[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foRnWFHLC4YCgdcuiqqB_lfHavHRcCTelguQ4w9Xvzvs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":135,"fingerprints":159},"ctw-ssl-for-cloudflare","Cloudflare SSL by Weslink","1.0.9","Christofer Weßeling","https:\u002F\u002Fprofiles.wordpress.org\u002Fcetewe\u002F","\u003Cp>CloudFlare Flexible SSL needs some tiny Modification to get not into a redirect loop. This Plugins makes your WordPress Site ready to use Cloudflare SSL and prevents the common SSL infinite loop Problem.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fweslink.de\u002Fblog\u002F\" rel=\"nofollow ugc\">WordPress and SSL \u003C\u002Fa>.\u003C\u002Fp>\n","Plugin to enable CloudFlare Flexible SSL for Wordpress and to prevent the Redirect Loop",3000,48456,100,6,"2019-01-08T09:21:00.000Z","5.0.25","3.2.1","",[20,21,22,23,24],"cloudflare","flexible-ssl","https","redirect-loop","ssl","https:\u002F\u002Fweslink.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fctw-ssl-for-cloudflare.1.0.9.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"cetewe",1,30,84,"2026-04-04T06:51:24.679Z",[39,59,78,100,118],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":57,"download_link":58,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cloudflare-flexible-ssl","Flexible SSL for CloudFlare","1.3.1","Paul","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaultgoodchild\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Ficwp.io\u002F6z\" rel=\"nofollow ugc\">Click For Full Implementation Guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Using CloudFlare® Flexible SSL on WordPress isn’t as simple as just turning it on.\u003C\u002Fp>\n\u003Cp>This plugin forms an \u003Cstrong>integral part\u003C\u002Fstrong> to enabling Flexible SSL on WordPress and prevents infinite redirect loops when loading WordPress sites under Cloudflare’s Flexible SSL system.\u003C\u002Fp>\n\u003Cp>\u003Cem>Cloudflare is a registered trademark of Cloudflare, Inc.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>One Dollar Plugin is not affiliated in any way with Cloudflare, Inc. This plugin provided separately and completely independently.\u003C\u002Fp>\n\u003Cp>Remember: This plugin is just part of the installation process for Flexible SSL. \u003Ca href=\"https:\u002F\u002Ficwp.io\u002F6z\" rel=\"nofollow ugc\">Please follow the full guide\u003C\u002Fa>\u003C\u002Fp>\n","Fix For Redirect Loops on WordPress with CloudFlare's Flexible\u002FUniversal SSL.",100000,1174275,96,51,"2025-12-23T10:10:00.000Z","6.9.4","3.2.0","5.2",[20,21,23,24,56],"universal-ssl","https:\u002F\u002Ficwp.io\u002Fcloudflaresslpluginauthor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudflare-flexible-ssl.1.3.1.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":28,"num_ratings":28,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":76,"download_link":77,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"flex-ssl","Flex SSL","1.0.8","Flex Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fflexfields\u002F","\u003Cp>Flex SSL is a lightweight WordPress plugin designed to secure your website by enforcing HTTPS across your entire site. Key features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Force HTTPS:\u003C\u002Fstrong> Automatically redirect all HTTP requests to HTTPS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-Update URLs:\u003C\u002Fstrong> Change WordPress site and home URLs from HTTP to HTTPS.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare\u002FProxy Support:\u003C\u002Fstrong> Detects HTTPS headers from Cloudflare or other reverse proxies to avoid redirect loops.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Headers:\u003C\u002Fstrong> Optionally add HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy. Force SSL Admin when HTTPS is in use.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mixed Content Fixer:\u003C\u002Fstrong> Corrects HTTP to HTTPS in content, excerpts, thumbnails, scripts, styles, content_url, and home_url.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSL Status:\u003C\u002Fstrong> View current SSL status and certificate expiry date.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect Options:\u003C\u002Fstrong> Choose between 301 (permanent) and 302 (temporary) redirects.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logs & Reports:\u003C\u002Fstrong> Monitor changes and events in a log system.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Let’s Encrypt Integration (Coming Soon):\u003C\u002Fstrong> Plan to automatically generate and renew SSL certificates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Flex SSL is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>For more details, see https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html.\u003C\u002Fp>\n","Enables SSL & forces HTTPS on WordPress, updating URLs & adding security headers. Supports reverse proxies & soon integrates Let's Encrypt.",20,560,"2026-03-08T20:59:00.000Z","6.8.5","5.0","7.0",[20,22,74,75,24],"mixed-content","security","https:\u002F\u002Fflex-fields.com\u002Fssl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflex-ssl.1.0.8.zip",{"slug":20,"name":79,"version":80,"author":79,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":71,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":98,"unpatched_count":28,"last_vuln_date":99,"fetched_at":30},"Cloudflare","4.14.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudflare\u002F","\u003Ch4>What this plugin can do for you\u003C\u002Fh4>\n\u003Cp>[https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=DWANhxoDxFI]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Platform Optimization (APO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Speed up your WordPress site by up to 300% with Cloudflare’s Automatic Platform Optimization (APO) plugin. APO allows Cloudflare to serve your entire WordPress site from our edge network of over 250+ data centers worldwide ensuring fast & reliable performance for your visitors no matter where they are.\u003C\u002Fp>\n\u003Cp>Optimizing your WordPress site with multiple plugins can be overwhelming. Take your WordPress site’s performance to the next level by switching to a single plugin for CDN, intelligent caching, and other key WordPress optimizations with Cloudflare (APO). Visit our \u003Ca href=\"https:\u002F\u002Fblog.cloudflare.com\u002Fautomatic-platform-optimizations-starting-with-wordpress\u002F\" rel=\"nofollow ugc\">announcement blog\u003C\u002Fa> to learn more about APO.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What makes APO different from other caching plugins?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The key differentiating factor between Cloudflare APO and other traditional page caching and CDN solutions is its ability to directly cache static HTML at Cloudflare’s edge. Every other plugin and CDN will cache your static assets (images, javascript, CSS), but none help you cache the actual content on your site (the HTML) using a massive edge network like Cloudflare’s.\u003C\u002Fp>\n\u003Cp>APO intelligently caches your HTML pages and will automatically purge content from the cache that you update, so users will always see the latest content without compromising the performance of pages that haven’t been recently updated\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What you get with Cloudflare APO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>APO is a $5 add-on with Cloudflare’s free plan and comes with an unlimited amount of subdomains. With APO you also get to leverage many of the other benefits of Cloudflare such as \u003Cstrong>Free DNS, Free Automated SSL Certificates, Free DDoS Mitigation, and more.\u003C\u002Fstrong> APO is free for all paid plan users so if you have Cloudflare Pro or Business already you can just turn it on. You can compare all our plans \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fplans\u002F?utm_source=promo&utm_medium=social&utm_term=&utm_content=&utm_campaign=g421o-pl-apo-wordpress-plans\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Protect your WordPress site with Cloudflare’s Web Application Firewall (WAF)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Cloudflare’s WAF is available on all our \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fplans\u002F?utm_source=promo&utm_medium=social&utm_term=&utm_content=&utm_campaign=g421o-pl-apo-wordpress-plans\" rel=\"nofollow ugc\">paid plans\u003C\u002Fa> and comes with built-in rulesets, specifically tailored to mitigate WordPress threats and vulnerabilities. These security rules are regularly updated by our team of experts. At the flip of a switch, you’ll have your WAF up and running without any difficult adjustments to your site. With over 26 million internet properties under our protection, you can sleep easy knowing Cloudflare has your back.\u003C\u002Fp>\n\u003Ch4>Additional features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Header rewrite to prevent a redirect loop when Cloudflare’s Universal SSL is enabled\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Change Cloudflare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>View analytics such as total visitors, bandwidth saved, and threats blocked\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support for \u003Ca href=\"https:\u002F\u002Fblog.cloudflare.com\u002Fannouncing-support-for-http-2-server-push-2\u002F\" rel=\"nofollow ugc\">HTTP2\u002FServer Push\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","All of Cloudflare’s performance and security benefits in a simple one-click install.",200000,9150323,70,179,"2025-12-22T16:44:00.000Z","6.9.0","7.4",[20,92,93,94,24],"ddos","seo","speed","https:\u002F\u002Fblog.cloudflare.com\u002Fnew-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudflare.4.14.2.zip",99,2,"2024-01-04 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":47,"downloaded":108,"rating":36,"num_ratings":109,"last_updated":110,"tested_up_to":52,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":116,"download_link":117,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"https-redirection","Easy HTTPS Redirection (SSL)","2.0.0","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Ch4>Only use this plugin if you have installed SSL certificate on your site and HTTPS is working correctly\u003C\u002Fh4>\n\u003Cp>Once you’ve installed an SSL certificate on your site, it’s important to ensure that your webpages are accessed via their secure HTTPS URLs.\u003C\u002Fp>\n\u003Cp>To improve SEO and user security, you want search engines and visitors to always use the HTTPS version of your pages. This plugin makes that easy by automatically redirecting users to the HTTPS version whenever they try to access the non-HTTPS (HTTP) version of a page.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cp>Let’s say you want to ensure the following page is always accessed over HTTPS:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If a visitor tries to access:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will automatically redirect them to the secure version:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This ensures that visitors always access the HTTPS version of your pages or site.\u003C\u002Fp>\n\u003Cp>You can choose to automatically redirect your entire domain to HTTPS, or selectively apply HTTPS redirection to specific pages.\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoyJgRFCM6u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLtyBraB64v8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Force Load Static Files Using HTTPS\u003C\u002Fh3>\n\u003Cp>If you started using SSL from day 1 of your site then all your static files are already embedded using HTTPS URL. You have no issue there.\u003C\u002Fp>\n\u003Cp>However, if you have an existing website where you have a lot of static files that are embedded in your posts and pages using NON-HTTPS URL then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors.\u003C\u002Fp>\n\u003Cp>This plugin has an option that will allow you to force load those static files using HTTPS URL dynamically.\u003C\u002Fp>\n\u003Cp>This will help you make the webpage fully compatible with SSL.\u003C\u002Fp>\n\u003Ch3>SSL Certificate Expiry Notification\u003C\u002Fh3>\n\u003Cp>This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.\u003C\u002Fp>\n\u003Cp>You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.\u003C\u002Fp>\n\u003Cp>This feature is especially useful for site owners who may not frequently check their SSL status, or for those managing multiple websites. By receiving timely alerts, you can renew your SSL certificate in advance and prevent potential downtime or security warnings.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically redirect all HTTP traffic to HTTPS\u003C\u002Fli>\n\u003Cli>Option to force HTTPS on the entire site\u003C\u002Fli>\n\u003Cli>Option to selectively apply HTTPS redirection to specific pages\u003C\u002Fli>\n\u003Cli>Helps search engines index the secure versions of your pages\u003C\u002Fli>\n\u003Cli>Improves site security and user trust\u003C\u002Fli>\n\u003Cli>Force load static files (images, js, css etc) using a HTTPS URL\u003C\u002Fli>\n\u003Cli>SSL certificate expiry notification – Option to send SSL expiry notifications to a specific email address\u003C\u002Fli>\n\u003Cli>Easily see which SSL certificates on your site are approaching their expiry date.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View more details on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin\" rel=\"nofollow ugc\">HTTPS Redirection plugin\u003C\u002Fa> page.\u003C\u002Fp>\n","The plugin allows an automatic redirection to the \"HTTPS\" version\u002FURL of the site. Make your site SSL compatible easily.",1169853,71,"2025-12-02T03:12:00.000Z","6.5",[113,22,114,115,24],"force-ssl","insecure-content","redirection","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-redirection.2.0.0.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":47,"downloaded":126,"rating":49,"num_ratings":127,"last_updated":128,"tested_up_to":52,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":133,"download_link":134,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ssl-insecure-content-fixer","SSL Insecure Content Fixer","2.7.2","webaware","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebaware\u002F","\u003Cp>Clean up your WordPress website’s HTTPS insecure content and mixed content warnings. Installing the SSL Insecure Content Fixer plugin will solve most insecure content warnings with little or no effort. The remainder can be diagnosed with a few simple tools.\u003C\u002Fp>\n\u003Cp>When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.\u003C\u002Fp>\n\u003Cp>WordPress Multisite gets a network settings page. This can be used to set default settings for all sites within a network, so that network administrators only need to specify settings on sites that have requirements differing from the network defaults.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fssl.webaware.net.au\u002F\" rel=\"nofollow ugc\">SSL Insecure Content Fixer website\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Many thanks to the generous efforts of our translators:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bulgarian (bg_BG) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fbg\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Bulgarian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chinese simplified (zh_CN) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fzh-cn\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Chinese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_CA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-ca\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (Canadian) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_GB) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-gb\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (British) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_ZA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-za\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (South African) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fnl\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Dutch translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (de_DE) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fde\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the German translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>French (fr_FR) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Ffr\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the French translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (it_IT) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fit\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Italian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese (ja) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fja\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Japanese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fru\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Russian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fes\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Spanish translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to help out by translating this plugin, please \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">sign up for an account and dig in\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>SSL Insecure Content Fixer does not collect any personally identifying information, and does not set any cookies.\u003C\u002Fp>\n","Clean up WordPress website HTTPS insecure content",2650141,221,"2025-12-14T04:38:00.000Z","4.0","5.3",[22,114,74,132,24],"partially-encrypted","https:\u002F\u002Fssl.webaware.net.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-insecure-content-fixer.2.7.2.zip",{"attackSurface":136,"codeSignals":142,"taintFlows":149,"riskAssessment":150,"analyzedAt":158},{"hooks":137,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":141,"entryPointCount":28,"unprotectedCount":28},[],[],[],[],[],{"dangerousFunctions":143,"sqlUsage":144,"outputEscaping":146,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":148},[],{"prepared":28,"raw":28,"locations":145},[],{"escaped":28,"rawEcho":28,"locations":147},[],[],[],{"summary":151,"deductions":152},"The \"ctw-ssl-for-cloudflare\" plugin v1.0.9 exhibits a strong security posture based on the provided static analysis results.  There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication. The code demonstrates excellent practice by not utilizing dangerous functions, performing all SQL queries using prepared statements, and ensuring all output is properly escaped. The absence of file operations, external HTTP requests, and any identified taint flows further strengthens its security.  The plugin also has a clean vulnerability history with no recorded CVEs, indicating a history of secure development or effective patching of past issues.\n\nWhile the lack of entry points, secure coding practices, and vulnerability history are highly positive, the analysis reveals a complete absence of nonce checks and capability checks. This could be a concern if any functionality were to be introduced in the future that could be triggered without proper authorization. However, given the current analysis showing zero entry points, this absence does not represent an immediate exploitable risk. The plugin's current design appears very secure, with its primary strength being its limited attack surface and adherence to secure coding principles in its existing code.",[153,156],{"reason":154,"points":155},"No nonce checks found",5,{"reason":157,"points":155},"No capability checks found","2026-03-16T18:26:48.146Z",{"wat":160,"direct":165},{"assetPaths":161,"generatorPatterns":162,"scriptPaths":163,"versionParams":164},[],[],[],[],{"cssClasses":166,"htmlComments":167,"htmlAttributes":168,"restEndpoints":169,"jsGlobals":170,"shortcodeOutput":171},[],[],[],[],[],[]]