can be configured to:\n\u003Cul>\n\u003Cli>Ignore the signal  \u003C\u002Fli>\n\u003Cli>Add an order note only  \u003C\u002Fli>\n\u003Cli>Add an order note and bump a risk-score meta field  \u003C\u002Fli>\n\u003Cli>Put the order on hold for manual review  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Uses flexible pattern matching; can scan specific gateway meta keys or fall back to scanning all order meta for common “AVS: U” messages such as the PayPal string  \u003C\u002Fli>\n\u003Cli>Off by default; you opt in and choose the behavior\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🛡️ \u003Cstrong>Bot Block\u003C\u002Fstrong>; Detects and blocks automated bots by analyzing user agents, referrers, and checkout behavior patterns.\u003C\u002Fli>\n\u003Cli>⚡ \u003Cstrong>Rapid Sequence Detection\u003C\u002Fstrong>; Monitors frequency and timing between checkout attempts to identify scripted attacks and card testing activity.\u003C\u002Fli>\n\u003Cli>🧠 \u003Cstrong>Company Shield\u003C\u002Fstrong>; Flags suspicious or AI-generated business names, email domains, and mixed-character spam entries at checkout.\u003C\u002Fli>\n\u003Cli>🌎 \u003Cstrong>Allowlist Controls\u003C\u002Fstrong>; Preserve access for search engines, uptime monitors, and essential WordPress and WooCommerce services.\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Hard \u002F Soft \u002F Monitor Modes\u003C\u002Fstrong>; Choose between logging only, soft blocking, or full hard blocking.\u003C\u002Fli>\n\u003Cli>🧾 \u003Cstrong>AVS “U” Risk Signals (optional)\u003C\u002Fstrong>; Treat “Address not checked \u002F unavailable” as a post-payment risk signal; add notes, increase risk score, or hold the order.\u003C\u002Fli>\n\u003Cli>🗂️ \u003Cstrong>Log Viewer\u003C\u002Fstrong>; See activity including timestamps, IPs, user agents, paths, and detection outcomes.\u003C\u002Fli>\n\u003Cli>🧩 \u003Cstrong>One-Page Dashboard\u003C\u002Fstrong>; Configure settings, review logs, and manage allow\u002Fdeny lists from a single screen.\u003C\u002Fli>\n\u003Cli>🚫 \u003Cstrong>Manual Block \u002F Unblock\u003C\u002Fstrong>; Instantly remove or restore access for specific IPs with one click.\u003C\u002Fli>\n\u003Cli>💾 \u003Cstrong>CSV Export\u003C\u002Fstrong>; Download checkout-origin activity logs for security review or record keeping.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Online Shops Need it\u003C\u002Fh3>\n\u003Cp>WooCommerce checkouts are frequent targets for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Card testing and BIN probing  \u003C\u002Fli>\n\u003Cli>Fake business registrations and spam accounts  \u003C\u002Fli>\n\u003Cli>Automated scripts hammering your checkout endpoints  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Checkout Origin Guard focuses on \u003Cstrong>checkout behavior and identity quality\u003C\u002Fstrong>, not just generic firewall rules. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reduce chargeback and fraud risk  \u003C\u002Fli>\n\u003Cli>Keep your order list clean and reviewable  \u003C\u002Fli>\n\u003Cli>Shorten the time spent cleaning up junk orders and bogus signups  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin works alongside any existing firewall, CDN, or WAF; it does not rely on external APIs or subscriptions. All data stays on your server.\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Prevent card testing or order spam  \u003C\u002Fli>\n\u003Cli>Stop bots using nonsense or AI-generated company names  \u003C\u002Fli>\n\u003Cli>Detect rapid repeat checkout attempts from the same IP  \u003C\u002Fli>\n\u003Cli>Block suspicious POST requests that hit checkout endpoints  \u003C\u002Fli>\n\u003Cli>Add an extra layer of review for orders where the gateway reports “AVS unavailable \u002F not checked”  \u003C\u002Fli>\n\u003Cli>Maintain cleaner order history and logs for real customers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Cstrong>Michael Winchester\u003C\u002Fstrong>\u003Cbr \u002F>\nFor documentation and updates, visit https:\u002F\u002Fmichaelwinchester.com\u003C\u002Fp>\n","One-page WooCommerce checkout hardening; bot blocking, rate\u002Fsequence checks, business\u002Femail heuristics, and optional AVS-based risk signals.",458,"2026-01-27T22:35:00.000Z",[50,68,69,70,71],"fraud-prevention","ip-blocker","spam","woocommerce-checkout-security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-origin-guard.1.7.1.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":88,"tags":89,"homepage":72,"download_link":94,"security_score":95,"vuln_count":96,"unpatched_count":11,"last_vuln_date":97,"fetched_at":56},"clickcease-click-fraud-protection","ClickCease Click Fraud Protection","3.2.13","eranfl","https:\u002F\u002Fprofiles.wordpress.org\u002Feranfl\u002F","\u003Cp>Bots and invalid traffic can reach your site through paid, organic, and direct traffic, resulting in a wasted ad budget and disrupted marketing funnels.\u003C\u002Fp>\n\u003Cp>Prevent bots, competitors, and malicious users from damaging your marketing performance with ClickCease, the industry-leading service that keeps your website and ads safe from fraud. Quick installation and real-time protection for all your website’s incoming traffic.\u003C\u002Fp>\n\u003Cp>ClickCease protects you from invalid traffic by monitoring and protecting your:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Paid traffic (Google, Facebook, & Microsoft)\u003C\u002Fli>\n\u003Cli>Organic traffic\u003C\u002Fli>\n\u003Cli>Direct traffic\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Put a stop to ad and click fraud on your website with our market-leading AI software. Allow yourself to fully focus on growing your business without having online fraud distract you.\u003C\u002Fp>\n\u003Cp>You will need an active ClickCease subscription to use this WordPress plugin.\u003C\u002Fp>\n","Protect your website and ad campaigns from bots, competitors, and click fraud with ClickCease's advanced fraud prevention and real-time monitoring.",10000,261936,66,7,"2025-07-21T15:27:00.000Z","6.6.5","5.6",[50,90,91,92,93],"click-fraud","clickcease","fraud-protection","website-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclickcease-click-fraud-protection.zip",99,2,"2024-05-06 00:00:00",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":14,"requires_at_least":111,"requires_php":48,"tags":112,"homepage":115,"download_link":116,"security_score":95,"vuln_count":45,"unpatched_count":11,"last_vuln_date":117,"fetched_at":56},"no-bot-registration","No-Bot Registration","2.5.1","Arnan de Gans","https:\u002F\u002Fprofiles.wordpress.org\u002Fadegans\u002F","\u003Cp>Tired of spam bots in your WordPress and ClassicPress website? Do you want to get rid of false registrations and other spammy nonsense? Don’t wan’t to use a clumsy and user-unfriendly Captcha? Don’t want to use a Captcha from Google or other big-tech company period?\u003C\u002Fp>\n\u003Cp>Meet \u003Cstrong>No-Bot Registration\u003C\u002Fstrong>, easy to use, superior protection without making it hard for your visitors. Easily blacklist (partial) email addresses and domains so they can no longer register an account.\u003C\u002Fp>\n\u003Cp>Create one or more questions and a set of possible answers for them and visitors have to answer your question when they register.\u003Cbr \u002F>\nIf they answer wrong, they get denied their account.\u003C\u002Fp>\n\u003Cp>Questions can be as simple as “1 + 1”, with possible answers being 1, one or uno. That way you can plan for eventualities and how people interpret your question.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Protect registration forms\u003C\u002Fli>\n\u003Cli>Protect the WooCommerce checkout form if you let people register from there\u003C\u002Fli>\n\u003Cli>Protect your blog comment form\u003C\u002Fli>\n\u003Cli>Prevents comment spam, trackback spam and other nuisances with ease\u003C\u002Fli>\n\u003Cli>Set up multiple security questions to further confuse bots\u003C\u002Fli>\n\u003Cli>Blacklist any email, domain or tld you don’t like\u003C\u002Fli>\n\u003Cli>Configurable notification messages for users failing the security tests\u003C\u002Fli>\n\u003C\u002Ful>\n","Prevent bots from creating accounts by blacklisting domains and usernames and present people with a human friendly security question.",2000,36293,88,27,"2025-12-28T03:50:00.000Z","5.8",[113,18,114,20,52],"antispam","crawler","https:\u002F\u002Fajdg.solutions\u002Fproduct\u002Fno-bot-registration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-bot-registration.2.5.1.zip","2024-04-09 00:00:00",{"slug":119,"name":120,"version":121,"author":78,"author_profile":79,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":11,"num_ratings":11,"last_updated":126,"tested_up_to":87,"requires_at_least":88,"requires_php":88,"tags":127,"homepage":72,"download_link":129,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":56},"cheq-essentials-go-to-market-security","CHEQ Essentials","1.13","\u003Cp>As a website owner, one of the biggest challenges you face is dealing with invalid traffic. Invalid traffic (27% of direct and organic traffic on average in 2022) refers to any non-human or fraudulent activity, such as bots, click farms, and other forms of automated traffic. This can not only damage your site’s reputation but also result in lost revenue, slow performance, and skewed data that damage your decision-making.\u003C\u002Fp>\n\u003Cp>CHEQ Essentials is here to help. We use advanced algorithms and machine learning techniques to analyze user behavior and distinguish between legitimate and invalid traffic.\u003C\u002Fp>\n\u003Cp>With this plugin, you can automatically monitor your website traffic in real time and identify any suspicious patterns or behavior. The plugin also provides detailed reports and analytics that can help you better understand your traffic and identify any potential issues.\u003C\u002Fp>\n\u003Cp>Once the plugin detects invalid traffic, it can take immediate action to prevent further damage. This may include blocking IP addresses on Google Ads, redirecting traffic to a 403 page, or implementing other measures to prevent bots and other automated traffic from accessing your site.\u003C\u002Fp>\n\u003Cp>Overall, this is an essential tool for any website owner who wants to secure and protect their site from fraudulent activity and ensure a safe and reliable user experience. With CHEQ Essentials, you can rest assured that your site is protected from invalid traffic and other forms of online fraud.\u003C\u002Fp>\n\u003Cp>You will need an active CHEQ Essentials subscription to use this WordPress plugin.\u003C\u002Fp>\n","Protect, analyze & block threats in real time your website from bots, click fraud, and invalid traffic with CHEQ Essentials.",700,6871,"2025-07-21T15:20:00.000Z",[50,90,92,128,93],"spam-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheq-essentials-go-to-market-security.zip",{"attackSurface":131,"codeSignals":153,"taintFlows":164,"riskAssessment":165,"analyzedAt":171},{"hooks":132,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":11,"unprotectedCount":11},[133,139,143],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","before_woocommerce_init","cbshield_declare_hpos_compatibility","checkout-bot-shield.php",59,{"type":134,"name":140,"callback":141,"file":137,"line":142},"woocommerce_init","cbshield_init",75,{"type":144,"name":145,"callback":146,"priority":147,"file":137,"line":148},"filter","rest_pre_dispatch","block_store_api_checkout",10,85,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":161,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":45,"bundledLibraries":163},[],{"prepared":11,"raw":45,"locations":156},[157],{"file":158,"line":159,"context":160},"uninstall.php",23,"$wpdb->query() with variable interpolation",{"escaped":45,"rawEcho":11,"locations":162},[],[],[],{"summary":166,"deductions":167},"The \"checkout-bot-shield\" plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. There are no identified entry points into the plugin that are unprotected, and a notable absence of dangerous functions, SQL injection vulnerabilities (due to prepared statements being used for the single SQL query), and critical taint flows is a significant strength. The fact that all output is properly escaped and there are no file operations or external HTTP requests further bolsters its security. The plugin also demonstrates good security practice by including at least one capability check, and the absence of any known CVEs in its history is a very positive indicator of its overall security development and maintenance. The lack of any recorded vulnerabilities, common or otherwise, suggests a history of secure code.  \n\nHowever, the complete absence of nonce checks, while not directly exploitable given the current lack of AJAX handlers and REST API routes, represents a potential future risk. If new endpoints are added in subsequent versions without proper nonce implementation, this could become an attack vector. The zero nonces and zero unprotected entry points, while currently a strength, mean that the plugin relies heavily on its current minimal attack surface for security, and future expansion could introduce vulnerabilities if security practices like nonce checking are not implemented proactively.  \n\nOverall, this plugin appears to be developed with security in mind, with no immediate critical vulnerabilities detected. The primary area for improvement would be to incorporate nonce checks if the plugin's functionality expands to include user-interactive endpoints.",[168],{"reason":169,"points":170},"No nonce checks found",5,"2026-03-17T07:27:30.011Z",{"wat":173,"direct":178},{"assetPaths":174,"generatorPatterns":175,"scriptPaths":176,"versionParams":177},[],[],[],[],{"cssClasses":179,"htmlComments":180,"htmlAttributes":181,"restEndpoints":182,"jsGlobals":184,"shortcodeOutput":185},[],[],[],[183],"\u002Fwp-json\u002Fcbshield\u002Fv1\u002Fcheck",[],[],{"slug":4,"current_version":6,"total_versions":11,"versions":187},[]]