[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqrFfrex3nCCv0NbnAv1PeotyOAHCEYfAV-4URgSUV6c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":135,"fingerprints":259},"checkout-origin-guard","Checkout Origin Guard","1.7.1","POTAR","https:\u002F\u002Fprofiles.wordpress.org\u002Fpotar\u002F","\u003Cp>\u003Cstrong>Checkout Origin Guard\u003C\u002Fstrong> protects your WooCommerce store from fake, fraudulent, or automated checkout attempts by identifying and blocking abusive origins before they clutter your order table or your logs.\u003C\u002Fp>\n\u003Cp>The plugin runs \u003Cstrong>client-origin heuristics\u003C\u002Fstrong>, \u003Cstrong>IP controls\u003C\u002Fstrong>, and \u003Cstrong>sequence analysis\u003C\u002Fstrong> to detect non-human traffic and suspicious behavior at checkout. It adds \u003Cstrong>Company Shield\u003C\u002Fstrong> for business and email sanity checks and an optional \u003Cstrong>AVS “U” signal handler\u003C\u002Fstrong> for gateways that report “Address not checked \u002F unavailable”.\u003C\u002Fp>\n\u003Cp>All controls live on a \u003Cstrong>single admin screen\u003C\u002Fstrong>; you can adjust sensitivity, manage allowlists and blocklists, and review traffic logs in one place.\u003C\u002Fp>\n\u003Ch3>Three layers of protection\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bot Block (traffic level)\u003C\u002Fstrong>\u003Cbr \u002F>\nDetects and throttles abusive requests before they become orders:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Analyzes user agents, referrers, and known bot signatures  \u003C\u002Fli>\n\u003Cli>Watches rapid-fire hits to checkout and wc-ajax endpoints  \u003C\u002Fli>\n\u003Cli>Supports monitor, soft, and hard blocking modes  \u003C\u002Fli>\n\u003Cli>Built-in allowlist for search engines, uptime monitors, and core WordPress services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Company Shield (checkout level)\u003C\u002Fstrong>\u003Cbr \u002F>\nValidates business identity and email quality at checkout:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Flags suspicious or synthetic business names  \u003C\u002Fli>\n\u003Cli>Detects repeated syllables, odd vowel ratios, and gibberish patterns  \u003C\u002Fli>\n\u003Cli>Identifies disposable email domains and role-based accounts (admin, info, sales, etc.)  \u003C\u002Fli>\n\u003Cli>Can run in:\n\u003Cul>\n\u003Cli>\u003Cstrong>Monitor\u003C\u002Fstrong>; log and annotate orders  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Soft\u003C\u002Fstrong>; create the order and automatically place it on hold or pending  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hard\u003C\u002Fstrong>; block checkout with a user-facing error message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment AVS signals (post-payment; optional)\u003C\u002Fstrong>\u003Cbr \u002F>\nFor gateways that expose AVS results in order meta, Checkout Origin Guard can treat “AVS: U; unavailable \u002F not checked” as a \u003Cstrong>risk signal\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Does not change how your gateway authorizes or captures payments  \u003C\u002Fli>\n\u003Cli>Can be configured to:\n\u003Cul>\n\u003Cli>Ignore the signal  \u003C\u002Fli>\n\u003Cli>Add an order note only  \u003C\u002Fli>\n\u003Cli>Add an order note and bump a risk-score meta field  \u003C\u002Fli>\n\u003Cli>Put the order on hold for manual review  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Uses flexible pattern matching; can scan specific gateway meta keys or fall back to scanning all order meta for common “AVS: U” messages such as the PayPal string  \u003C\u002Fli>\n\u003Cli>Off by default; you opt in and choose the behavior\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🛡️ \u003Cstrong>Bot Block\u003C\u002Fstrong>; Detects and blocks automated bots by analyzing user agents, referrers, and checkout behavior patterns.\u003C\u002Fli>\n\u003Cli>⚡ \u003Cstrong>Rapid Sequence Detection\u003C\u002Fstrong>; Monitors frequency and timing between checkout attempts to identify scripted attacks and card testing activity.\u003C\u002Fli>\n\u003Cli>🧠 \u003Cstrong>Company Shield\u003C\u002Fstrong>; Flags suspicious or AI-generated business names, email domains, and mixed-character spam entries at checkout.\u003C\u002Fli>\n\u003Cli>🌎 \u003Cstrong>Allowlist Controls\u003C\u002Fstrong>; Preserve access for search engines, uptime monitors, and essential WordPress and WooCommerce services.\u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Hard \u002F Soft \u002F Monitor Modes\u003C\u002Fstrong>; Choose between logging only, soft blocking, or full hard blocking.\u003C\u002Fli>\n\u003Cli>🧾 \u003Cstrong>AVS “U” Risk Signals (optional)\u003C\u002Fstrong>; Treat “Address not checked \u002F unavailable” as a post-payment risk signal; add notes, increase risk score, or hold the order.\u003C\u002Fli>\n\u003Cli>🗂️ \u003Cstrong>Log Viewer\u003C\u002Fstrong>; See activity including timestamps, IPs, user agents, paths, and detection outcomes.\u003C\u002Fli>\n\u003Cli>🧩 \u003Cstrong>One-Page Dashboard\u003C\u002Fstrong>; Configure settings, review logs, and manage allow\u002Fdeny lists from a single screen.\u003C\u002Fli>\n\u003Cli>🚫 \u003Cstrong>Manual Block \u002F Unblock\u003C\u002Fstrong>; Instantly remove or restore access for specific IPs with one click.\u003C\u002Fli>\n\u003Cli>💾 \u003Cstrong>CSV Export\u003C\u002Fstrong>; Download checkout-origin activity logs for security review or record keeping.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Online Shops Need it\u003C\u002Fh3>\n\u003Cp>WooCommerce checkouts are frequent targets for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Card testing and BIN probing  \u003C\u002Fli>\n\u003Cli>Fake business registrations and spam accounts  \u003C\u002Fli>\n\u003Cli>Automated scripts hammering your checkout endpoints  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Checkout Origin Guard focuses on \u003Cstrong>checkout behavior and identity quality\u003C\u002Fstrong>, not just generic firewall rules. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reduce chargeback and fraud risk  \u003C\u002Fli>\n\u003Cli>Keep your order list clean and reviewable  \u003C\u002Fli>\n\u003Cli>Shorten the time spent cleaning up junk orders and bogus signups  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin works alongside any existing firewall, CDN, or WAF; it does not rely on external APIs or subscriptions. All data stays on your server.\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Prevent card testing or order spam  \u003C\u002Fli>\n\u003Cli>Stop bots using nonsense or AI-generated company names  \u003C\u002Fli>\n\u003Cli>Detect rapid repeat checkout attempts from the same IP  \u003C\u002Fli>\n\u003Cli>Block suspicious POST requests that hit checkout endpoints  \u003C\u002Fli>\n\u003Cli>Add an extra layer of review for orders where the gateway reports “AVS unavailable \u002F not checked”  \u003C\u002Fli>\n\u003Cli>Maintain cleaner order history and logs for real customers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Cstrong>Michael Winchester\u003C\u002Fstrong>\u003Cbr \u002F>\nFor documentation and updates, visit https:\u002F\u002Fmichaelwinchester.com\u003C\u002Fp>\n","One-page WooCommerce checkout hardening; bot blocking, rate\u002Fsequence checks, business\u002Femail heuristics, and optional AVS-based risk signals.",0,424,"2026-01-27T22:35:00.000Z","6.9.4","6.0","7.4",[18,19,20,21,22],"bot-protection","fraud-prevention","ip-blocker","spam","woocommerce-checkout-security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheckout-origin-guard.1.7.1.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"potar",4,10,30,94,"2026-04-04T01:21:17.431Z",[37,58,77,98,118],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":14,"requires_at_least":50,"requires_php":16,"tags":51,"homepage":56,"download_link":57,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wc-blacklist-manager","Blacklist Manager – WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention","2.1.8","YoOhw Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoohw\u002F","\u003Cp>\u003Cstrong>Blacklist Manager\u003C\u002Fstrong> is a powerful anti-fraud and spam-prevention plugin for \u003Cstrong>WooCommerce\u003C\u002Fstrong> and \u003Cstrong>WordPress\u003C\u002Fstrong> forms. WooCommerce Anti-Fraud & Checkout Verification & Spam Prevention blocks fraudulent orders, fake registrations, and spam form submissions by banning \u003Cstrong>IPs\u003C\u002Fstrong>, \u003Cstrong>email addresses\u003C\u002Fstrong>, and \u003Cstrong>phone numbers\u003C\u002Fstrong> at checkout or on contact forms. With \u003Cstrong>real-time blacklist\u003C\u002Fstrong> checks, you can \u003Cstrong>stop chargebacks\u003C\u002Fstrong>, \u003Cstrong>unwanted sign-ups\u003C\u002Fstrong>, and \u003Cstrong>abusive bots\u003C\u002Fstrong> before they hit your store.\u003C\u002Fp>\n\u003Cp>Easily blacklist \u003Cstrong>phone numbers\u003C\u002Fstrong>, \u003Cstrong>email addresses\u003C\u002Fstrong>, \u003Cstrong>IP addresses\u003C\u002Fstrong>, and \u003Cstrong>email domains\u003C\u002Fstrong> to block \u003Cstrong>unwanted users\u003C\u002Fstrong> from placing orders, submitting forms, canceling transactions, or registering accounts. Whether you’re running an online store or collecting leads through forms, \u003Cstrong>Blacklist Manager\u003C\u002Fstrong> adds a critical layer of defense to your site.\u003C\u002Fp>\n\u003Cp>Originally built for WooCommerce, it now extends its protection to popular form plugins including \u003Cstrong>Contact Form 7\u003C\u002Fstrong>, \u003Cstrong>Gravity Forms\u003C\u002Fstrong>, and \u003Cstrong>WPForms\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fglobal-blacklist-plan\u002F\" rel=\"nofollow ugc\">Global Blacklist\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fproduct\u002Fblacklist-manager-premium\u002F\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fdocs\u002Fcategory\u002Fwoocommerce-blacklist-manager\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>  | \u003Ca href=\"https:\u002F\u002Fsandbox.yoohw.com\u002Fdemo\u002Fyobm_demo.html\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Real-Time Blacklist Blocking\u003C\u002Fstrong>: Instantly block customers by IP, email, or phone number during checkout or form submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Blacklist Management\u003C\u002Fstrong>: Easily add the phone number, email address, ip address from the order page; multi ip addresses\u002Fdomains addition into blocking list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi Notifications\u003C\u002Fstrong>: Email, alert and error notices for both admin and users are customizable.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Order Protection\u003C\u002Fstrong>: Prevent fake orders, duplicate orders, and fraudulent transactions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment \u002F Review Blocking\u003C\u002Fstrong>: Automatically block comments and reviews from blacklisted emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Registration\u003C\u002Fstrong>: Option to prevent registration if the email\u002Fip\u002Fdomain is on the Blocklist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form Spam Shield\u003C\u002Fstrong>: Integrates with Contact Form 7, Gravity Forms, WPForms—blocks blacklist matches on all major WordPress forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Timed Cancellation\u003C\u002Fstrong>: Option to cancel the order if the email\u002Fphone is on the Blocklist in the delay of time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Verification\u003C\u002Fstrong>: Customers are required to verify their email by entering a code sent to them during checkout to complete their order.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Phone Verification\u003C\u002Fstrong>: Customers must verify their phone number by entering an SMS code received during checkout before proceeding with their order.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Blocking\u003C\u002Fstrong>: When the order has been placed by a user and has been added to the Blocklist, then the user is also set as blocked.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cp>Building on the robust features of the free version, the premium version offers advanced functionalities to safeguard your business against fraud and unauthorized transactions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced Blocking\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Customer Name Blocking\u003C\u002Fstrong>: Adds the first and last name of the customer to the blocklist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Address Blacklisting\u003C\u002Fstrong>: Block orders from specific billing and shipping addresses listed in your blocklist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Comment \u002F Review\u003C\u002Fstrong>: Completely block comments and reviews from blacklisted emails, IPs, or domains.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Submission\u003C\u002Fstrong>: Block form submissions from Contact Form 7, Gravity Forms, and WPForms if the IP address is on the Blocklist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent VPN & Proxy Submission\u003C\u002Fstrong>: Automatically block form submissions and registrations if the visitor is using a Proxy server or VPN connection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Access Prevention\u003C\u002Fstrong>: Stop users from accessing your website from IP countries that you have selected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser Blocking\u003C\u002Fstrong>: Restrict accessing your website for users of browsers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Disposable Emails\u003C\u002Fstrong>: Block orders and registration if the customer uses a disposable email address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Disposable Phones\u003C\u002Fstrong>: Block orders and automate adding to the blocklist  if the customer is using a disposable phone number.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional Payment Methods\u003C\u002Fstrong>: Disable the payment methods for the customers are in the Suspects list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Global Blacklist Decisions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Global Blacklist Decisions service helps protect your store by checking customer email, IP, phone, and address against a shared fraud-prevention database. It identifies suspicious or high-risk identities used in fraudulent activity across multiple merchants, giving you real-time warnings before the order is processed. This reduces payment fraud, prevents stolen-card testing, and lowers the risk of chargebacks, helping your business stay safe without slowing down checkout.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fglobal-blacklist-plan\u002F\" rel=\"nofollow ugc\">Know more about the Global Blacklist Decisions\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Fully Automation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Fully Automated-Protecting against fraud and unauthorized transactions, hands-free to focus on growing your E-commerce website!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Set risk score thresholds\u003C\u002Fstrong>: Manually adjust each rule’s risk value!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose the right score\u003C\u002Fstrong>: Select a score for every option to let your own rules work.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Check phone and email\u003C\u002Fstrong>: Check the phone number and email address that were used in multiple orders but with a different IP or customer address.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Check order value & attempts\u003C\u002Fstrong>: Make sure the order value isn’t abnormal and the customer has placed too many orders within the time period.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Suspects the IP address\u003C\u002Fstrong>: Detect the customer that uses a VPN or proxy server and the IP’s country mismatches with the billing country.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detect IP coordinates\u003C\u002Fstrong>: Action if the IP coordinates radius does not match the address coordinates radius.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Card country & AVS checks\u003C\u002Fstrong>: High-level checking of the payment card country and billing country is not the same, also AVS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set High risk card country\u003C\u002Fstrong>: Manually establishing the list of nations in order to safeguard payments made via your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Suspicious PayPal payer\u003C\u002Fstrong>: Detect PayPal accounts that have been linked to multiple customer profiles, use mismatched billing information.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist based on order statuses\u003C\u002Fstrong>: Set the statues to automatically add the customer to the suspect and blocked list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fdocs\u002Fwoocommerce-blacklist-manager\u002Fsettings\u002Fautomation\u002F\" rel=\"nofollow ugc\">Explore the Automation features\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Powerful Recording Activity Logs\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Gain full visibility into every interaction and decision with Powerful Recording Activity Logs. This feature continuously tracks and documents all blacklist detections and user activities, giving you the transparency and control you need to stay ahead of fraud and suspicious behavior.\u003C\u002Fp>\n\u003Cp>With comprehensive logging, the plugin records:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Detection Attempts\u003C\u002Fstrong>: Every time a user triggers a blacklist rule—whether by email, phone, IP, or address—it’s logged with a timestamp for easy traceability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Actions\u003C\u002Fstrong>: Logs when entries are added, edited, removed, or manually overridden by store staff, ensuring accountability across your team.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout Blocks\u003C\u002Fstrong>: Captures blocked checkout attempts along with detailed user input and cart contents, so you always know what was stopped—and why.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By storing detailed activity logs in a structured and searchable format, this feature empowers you to review patterns, strengthen your security rules, and make informed decisions backed by data—all without lifting a finger.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fdocs\u002Fwoocommerce-blacklist-manager\u002Factivity-logs\u002Factivity-logs\u002F\" rel=\"nofollow ugc\">Learn more about this feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Real-time Automatic Validation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our plugin ensures a seamless and error-free checkout experience with Real-time Automatic Validation. This feature automatically validates customer-provided details, including names, email addresses, and phone numbers, as they are entered. By detecting and alerting users of issues such as incomplete or invalid data, it helps to reduce errors and ensure compliance with your data integrity rules.\u003C\u002Fp>\n\u003Cp>With intelligent validation logic, the plugin checks for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Name Validation\u003C\u002Fstrong>: Detects invalid characters, excessive spaces, repeated characters, and ensures adherence to your custom length rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Validation\u003C\u002Fstrong>: Confirms that email addresses are correctly formatted and free from common typos or invalid domains.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Phone Validation\u003C\u002Fstrong>: Verifies phone numbers against predefined formats and country codes, with optional integration for SMS-based verification with the popular services Twilio and Textmagic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This real-time validation not only improves the user experience by providing instant feedback but also ensures that your customer database remains accurate and clean.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Prevent Orders and Access from Bots\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Protect your WooCommerce store from automated abuse with a layered, invisible anti-bot system designed to stop fake orders without affecting real customers.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced bot detection\u003C\u002Fstrong>: Blocks automated checkout, login, registration, and comment spam using behavioral and session-based analysis.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend execution proof\u003C\u002Fstrong>: Verifies that checkout requests come from real browsers running JavaScript, not scripted bots.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Session continuity validation\u003C\u002Fstrong>: Detects and blocks bots that skip normal cart and checkout flow.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser fingerprint anomaly detection\u003C\u002Fstrong>: Identifies headless browsers, automation tools, and abnormal client behavior using risk-based scoring.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invisible verification layers\u003C\u002Fstrong>: Seamlessly integrates Google Cloudflare Turnstile, reCAPTCHA v3\u002Fv2, and hCaptcha with no friction for legitimate users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API & Blocks checkout protection\u003C\u002Fstrong>: Secures Classic Checkout, Block-based Checkout, and Store API endpoints from direct bot abuse.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Efficient and lightweight\u003C\u002Fstrong>: Enterprise-grade protection that runs silently without slowing down your store.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Payment Detection & Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our plugin integrates seamlessly with leading payment gateways—\u003Cstrong>Stripe, PayPal, and Mollie\u003C\u002Fstrong>—to provide advanced fraud detection and prevention.\u003C\u002Fp>\n\u003Cp>With built-in checks, it automatically detects mismatches such as \u003Cstrong>card country vs. billing country\u003C\u002Fstrong>, flags transactions from \u003Cstrong>high-risk countries\u003C\u002Fstrong>, and validates payments using \u003Cstrong>AVS (Address Verification Service)\u003C\u002Fstrong> when available. For Stripe, it leverages the \u003Cstrong>Stripe Fraud Analysis\u003C\u002Fstrong> results directly within the order screen to help you quickly identify risky transactions. For PayPal, it introduces a \u003Cstrong>payer email verification requirement\u003C\u002Fstrong> to ensure that the PayPal account holder’s identity matches the order details, reducing the chance of fraudulent use.\u003C\u002Fp>\n\u003Cp>These protections add an extra layer of security to your store, helping you block suspicious orders before they result in costly chargebacks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Blacklist Connection for Multiple Sites\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Blacklist Connection allows you to sync and consolidate blacklists from multiple WooCommerce stores or Sites, creating a centralized network of blacklisted emails, phone numbers, IP addresses, customer addresses, and email domains. This unified blacklist ensures a comprehensive defense against fraud across all your online stores and websites, improving security and saving you time.\u003C\u002Fp>\n\u003Cp>Ideal for multi-store and websites owners and agencies managing numerous client sites—save time and boost security.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fdocs\u002Fwoocommerce-blacklist-manager\u002Fsettings\u002Fconnection\u002F\" rel=\"nofollow ugc\">See more about Blacklist Connection feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Universal Checkout Compatibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our plugin is compatible with all types of checkout pages, including WooCommerce Classic, \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fcheckout-blocks\u002F\" rel=\"nofollow ugc\">Block-based Checkout\u003C\u002Fa>, and third-party checkout plugins. It also features address autocompletion on the checkout page to ensure accuracy and clarity through seamless Google Maps API integration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Permission Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Permission Settings feature of our plugin allows you to set both default and custom user roles to control access to the Dashboard, Notifications, and Settings. Tailor the access levels to ensure that only the appropriate users can manage and view the plugin’s critical features.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Import \u002F Export\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily manage your blacklist data with our Import\u002FExport feature. Quickly upload entries via CSV or export your blacklist data for backup, review, or migration purposes, ensuring seamless data management.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enhanced Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our premier solution for combating fraud and unauthorized transactions: we’ve integrated up with the finest third-party services to deliver the highest level of protection for your business. Each service we chose excels in identifying and preventing fraudulent activities. Moreover, these services offer free plans designed to support small and medium-sized businesses, enabling you to focus on growth while safeguarding your transactions.\u003C\u002Fp>\n\u003Ch4>Plugin supported\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\" rel=\"ugc\">Contact Form 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\u002F\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\u002F\" rel=\"ugc\">WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-advanced-accounts\u002F\" rel=\"ugc\">WooComerce Advanced Accounts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-gateway-stripe\u002F\" rel=\"ugc\">WooCommerce Stripe Gateway\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoo-stripe-payment\u002F\" rel=\"ugc\">Payment Plugins for Stripe WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-paypal-payments\u002F\" rel=\"ugc\">WooCommerce PayPal Payments\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpymntpl-paypal-woocommerce\u002F\" rel=\"ugc\">Payment Plugins for PayPal WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmollie-payments-for-woocommerce\u002F\" rel=\"ugc\">Mollie Payments for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Service integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fglobal-blacklist-plan\u002F\" rel=\"nofollow ugc\">Global Blacklist\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002F\" rel=\"nofollow ugc\">Cloudflare\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fabout\u002F\" rel=\"nofollow ugc\">reCaptcha v3\u002Fv2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.hcaptcha.com\u002F\" rel=\"nofollow ugc\">hCaptcha\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fip-api.com\u002F\" rel=\"nofollow ugc\">IP-api\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.bigdatacloud.com\u002F\" rel=\"nofollow ugc\">BigDataCloud\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.zerobounce.net?ref=owqwzgy\" rel=\"nofollow ugc\">ZeroBounce\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fnumcheckr.com\u002F\" rel=\"nofollow ugc\">NumCheckr\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmapsplatform.google.com\u002F\" rel=\"nofollow ugc\">Google Maps\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fproduct\u002Fsms-credits\u002F\" rel=\"nofollow ugc\">Yo Credits\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.twilio.com\u002F\" rel=\"nofollow ugc\">Twilio\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.textmagic.com\u002F\" rel=\"nofollow ugc\">Textmagic\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Premium Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Access our Premium Support site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dedicated Assistance\u003C\u002Fstrong>: Access to our premium support team for any issues or questions you may have.\u003Cbr \u002F>\n\u003Cstrong>Priority Response\u003C\u002Fstrong>: Receive faster response times and personalized support to ensure your plugin operates smoothly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoohw.com\u002Fproduct\u002Fblacklist-manager-premium\u002F\" rel=\"nofollow ugc\">Explore the Premium version here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>With these premium features and dedicated support, the Blacklist Manager Premium plugin provides unparalleled security and efficiency, giving you peace of mind and allowing you to focus on growing your business.\u003C\u002Fp>\n\u003Ch4>Blacklist Manager Community\u003C\u002Fh4>\n\u003Cp>By using this plugin, your store automatically becomes part of the \u003Cstrong>Blacklist Manager Community\u003C\u002Fstrong>.\u003Cbr \u002F>\nThis community-driven network helps strengthen fraud protection by sharing and consolidating blacklisted data (emails, phone numbers, IP addresses, etc.) across participating stores.\u003C\u002Fp>\n\u003Cp>Your contribution helps create a safer eCommerce ecosystem while protecting your own store more effectively.\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Stop fraudulent WooCommerce orders and prevent chargebacks.\u003C\u002Fli>\n\u003Cli>Block spam submissions on registration or contact forms.\u003C\u002Fli>\n\u003Cli>Enforce email\u002Fphone verification at checkout.\u003C\u002Fli>\n\u003Cli>Maintain a dynamic blacklist across your entire WordPress site.\u003C\u002Fli>\n\u003C\u002Ful>\n","Anti-fraud, checkout verification and spam prevention plugin for WooCommerce and WordPress forms.",2000,48080,80,12,"2026-02-28T05:36:00.000Z","6.3",[52,19,53,54,55],"blacklist-customers","prevent-fake-orders","spam-prevention","woocommerce-anti-fraud","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-blacklist-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-blacklist-manager.2.1.8.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":11,"num_ratings":11,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":70,"tags":71,"homepage":23,"download_link":76,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"cheq-essentials-go-to-market-security","CHEQ Essentials","1.13","eranfl","https:\u002F\u002Fprofiles.wordpress.org\u002Feranfl\u002F","\u003Cp>As a website owner, one of the biggest challenges you face is dealing with invalid traffic. Invalid traffic (27% of direct and organic traffic on average in 2022) refers to any non-human or fraudulent activity, such as bots, click farms, and other forms of automated traffic. This can not only damage your site’s reputation but also result in lost revenue, slow performance, and skewed data that damage your decision-making.\u003C\u002Fp>\n\u003Cp>CHEQ Essentials is here to help. We use advanced algorithms and machine learning techniques to analyze user behavior and distinguish between legitimate and invalid traffic.\u003C\u002Fp>\n\u003Cp>With this plugin, you can automatically monitor your website traffic in real time and identify any suspicious patterns or behavior. The plugin also provides detailed reports and analytics that can help you better understand your traffic and identify any potential issues.\u003C\u002Fp>\n\u003Cp>Once the plugin detects invalid traffic, it can take immediate action to prevent further damage. This may include blocking IP addresses on Google Ads, redirecting traffic to a 403 page, or implementing other measures to prevent bots and other automated traffic from accessing your site.\u003C\u002Fp>\n\u003Cp>Overall, this is an essential tool for any website owner who wants to secure and protect their site from fraudulent activity and ensure a safe and reliable user experience. With CHEQ Essentials, you can rest assured that your site is protected from invalid traffic and other forms of online fraud.\u003C\u002Fp>\n\u003Cp>You will need an active CHEQ Essentials subscription to use this WordPress plugin.\u003C\u002Fp>\n","Protect, analyze & block threats in real time your website from bots, click fraud, and invalid traffic with CHEQ Essentials.",700,6693,"2025-07-21T15:20:00.000Z","6.6.5","5.6",[18,72,73,74,75],"click-fraud","fraud-protection","spam-protection","website-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcheq-essentials-go-to-market-security.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":14,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"anti-fake-orders-ip-blocker","Anti Fake Orders & IP Blocker","1.0.1","Shohanur Rahman Shohan","https:\u002F\u002Fprofiles.wordpress.org\u002Fshohanur007\u002F","\u003Cp>Anti Fake Orders & IP Blocker helps WooCommerce store owners prevent fraudulent orders by monitoring checkout behaviour patterns and automatically blocking suspicious activities.\u003C\u002Fp>\n\u003Cp>Fake orders can waste your time, increase processing costs, and damage your business reputation. This plugin provides powerful tools to identify and block these threats before they impact your business.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fproshohan.com\u002Fanti-fake-orders-ip-blocker\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fproshohan.com\u002F\" rel=\"nofollow ugc\">Need Help?\u003C\u002Fa>        \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdevelopershohan\" rel=\"nofollow ugc\">About Author\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Smart IP Blocking System\u003C\u002Fstrong>: Block specific IP addresses manually or let the system automatically detect and block suspicious ones based on behaviour patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Domain Filtering\u003C\u002Fstrong>: Block orders from disposable email services and known suspicious domains\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Account Security\u003C\u002Fstrong>: Block problematic users who repeatedly place fake orders\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bot Detection Technology\u003C\u002Fstrong>: Identify automated checkout attempts using timing analysis to detect inhuman checkout speeds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Auto-Blocking\u003C\u002Fstrong>: Configure rules to automatically block IPs after multiple suspicious attempts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Logging System\u003C\u002Fstrong>: Track all blocked attempts with detailed information for security analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Blocking Duration\u003C\u002Fstrong>: Set temporary blocks that automatically expire after your specified timeframe\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Real-World Applications\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Prevent Card Testing Fraud\u003C\u002Fstrong>: Stop criminals from testing stolen credit cards on your store\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Chargeback Rates\u003C\u002Fstrong>: Block known fraudulent behaviour patterns before orders are placed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save Processing Time\u003C\u002Fstrong>: Eliminate hours wasted verifying and processing fake orders\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protect Inventory Management\u003C\u002Fstrong>: Prevent inventory allocation to orders that will never complete\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Checkout Process\u003C\u002Fstrong>: Maintain a smooth checkout for legitimate customers while blocking suspicious ones\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical Implementation\u003C\u002Fh3>\n\u003Cp>The plugin works behind the scenes during the WooCommerce checkout process:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>behaviour Analysis\u003C\u002Fstrong>: Monitors user interaction patterns during checkout\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time-Based Detection\u003C\u002Fstrong>: Measures checkout completion time to identify automated bots\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Verification\u003C\u002Fstrong>: Checks IPs and emails against your custom blocklists and known suspicious patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Actions\u003C\u002Fstrong>: Choose between blocking, flagging for review, or logging suspicious activity\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Developer-Friendly\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Clean, well-documented code\u003C\u002Fli>\n\u003Cli>Hooks and filters for customization\u003C\u002Fli>\n\u003Cli>Performance-optimized with minimal impact on checkout speed\u003C\u002Fli>\n\u003Cli>Compatible with major WooCommerce extensions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage Instructions\u003C\u002Fh3>\n\u003Ch3>Basic Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Set Detection Sensitivity\u003C\u002Fstrong>: Adjust the “Minimum Checkout Time” setting to determine how quickly a checkout can be completed before being flagged as suspicious.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Configure Blocking Rules\u003C\u002Fstrong>: Define how many suspicious attempts should trigger an automatic block.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customize Block Message\u003C\u002Fstrong>: Set a custom message to display when a checkout is blocked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Advanced Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>IP Whitelist\u003C\u002Fstrong>: Add trusted IP addresses that should never be blocked, useful for testing or for known legitimate customers who might trigger false positives.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Email Domain Filtering\u003C\u002Fstrong>: Block entire email domains known for fraudulent activity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Temporary Blocking\u003C\u002Fstrong>: Set block durations to automatically expire after a set number of hours.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manual Review System\u003C\u002Fstrong>: Flag suspicious orders for review instead of blocking them outright.\u003C\u002Fp>\n\u003Ch3>Integration with Other Security Measures\u003C\u002Fh3>\n\u003Cp>This plugin works well alongside other security plugins like Wordfence or Sucuri to provide comprehensive store protection.\u003C\u002Fp>\n","Protect your WooCommerce store from fake orders by blocking suspicious IPs, emails, and detecting bot checkout activity.",400,1265,60,2,"2026-02-11T20:07:00.000Z","5.0","7.2",[93,19,20,94,95],"fake-order","security","woocommerce","https:\u002F\u002Fproshohan.com\u002Fanti-fake-orders-ip-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanti-fake-orders-ip-blocker.1.0.1.zip",{"slug":99,"name":100,"version":101,"author":100,"author_profile":102,"description":103,"short_description":104,"active_installs":25,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":23,"tags":111,"homepage":116,"download_link":117,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"ip-address-approval","IP Address Approval","1.9.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fipapproval\u002F","\u003Cp>The IP Address Approval system provides an easy way for you to Allow or Block access to your website to protect your site from unwanted visitors. You can use the IP Address Approval system on both Internet(public) websites and Intranet(private network) websites. This super easy to use editor gives you all the control you need without the hassle of having to write your own code.\u003C\u002Fp>\n\u003Ch4>Free Version:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block IP Addresses\u003C\u002Fli>\n\u003Cli>Block IP Address Ranges\u003C\u002Fli>\n\u003Cli>Restrict Access on ALL Pages\u003C\u002Fli>\n\u003Cli>Restrict Access on ALL Post Pages\u003C\u002Fli>\n\u003Cli>Sites Covered: Use on 1 website\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Version:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block IP Addresses and IP Address Ranges\u003C\u002Fli>\n\u003Cli>Open or Close your website\u003C\u002Fli>\n\u003Cli>If your website is ‘closed’ you can remain Open for IP Addresses and IP Address Ranges\u003C\u002Fli>\n\u003Cli>Geo Locations: Use Geo Locations to allow or block access to your website.\u003C\u002Fli>\n\u003Cli>Site Visits: View the IP Address, User Agent, the Page Visited and Time of the Visit. \u003C\u002Fli>\n\u003Cli>Manage Site Visitors Log results\u003C\u002Fli>\n\u003Cli>Block Proxy, VPN or Tor visitor connections\u003C\u002Fli>\n\u003Cli>Redirect Proxy, VPN or Tor page\u003C\u002Fli>\n\u003Cli>Block Hosting or Data Center visitor connections\u003C\u002Fli>\n\u003Cli>Redirect Hosting or Data Center page\u003C\u002Fli>\n\u003Cli>Manage Multiple Websites\u003C\u002Fli>\n\u003Cli>Restrict Access on ALL Pages\u003C\u002Fli>\n\u003Cli>Restrict Access on ALL Post Pages\u003C\u002Fli>\n\u003Cli>Restrict Access on the Admin Login Page \u003C\u002Fli>\n\u003Cli>Sites Covered: Add the IP Approval service to up to 10 websites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary Section\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Please Note:\u003C\u002Fstrong> You need to Create a User Account on our website \u003Ca href=\"https:\u002F\u002Fwww.ip-approval.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ip-approval.com\u003C\u002Fa>, and add your IP Approval Credentials to the Plugin, before it will work. This is done by an API (application program interface) to connect this plugin to our server at \u003Ca href=\"https:\u002F\u002Fwww.ip-approval.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ip-approval.com\u003C\u002Fa>. This is required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Information we log in our database\u003C\u002Fstrong>\u003Cbr \u002F>\n– Blog Owners Name\u003Cbr \u002F>\n– Username\u003Cbr \u002F>\n– Email\u003Cbr \u002F>\n– Blog ID\u003Cbr \u002F>\n– Domain URL\u003Cbr \u002F>\n– Current Theme Name\u003Cbr \u002F>\n– WordPress Version\u003Cbr \u002F>\n– Plugin Version\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Explicit and Authorized Consent;\u003C\u002Fstrong> By clicking the ‘Connect Account’ button on the IP Approval Credentials tab you explicitly agree to provide the Blog Owners Name, Username, Email, Blog ID, Current Theme Name, WordPress Version and Plugin Version to the IP Address Approval service. Note that this helps us troubleshoot any issues you may encounter, as well as verifying the API Connection.\u003Cbr \u002F>\nTo learn about our privacy policy, please visit: \u003Ca href=\"https:\u002F\u002Fwww.ip-approval.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.ip-approval.com\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n","The IP Address Approval system provides an easy way for you to Allow or Block access to your website to protect your site from unwanted visitors.",7811,74,3,"2025-06-11T11:25:00.000Z","6.8.5","4.6",[112,113,114,20,115],"geo-location","geo-redirect","geo-security","stop-spam","https:\u002F\u002Fwww.ip-approval.com\u002Fwordpress\u002Fip-approval\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-address-approval.1.9.2.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":25,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":23,"download_link":134,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"killbot","KillBot","1.0.3","VOWE","https:\u002F\u002Fprofiles.wordpress.org\u002Fvowe\u002F","\u003Cp>The KillBot plugin for WordPress uses the external KillBot service to protect websites from bots and automated traffic.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>What is this service, and what is it used for?\u003Cbr \u002F>\nKillBot is an anti-bot system that analyzes traffic, detects bots, and can either block them or present a CAPTCHA. The plugin interacts with the KillBot service to check users for signs of automated behavior and detect the use of proxies or VPNs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>What data is sent and when?\u003Cbr \u002F>\nThe plugin sends the following data to the KillBot server upon each new visit session:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– The window.navigator object\u003Cbr \u002F>\n– The window.screen object\u003Cbr \u002F>\n– The window object (excluding string-based parameter values)\u003Cbr \u002F>\nImportant: KillBot does not receive any personal user data, such as names, email addresses, or account identifiers.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Links to Terms of Service and Privacy Policy\u003Cbr \u002F>\nKillBot Terms of Service: https:\u002F\u002Fmy.kill-bot.net\u002Fnode\u002F7\u003Cbr \u002F>\nKillBot Privacy Policy: https:\u002F\u002Fmy.kill-bot.net\u002Fnode\u002F29\u003C\u002Fli>\n\u003C\u002Fol>\n","The KillBot plugin for WordPress uses the external KillBot service to protect websites from bots and automated traffic.",50,882,1,"2025-04-30T09:45:00.000Z","6.7.5","6.4","7.1",[18,119,94,54],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkillbot.zip",{"attackSurface":136,"codeSignals":190,"taintFlows":223,"riskAssessment":251,"analyzedAt":258},{"hooks":137,"ajaxHandlers":186,"restRoutes":187,"shortcodes":188,"cronEvents":189,"entryPointCount":11,"unprotectedCount":11},[138,144,148,152,156,160,163,167,171,174,178,182],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","plugins_loaded","maybe_install","checkout-origin-guard.php",63,{"type":139,"name":145,"callback":146,"priority":11,"file":142,"line":147},"parse_request","maybe_intercept",65,{"type":139,"name":149,"callback":150,"file":142,"line":151},"woocommerce_checkout_process","cs_validate_checkout",66,{"type":139,"name":153,"callback":154,"priority":32,"file":142,"line":155},"woocommerce_checkout_order_created","cs_mark_created_order",67,{"type":139,"name":157,"callback":158,"priority":32,"file":142,"line":159},"woocommerce_payment_complete","cs_handle_payment_complete",68,{"type":139,"name":161,"callback":161,"file":142,"line":162},"admin_menu",70,{"type":139,"name":164,"callback":165,"file":142,"line":166},"admin_post_wcog_botblock_save","handle_settings_save",71,{"type":139,"name":168,"callback":169,"file":142,"line":170},"admin_post_wcog_botblock_export","export_csv",72,{"type":139,"name":172,"callback":173,"file":142,"line":106},"admin_post_wcog_bb_block","handle_block_ip",{"type":139,"name":175,"callback":176,"file":142,"line":177},"admin_post_wcog_bb_unblock","handle_unblock_ip",75,{"type":139,"name":179,"callback":180,"file":142,"line":181},"init","maybe_emergency_toggle",77,{"type":139,"name":183,"callback":184,"file":142,"line":185},"admin_notices","closure",1663,[],[],[],[],{"dangerousFunctions":191,"sqlUsage":192,"outputEscaping":194,"fileOperations":128,"externalRequests":11,"nonceChecks":220,"capabilityChecks":221,"bundledLibraries":222},[],{"prepared":48,"raw":11,"locations":193},[],{"escaped":87,"rawEcho":195,"locations":196},11,[197,200,202,204,206,208,210,212,214,216,218],{"file":142,"line":198,"context":199},1008,"raw output",{"file":142,"line":201,"context":199},1027,{"file":142,"line":203,"context":199},1028,{"file":142,"line":205,"context":199},1029,{"file":142,"line":207,"context":199},1030,{"file":142,"line":209,"context":199},1031,{"file":142,"line":211,"context":199},1032,{"file":142,"line":213,"context":199},1033,{"file":142,"line":215,"context":199},1034,{"file":142,"line":217,"context":199},1079,{"file":142,"line":219,"context":199},1666,5,8,[],[224,243],{"entryPoint":225,"graph":226,"unsanitizedCount":11,"severity":242},"handle_settings_save (checkout-origin-guard.php:880)",{"nodes":227,"edges":239},[228,233],{"id":229,"type":230,"label":231,"file":142,"line":232},"n0","source","$_POST (x7)",885,{"id":234,"type":235,"label":236,"file":142,"line":237,"wp_function":238},"n1","sink","update_option() [Settings Manipulation]",890,"update_option",[240],{"from":229,"to":234,"sanitized":241},true,"low",{"entryPoint":244,"graph":245,"unsanitizedCount":11,"severity":242},"\u003Ccheckout-origin-guard> (checkout-origin-guard.php:0)",{"nodes":246,"edges":249},[247,248],{"id":229,"type":230,"label":231,"file":142,"line":232},{"id":234,"type":235,"label":236,"file":142,"line":237,"wp_function":238},[250],{"from":229,"to":234,"sanitized":241},{"summary":252,"deductions":253},"The plugin 'checkout-origin-guard' v1.7.1 exhibits a generally strong security posture based on the provided static analysis.  The absence of any recorded vulnerabilities (CVEs) and the clean taint analysis with zero critical or high severity flows are significant strengths. The code also demonstrates good practices by exclusively using prepared statements for SQL queries, implementing nonce checks (5 instances), and capability checks (8 instances). Furthermore, the majority of output (85%) is properly escaped, mitigating XSS risks. \n\nHowever, a few areas warrant attention. The presence of a file operation, even if it's only one, is an entry point that could potentially be exploited if not handled with extreme care and robust input validation, although the static analysis did not flag any unsanitized paths. While the attack surface is reported as zero entry points, this is a somewhat unusual finding and might indicate limitations in the static analysis tool's ability to detect certain entry points or a very simple plugin. The 15% of output that is not properly escaped, while not critically high, still represents a potential XSS vulnerability, particularly if that unescaped output is user-controllable.",[254,256],{"reason":255,"points":220},"Unescaped output present (15%)",{"reason":257,"points":107},"Presence of a file operation","2026-03-17T06:30:03.916Z",{"wat":260,"direct":273},{"assetPaths":261,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[262,263,264,265],"\u002Fwp-content\u002Fplugins\u002Fcheckout-origin-guard\u002Fassets\u002Fcss\u002Fwcog.css","\u002Fwp-content\u002Fplugins\u002Fcheckout-origin-guard\u002Fassets\u002Fjs\u002Fwcog.js","\u002Fwp-content\u002Fplugins\u002Fcheckout-origin-guard\u002Fassets\u002Fjs\u002Fwcog-checkout.js","\u002Fwp-content\u002Fplugins\u002Fcheckout-origin-guard\u002Fassets\u002Fjs\u002Fwcog-company-shield.js",[],[263,264,265],[269,270,271,272],"checkout-origin-guard\u002Fassets\u002Fcss\u002Fwcog.css?ver=","checkout-origin-guard\u002Fassets\u002Fjs\u002Fwcog.js?ver=","checkout-origin-guard\u002Fassets\u002Fjs\u002Fwcog-checkout.js?ver=","checkout-origin-guard\u002Fassets\u002Fjs\u002Fwcog-company-shield.js?ver=",{"cssClasses":274,"htmlComments":277,"htmlAttributes":290,"restEndpoints":299,"jsGlobals":302,"shortcodeOutput":305},[275,276],"wcog-botblock-message","wcog-company-shield-error",[278,279,280,281,282,283,284,285,286,287,288,289],"\u003C!-- WCOG BotBlock options -->","\u003C!-- WCOG Company Shield options -->","\u003C!-- WCOG BotBlock logs -->","\u003C!-- WCOG Company Shield logs -->","\u003C!-- WCOG AVS \u002F Payment signals -->","\u003C!-- WCOG Schema + internals -->","\u003C!-- EMERGENCY TOGGLE: ?wcog_bb=off -->","\u003C!-- END EMERGENCY TOGGLE -->","\u003C!-- WCOG BotBlock settings form -->","\u003C!-- WCOG Company Shield settings form -->","\u003C!-- WCOG AVS settings form -->","\u003C!-- WCOG General settings form -->",[291,292,293,294,295,296,297,298],"data-wcog-botblock-mode","data-wcog-cs-mode","data-wcog-cs-deny-substr","data-wcog-cs-allow-substr","data-wcog-cs-vowel-ratio","data-wcog-cs-alt-minlen","data-wcog-cs-disposables","data-wcog-cs-role-accounts",[300,301],"\u002Fwp-json\u002Fwcog\u002Fv1\u002Fbotblock\u002Flog","\u002Fwp-json\u002Fwcog\u002Fv1\u002Fcompanyshield\u002Flog",[303,304],"wcog_botblock_ajax_object","wcog_company_shield_ajax_object",[]]