[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fA-OEE8RCUFT7WJ9tAdQFnuobXfuFaOWT2kTD9pigL3o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":143,"fingerprints":293},"core-feature-control","Core Feature Control","1.0","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>\u003Cstrong>Core Feature Control\u003C\u002Fstrong> is the all-in-one solution for site owners who want to fine-tune their WordPress installation and eliminate unnecessary “bloat.”\u003C\u002Fp>\n\u003Cp>WordPress is incredibly flexible, but not every site needs every single feature that comes with the core software. By turning off unused functions, you can reduce server requests, close potential security holes, and simplify the user interface for yourself or your clients.\u003C\u002Fp>\n\u003Cp>Our intuitive settings panel, located at \u003Cstrong>Settings -> Disable Features\u003C\u002Fstrong>, gives you full control with a simple click. From disabling auto-update emails and post revisions to removing the Admin Footer and Screen Options, you have the power to create a faster, more secure, and more efficient WordPress environment.\u003C\u002Fp>\n\u003Ch3>Key benefits of using this plugin include:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Improved Performance:\u003C\u002Fstrong> Disable features like Dashicons on the front end to reduce resource loading and speed up your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security:\u003C\u002Fstrong> Harden your site by disabling the built-in Plugin and Theme Editor, preventing unauthorized code changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streamlined Admin:\u003C\u002Fstrong> Clean up the dashboard by removing distracting elements such as the “Howdy” greeting in the admin bar and the “Help” tabs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Total Control:\u003C\u002Fstrong> Manage essential functions like WordPress updates, Privacy Tools, and the REST API from a single, centralized location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Core Feature Control\u003C\u002Fstrong> is a must-have for anyone serious about optimizing their WordPress site. It’s built with clean, efficient code and won’t weigh down your site.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Comprehensive disabling of numerous core functions.\u003C\u002Fli>\n\u003Cli>Intuitive and easy-to-use admin panel.\u003C\u002Fli>\n\u003Cli>Security hardening by disabling sensitive editors and APIs.\u003C\u002Fli>\n\u003Cli>Performance optimization by removing unnecessary scripts.\u003C\u002Fli>\n\u003Cli>Dashboard and admin bar cleanup for a better user experience.\u003C\u002Fli>\n\u003Cli>Lightweight, with minimal impact on site performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fcore-feature-control\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n","Take control of your site. Disable unnecessary WordPress core functions to boost security, improve performance, and clean up your admin dashboard.",50,202,0,"2025-09-29T12:17:00.000Z","6.8.5","6.2","7.4",[19,20,21,22,23],"admin-dashboard","core-control","disable","disable-core-feature","rest-api","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcore-feature-control.1.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"galaxyweblinks",40,24800,97,310,77,"2026-04-04T05:25:00.810Z",[39,61,85,110,125],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"disable-wp-rest-api","Disable WP REST API","2.6.7","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>\u003Cstrong>Does one thing:\u003C\u002Fstrong> Completely disables the WordPress REST API for visitors who are not logged into WordPress. No configuration required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> This plugin completely disables the WP REST API for visitors who are NOT logged in to WordPress. So not recommended if your site needs the WP REST API for any non-logged users.\u003C\u002Fp>\n\u003Cp>👉 The fast, simple way to prevent abuse of your site’s REST\u002FJSON API\u003Cbr \u002F>\n👉 Protects your site’s REST data from all non-logged users and bots\u003Cbr \u002F>\n👉 Uses only 4KB of code, so super lightweight, fast, and effective\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Disable REST\u002FJSON for visitors (not logged in)\u003C\u002Fli>\n\u003Cli>Disables REST header in HTTP response for all users\u003C\u002Fli>\n\u003Cli>Disables REST links in HTML head for all users\u003C\u002Fli>\n\u003Cli>100% plug-and-play, set-it-and-forget solution\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How does it work?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin completely disables the WP REST API \u003Cem>unless\u003C\u002Fem> the user is logged into WordPress.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>For logged-in users, WP REST API works normally\u003C\u002Fli>\n\u003Cli>For logged-out users, WP REST API is disabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>What happens if logged-out visitor makes a JSON\u002FREST request? They will get only a simple message:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>rest_login_required: REST API restricted to authenticated users.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This message may customized via the filter hook, \u003Ccode>disable_wp_rest_api_error\u003C\u002Fcode>. Check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fnot-entirely-for-non-techies\u002F#post-12014965\" rel=\"ugc\">this post\u003C\u002Fa> for an example of how to do it.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way. If anything it \u003Cem>improves\u003C\u002Fem> user privacy, as it protects potentially sensitive information from being displayed\u002Faccessed via REST API.\u003C\u002Fp>\n\u003Cp>Disable WP REST API is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support development of this plugin\u003C\u002Fh3>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Disables the WP REST API for visitors not logged into WordPress.",30000,365611,96,36,"2026-01-29T17:42:00.000Z","6.9.4","4.7","5.6.20",[56,21,57,58,23],"api","json","rest","https:\u002F\u002Fperishablepress.com\u002Fdisable-wp-rest-api\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-wp-rest-api.2.6.7.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":52,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":26,"vuln_count":83,"unpatched_count":13,"last_vuln_date":84,"fetched_at":28},"admin-bar-dashboard-control","Admin Bar & Dashboard Access Control","1.2.9","Collins Agbonghama","https:\u002F\u002Fprofiles.wordpress.org\u002Fcollizo4sky\u002F","\u003Cp>Simple plugin for disabling admin bar and preventing access to WordPress dashboard based on a user’s roles.\u003C\u002Fp>\n\u003Cp>It is that simple 😀\u003C\u002Fp>\n\u003Ch3>Plugins you will like:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Ffusewp.com\u002F\" rel=\"nofollow ugc\">FuseWP\u003C\u002Fa>\u003C\u002Fstrong>: Connect wordPress to marketing platforms and sync users to your email list.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar\u002F\" rel=\"ugc\">ProfilePress\u003C\u002Fa>\u003C\u002Fstrong>: A simple yet powerful eCommerce and paid membership plugin for accepting one-time and recurring payments and selling subscriptions via Stripe & PayPal, restrict content and control user access. \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmailoptin.io\u002F\" rel=\"nofollow ugc\">MailOptin\u003C\u002Fa>\u003C\u002Fstrong> – The best WordPress email optin forms, email automation & newsletters plugin in the market.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable admin bar and control users access to WordPress dashboard.",3000,70187,94,18,"2025-12-04T13:26:00.000Z","6.0","5.4",[77,19,78,79,80],"admin-bar","disable-admin-bar","disable-toolbar","toolbar","https:\u002F\u002Fprofilepress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-bar-dashboard-control.1.2.9.zip",1,"2023-10-31 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":107,"download_link":108,"security_score":109,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wpcontrol","WPControl – The Easiest Optimization Plugin for WordPress","1.0.1","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>WPControl is the ultimate way to clean up your WordPress site.\u003C\u002Fp>\n\u003Cp>With over 20 built-in optimizations, WPControl allows you to easily enable and disable WordPress Core features, letting you remove those features that you don’t use from the dashboard you and your users see.\u003C\u002Fp>\n\u003Cp>Simply put, WPControl is the ultimate plugin that you need to control your website. With our single plugin, you can remove the need to have plugins for things like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disabling emails\u003C\u002Fli>\n\u003Cli>Disabling comments\u003C\u002Fli>\n\u003Cli>Disabling the WordPress REST API\u003C\u002Fli>\n\u003Cli>and so much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All in a single, easy to use plugin that helps boost both the performance and security of your WordPress install.\u003C\u002Fp>\n\u003Cp>WPControl is designed for simplicity first, made by the same \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner team\u003C\u002Fa> that makes your favorite WordPress tutorials.\u003C\u002Fp>\n\u003Cp>Our plugin is used by the plugin authors behind many of your favorite WordPress plugins including \u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> , \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Faioseo.com\u002F\" title=\"AIOSEO\" rel=\"friend nofollow ugc\">AIOSEO\u003C\u002Fa>  and more.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple, yet powerful. I love that I can easily disable all of the features of WordPress I’m not using in a single plugin. It makes new site setup a breeze!\u003Cbr \u002F>\n  \u003Cbr \u002F>\n  Chris Christoff\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>At WPControl, we found that there are many unused features of WordPress that make it a hassle sometimes or we just don’t need. There are tons of plugins already out there that will disable a specific feature. But taking the time and energy to optimize all of them was too much. We made just one plugin that has the features of many so you can have a one stop shop for disabling unused features of WordPress.\u003C\u002Fp>\n\u003Cp>Unlike other methods of disabling features, WPControl allows you to disable many features with just a few clicks (no need to hire a developer).\u003C\u002Fp>\n\u003Ch4>Settings Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Comments\u003C\u002Fstrong> – You can disable comments site wide or on specific post types such as posts, pages, and media.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Gutenberg\u003C\u002Fstrong> – Disables the Gutenberg block editor and reverts it the Classic Editor\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable “Try Gutenberg” Nag\u003C\u002Fstrong> – Removes the annoying admin notice that keeps nagging you to try Gutenberg\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Shortlinks\u003C\u002Fstrong> – The tag is auto generated by WordPress and is used to create shortlinks. If you are already using pretty permalinks, such as the PrettyLinks plugin. Then there is no need for this unnecessary tag.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable RSD Link\u003C\u002Fstrong> – RSD Links are used by blog clients and some 3rd parties that utilize XML-RPC requests. If you edit your site through your browser, then you do not need it. Most of the time, it is just unnecessary code.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove XFN Profile Link\u003C\u002Fstrong> – The XFN Profile Link is used to add semantic data to links to be used by browsers to assign relationships between profiles. Basically it tells browsers that the site contains links that use XFN Specification\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable wlwmanifest Link\u003C\u002Fstrong> – The wlwmanifest link is used by Windows Live Writer. If you don’t use Windows Live Writer then disable the link as it is unnecessary code.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Links to Previous and Next Post\u003C\u002Fstrong> – If your site is not a blog and is used as a CMS, then this feature will remove the previous and next post links in your WordPress theme.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable XML-RPC Pingback\u003C\u002Fstrong> – Removes XML-RPC method to prevent abuse of site’s pingback while you can use the rest of the XML-RPC Pingback method.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Gravatar\u003C\u002Fstrong> – Blocks users WordPress from getting user Gravatar from their email to add privacy for the users or prevent inappropriate avatars.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Rest API\u003C\u002Fstrong> – Disables the REST-API to prevent abuse of Rest\u002FJSON API.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Hide Login Errors\u003C\u002Fstrong> – An attacker can find the authors login using a similar request as mysite.com\u002F?author=1.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove HTML comments\u003C\u002Fstrong> – Removes HTML comments in source code to add a layer of defense from attackers trying to find the version of plugins.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove Meta Generator\u003C\u002Fstrong> – This meta tag allows attackers to see the version of WordPress, it serves no useful purpose.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Right Click\u003C\u002Fstrong> – You can disable the ability to right click on your site, or just specific things like posts, pages, media, front page, and even have the ability to show an alert to the user that right click is disabled.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Admin Notices\u003C\u002Fstrong> – You can disable all admin notices that appear in the admin settings page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable New User Emails\u003C\u002Fstrong> – Stops WordPress from sending new user notification emails to admin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Search\u003C\u002Fstrong> – Disable the front-end search bar in WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Lazy Loading\u003C\u002Fstrong> – Removes the lazy loading functionality that was added in WordPress 5.3.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Hide Admin Toolbar\u003C\u002Fstrong> – Hides the admin toolbar when the admin is on the front-end\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Dashboard Widgets\u003C\u002Fstrong> – Gives you the option to disable whichever default dashboard widgets you want.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>After reading this feature list, you can probably imagine why WPControl is the best disable plugin for WordPress.\u003C\u002Fp>\n\u003Cp>Give WPControl a try today!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is created by Zain Balkhi of the \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner team\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – Best Google Analytics plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Foptinmonster.com\u002F\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get More Email Subscribers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – Best WordPress Contact Form Plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faioseo.com\u002F\" title=\"AIOSEO\" rel=\"friend nofollow ugc\">AIOSEO\u003C\u002Fa> – The original WordPress SEO plugin to help you rank higher in search results (trusted by over 2 million sites)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F\" title=\"SeedProd\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Most popular coming soon & maintenance mode plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F\" title=\"WP Mail SMTP\" rel=\"friend nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F\" title=\"RafflePress\" rel=\"friend nofollow ugc\">RafflePress\u003C\u002Fa> – Best WordPress giveaway and contest plugin to grow traffic and social followers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002F\" title=\"Smash Balloon\" rel=\"friend nofollow ugc\">Smash Balloon\u003C\u002Fa> – #1 social feeds plugin for WordPress – display social media content in WordPress without code\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpushengage.com\u002F\" title=\"PushEngage\" rel=\"friend nofollow ugc\">PushEngage\u003C\u002Fa> – Connect with visitors after they leave your website with the leading web push notification plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftrustpulse.com\u002F\" title=\"TrustPulse\" rel=\"friend nofollow ugc\">TrustPulse\u003C\u002Fa> – Add real-time social proof notifications to boost your store conversions by up to 15%\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin would not be possible without the help and support of \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa>, the largest WordPress resource site. You can learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">free WordPress Tutorials\u003C\u002Fa> like \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fhow-to-install-wordpress\u002F\" title=\"How to Install WordPress - Step by Step\" rel=\"friend nofollow ugc\">how to install WordPress\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-hosting\u002F\" title=\"How to choose the best WordPress hosting\" rel=\"friend nofollow ugc\">choose the best WordPress hosting\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fglossary\u002F\" title=\"WordPress Glossary Terms for Beginners\" rel=\"friend nofollow ugc\">WordPress glossary\u003C\u002Fa>, and more.\u003C\u002Fp>\n\u003Cp>You can also learn about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F\" title=\"Best WordPress Plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","The easiest way to improve your website's security, performance, and user experience.",200,4235,90,2,"2022-04-18T21:12:00.000Z","5.9.13","3.8.0","5.6",[102,103,104,105,106],"disable-comments","disable-gutenberg","disable-rest-api","performance","security","https:\u002F\u002Fwww.wpcontrol.com\u002F?utm_source=liteplugin&utm_medium=pluginheader&utm_campaign=pluginurl&utm_content=7%2E0%2E0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcontrol.1.0.1.zip",85,{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":26,"downloaded":118,"rating":13,"num_ratings":13,"last_updated":119,"tested_up_to":120,"requires_at_least":53,"requires_php":24,"tags":121,"homepage":123,"download_link":124,"security_score":109,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"turn-off-rest-api","Turn Off REST API","1.0.4","ksym04","https:\u002F\u002Fprofiles.wordpress.org\u002Fksym04\u002F","\u003Cp>Turn off JSON REST API on your website to anonymous users and prevent unauthorized requests from using the REST API to get information from your website.\u003C\u002Fp>\n\u003Cp>Since the release of WordPress 4.0 came out, there have been a lot of hackers exploiting the vulnerabilities of the REST API. By installing this plugin, you will effectively prevent and disable the use of REST API from unauthorized users and protect the information on your website from being accessible. If someone tries to access the REST API on your site, the plugin will return an authentication error on the API endpoints, for any unauthorized users trying to access it.\u003C\u002Fp>\n\u003Cp>While WordPress REST API vulnerability exploits continue this plugin effectively prevent and disable the used of REST API from accessing information from your website, this plugin return authentication error and disable all endpoints for any user not logged in on your website.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English (en_US)\u003C\u002Fli>\n\u003C\u002Ful>\n","Prevents unauthorized requests from using the WP REST API.",2467,"2020-07-01T02:51:00.000Z","5.4.19",[122,56,104,57,58],"admin","https:\u002F\u002Fwww.dopethemes.com\u002Fdownloads\u002Fturn-off-rest-api\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fturn-off-rest-api.1.0.4.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":13,"num_ratings":13,"last_updated":135,"tested_up_to":136,"requires_at_least":53,"requires_php":137,"tags":138,"homepage":24,"download_link":142,"security_score":109,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"disabling-user-enumeration","Disable User Enumeration","1.0.0","incredibledeveloperr","https:\u002F\u002Fprofiles.wordpress.org\u002Fincredibledeveloperr\u002F","\u003Cp>User enumeration can be use for brute-force techniques to either guess or confirm valid users in a system. User enumeration is often a web application vulnerability, though it can also be found in any system that requires user authentication.\u003C\u002Fp>\n\u003Cp>An enumeration attack allows a hacker to check whether a name exists in the database. For example, to set up a brute-force attack, rather than searching through login and password pairs, all they need is a matching password for a verified user name, saving time and effort.\u003C\u002Fp>\n\u003Cp>The phrase “username harvesting” refers to a vulnerability that when exploited allows people or programs interacting with an application to determine what a valid username is vs an invalid username.\u003C\u002Fp>\n\u003Cp>**You can check your site have user enumeration by simply type https:\u002F\u002Fselectedfirms.co\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers that’s it. **\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>We only disable for non logged in users.\u003C\u002Fli>\n\u003Cli>You can deactivate with single click. No extra configuration required.\u003C\u002Fli>\n\u003Cli>Something else about the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n","Disable User Enumeration is a plugin designed to prevent hackers scanning your site for user names using REST API call.",30,1159,"2020-12-16T07:49:00.000Z","5.5.18","7.2",[139,140,141],"disable-user-enumeration","rest-api-user-enumeration","user-enumeration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisabling-user-enumeration.zip",{"attackSurface":144,"codeSignals":276,"taintFlows":284,"riskAssessment":285,"analyzedAt":292},{"hooks":145,"ajaxHandlers":272,"restRoutes":273,"shortcodes":274,"cronEvents":275,"entryPointCount":13,"unprotectedCount":13},[146,152,156,160,164,168,171,176,180,183,186,188,191,193,196,198,200,205,208,211,215,217,219,222,226,229,232,234,237,240,242,245,247,249,253,256,258,260,264,267,270],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_menu","corefeco_add_settings_page","core-feature-control.php",24,{"type":147,"name":153,"callback":154,"file":150,"line":155},"admin_init","corefeco_register_settings",25,{"type":147,"name":157,"callback":158,"file":150,"line":159},"admin_enqueue_scripts","corefeco_enqueue_styles",26,{"type":147,"name":161,"callback":162,"file":150,"line":163},"init","corefeco_apply_features",27,{"type":147,"name":165,"callback":166,"file":150,"line":167},"wp_loaded","corefeco_apply_features_after_load",28,{"type":147,"name":169,"callback":170,"file":150,"line":133},"wp_enqueue_scripts","corefeco_custom_scripts",{"type":172,"name":173,"callback":174,"file":150,"line":175},"filter","screen_options_show_screen","__return_false",102,{"type":172,"name":177,"callback":178,"file":150,"line":179},"rest_endpoints","closure",362,{"type":147,"name":181,"callback":178,"file":150,"line":182},"template_redirect",370,{"type":172,"name":184,"callback":174,"file":150,"line":185},"embed_oembed_discover",397,{"type":147,"name":161,"callback":178,"file":150,"line":187},401,{"type":172,"name":189,"callback":178,"file":150,"line":190},"rest_authentication_errors",407,{"type":147,"name":169,"callback":178,"priority":26,"file":150,"line":192},416,{"type":172,"name":194,"callback":174,"file":150,"line":195},"wp_is_application_passwords_available",424,{"type":147,"name":148,"callback":178,"file":150,"line":197},428,{"type":147,"name":148,"callback":178,"file":150,"line":199},435,{"type":172,"name":201,"callback":202,"priority":203,"file":150,"line":204},"style_loader_src","corefeco_remove_version_query",10,445,{"type":172,"name":206,"callback":202,"priority":203,"file":150,"line":207},"script_loader_src",446,{"type":172,"name":209,"callback":178,"file":150,"line":210},"fallback_intermediate_image_sizes",450,{"type":172,"name":212,"callback":213,"file":150,"line":214},"trash_empty_days","__return_zero",456,{"type":172,"name":184,"callback":174,"file":150,"line":216},468,{"type":147,"name":161,"callback":178,"file":150,"line":218},477,{"type":147,"name":220,"callback":178,"file":150,"line":221},"admin_notices",485,{"type":172,"name":223,"callback":224,"priority":83,"file":150,"line":225},"automatic_updates_is_vcs_checkout","__return_true",491,{"type":172,"name":227,"callback":174,"file":150,"line":228},"auto_core_update_send_email",496,{"type":172,"name":230,"callback":174,"file":150,"line":231},"send_core_update_notification_email",497,{"type":147,"name":181,"callback":178,"file":150,"line":233},505,{"type":147,"name":235,"callback":178,"file":150,"line":236},"login_enqueue_scripts",514,{"type":172,"name":238,"callback":174,"file":150,"line":239},"wp_lazy_loading_enabled",528,{"type":147,"name":153,"callback":178,"file":150,"line":241},532,{"type":172,"name":243,"callback":174,"file":150,"line":244},"wpseo_automatic_updates",534,{"type":147,"name":169,"callback":178,"file":150,"line":246},539,{"type":147,"name":157,"callback":178,"file":150,"line":248},542,{"type":172,"name":250,"callback":251,"file":150,"line":252},"admin_footer_text","__return_empty_string",549,{"type":147,"name":254,"callback":178,"file":150,"line":255},"elementor\u002Feditor\u002Fafter_enqueue_styles",553,{"type":147,"name":153,"callback":178,"file":150,"line":257},559,{"type":147,"name":169,"callback":178,"file":150,"line":259},565,{"type":147,"name":261,"callback":178,"priority":262,"file":150,"line":263},"admin_bar_menu",999,572,{"type":172,"name":265,"callback":174,"file":150,"line":266},"w3tc_footer_comment",578,{"type":147,"name":268,"callback":178,"file":150,"line":269},"wp_before_admin_bar_render",592,{"type":172,"name":177,"callback":178,"file":150,"line":271},599,[],[],[],[],{"dangerousFunctions":277,"sqlUsage":278,"outputEscaping":280,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":283},[],{"prepared":13,"raw":13,"locations":279},[],{"escaped":281,"rawEcho":13,"locations":282},5,[],[],[],{"summary":286,"deductions":287},"The 'core-feature-control' plugin v1.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified attack surface entry points, dangerous functions, direct SQL queries, file operations, or external HTTP requests is a significant positive indicator. The code signals also show that all identified outputs are properly escaped, which helps prevent cross-site scripting (XSS) vulnerabilities.\n\nTaint analysis reveals no concerning flows, further reinforcing the impression of a secure codebase. The plugin's vulnerability history is also clean, with no recorded CVEs, which suggests a history of secure development or limited exposure. This combination of factors points to a plugin that has been developed with security best practices in mind.\n\nHowever, the complete lack of nonce and capability checks is a notable area of concern. While there are no apparent entry points detected in this analysis, the absence of these fundamental security checks means that if any entry points were to be introduced in future updates, they would inherently lack critical authentication and authorization mechanisms. This presents a potential future risk, as it deviates from standard WordPress security practices designed to protect against unauthorized actions. Therefore, while the current state is secure, proactive implementation of these checks is recommended for ongoing security.",[288,290],{"reason":289,"points":203},"Missing nonce checks",{"reason":291,"points":203},"Missing capability checks","2026-03-16T21:52:44.043Z",{"wat":294,"direct":303},{"assetPaths":295,"generatorPatterns":297,"scriptPaths":298,"versionParams":300},[296],"\u002Fwp-content\u002Fplugins\u002Fcore-feature-control\u002Fassets\u002Fcss\u002Fcore-feature-control.css",[],[299],"\u002Fwp-content\u002Fplugins\u002Fcore-feature-control\u002Fassets\u002Fjs\u002Fcore-feature-control.js",[301,302],"core-feature-control-style?ver=","core-feature-control\u002Fassets\u002Fcss\u002Fcore-feature-control.css?ver=",{"cssClasses":304,"htmlComments":309,"htmlAttributes":310,"restEndpoints":313,"jsGlobals":314,"shortcodeOutput":315},[305,306,307,308],"corefeco-wrap","corefeco--notice","e-notice__actions","e-note",[],[311,312],"name=\"corefeco_extended_disable_core_settings","id=\"check-all",[],[],[]]