[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fu3auoFh6Lf5cZScVVlSeZDCrSLDB2GYveUSTAZwNuGA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":35,"analysis":130,"fingerprints":205},"custom-registration","Custom Registration","1.0","burak","https:\u002F\u002Fprofiles.wordpress.org\u002Fburakkaptan\u002F","\u003Cp>This plugin disable auto-generated registration password and allow users to create own password on registration page.\u003C\u002Fp>\n","This plugin disable auto-generated registration password and allow users to create own password on registration page.",200,2725,0,"2015-02-11T21:09:00.000Z","4.1.42","3.0.1","",[19,20,21],"custom","login","registration","http:\u002F\u002Fburak-aydin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-registration.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"burakkaptan",5,1610,30,84,"2026-04-05T17:23:09.157Z",[36,58,79,95,114],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":53,"download_link":54,"security_score":55,"vuln_count":56,"unpatched_count":13,"last_vuln_date":57,"fetched_at":26},"custom-login-url","Custom Login URL","1.0.3","Greg Winiarski","https:\u002F\u002Fprofiles.wordpress.org\u002Fgwin\u002F","\u003Cp>Custom Login URL (CLU) is a lightweight plugin that allows to customize default WP login, registration and password\u003Cbr \u002F>\nreminder URLs without modifying any files, simple and swift.\u003C\u002Fp>\n\u003Cp>Why would anyone would want to use this plugin? Well, after developing some sites it turned\u003Cbr \u002F>\nout that site owners do not want to reveal to customers that they are using WordPress, hence the plugin that will mask\u003Cbr \u002F>\noriginal URLs.\u003C\u002Fp>\n\u003Cp>What the plugin can do:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>change \u002Fwp-login.php to for example \u002Fuser\u002Flogin\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=register to for example \u002Fuser\u002Fregister\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=lostpassword to for example \u002Fuser\u002Fremind\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=logout to for example \u002Fuser\u002Flogout\u002F\u003C\u002Fli>\n\u003Cli>you can define your own custom paths for each URL above\u003C\u002Fli>\n\u003Cli>set successfull login and logout redirect URLs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In order to make the plugin work you need to have Permalinks enabled in WP Settings.\u003C\u002Fp>\n","Whitelabel your site by hiding wp-login.php in the login and registration URLs",1000,49777,76,18,"2025-09-15T13:23:00.000Z","6.8.5","6.0",[37,52],"custom-registration-url","https:\u002F\u002Fsimpliko.pl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-login-url.1.0.3.zip",99,1,"2025-09-22 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":17,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":76,"download_link":77,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":78},"ae-admin-customizer","AE Admin Customizer","1.0.7","allan.empalmado","https:\u002F\u002Fprofiles.wordpress.org\u002Fallanempalmado\u002F","\u003Cp>Now you can customize the Login\u002FRegistration Page with Live Preview using wordpress Customizer feature.\u003C\u002Fp>\n\u003Cp>The easiest way to brand your WordPress dashboards the way you want. Easily customize your admin dashboard, change WordPress logo with your company logo in admin panel, login and registration page.\u003C\u002Fp>\n\u003Ch3>Translation\u002FLocalization Ready\u003C\u002Fh3>\n\u003Cp>For translators who wants to add new language to AE Admin Customizer contribute via \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fae-admin-customizer\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Customize Admin Dashboard Sidebar, Topbar and Global Colors\u003C\u002Fli>\n\u003Cli>Customize Login and Registration Page with Customizer for Live Preview\u003C\u002Fli>\n\u003Cli>Add Custom CSS Styling on Admin Panel, Login and Registration Pages\u003C\u002Fli>\n\u003Cli>Remove WordPress Icon on Admin Topbar\u003C\u002Fli>\n\u003Cli>Add Custom Logo to Admin Topbar, Login and Registration Page\u003C\u002Fli>\n\u003Cli>Ability to Remove WordPress Version No. on Admin Panel\u003C\u002Fli>\n\u003Cli>Ability to Remove Version numbers from scripts and stylesheet’s HTML\u003C\u002Fli>\n\u003Cli>Ability to Remove WordPress Generator Tag both HTML and RSS Feeds\u003C\u002Fli>\n\u003Cli>Ability to Remove Help Tab from Admin Dashboard\u003C\u002Fli>\n\u003Cli>Ability to Remove Screen Options Tab\u003C\u002Fli>\n\u003Cli>Ability to Remove Welcome to WordPress Dashboard Widget\u003C\u002Fli>\n\u003Cli>Ability to Remove WordPress News and Events Dashboard Widget\u003C\u002Fli>\n\u003Cli>Change or Replace Admin Left Footer Text with your own \u003C\u002Fli>\n\u003Cli>Ability to Import \u002F Export AE Admin Customizer Settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Get In touch with us and the rest of the team.\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fappdevph\u002F\" rel=\"nofollow ugc\">Facebook Page\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.messenger.com\u002Ft\u002Fappdevph\" rel=\"nofollow ugc\">FB Messenger\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Fallanempalmado\" rel=\"nofollow ugc\">Send us some pizza\u003C\u002Fa>\u003C\u002Fp>\n","Now you can customize the Login\u002FRegistration Page with Live Preview using wordpress Customizer feature.",10,1886,100,2,"4.8.28","4.5",[73,74,20,21,75],"branding","customization","wp-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fae-admin-customizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fae-admin-customizer.1.0.7.zip","2026-03-15T10:48:56.248Z",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":66,"downloaded":87,"rating":68,"num_ratings":56,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":17,"tags":91,"homepage":17,"download_link":94,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"my-custom-login","My Custom Login","1.0.0","Ajay Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacsystem\u002F","\u003Cp>My Custom Login is the WordPress login plugin, allows site admin to add login\u002Fregistration on their sites menu.\u003Cbr \u002F>\nIt uses the page wp-login.php for login and wp-signup.php for register, it displays the login\u002Fregister link if you are logged out and logout link if you are logged in.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Your registration, log in, pages remains same no changes.\u003C\u002Fli>\n\u003Cli>Simple login registration links that allow users to login and register to your site.\u003C\u002Fli>\n\u003C\u002Ful>\n","My Custom Login is the WordPress login plugin, allows site admin to add login\u002Fregistration on their sites menu.",2407,"2015-11-18T04:42:00.000Z","4.3.34","4.3.1",[19,92,20,93,21],"log-in","register","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-custom-login.1.0.0.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":13,"downloaded":103,"rating":13,"num_ratings":13,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":107,"tags":108,"homepage":17,"download_link":112,"security_score":113,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"custom-loginregister-fields","Custom Login\u002FRegister Fields","1.0.1","ketu762","https:\u002F\u002Fprofiles.wordpress.org\u002Fketu762\u002F","\u003Cp>Custom Login\u002FRegister Fields plugin allows you to add custom fields to the WordPress registration forms. You can easily add text, email, number, tel, and textarea fields with custom validation rules from the WordPress admin interface. The custom fields can also be managed via a drag-and-drop interface.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add custom fields to the registration forms.\u003C\u002Fli>\n\u003Cli>Support for text, email, number, tel, and textarea fields.\u003C\u002Fli>\n\u003Cli>Custom validation rules for each field.\u003C\u002Fli>\n\u003Cli>Drag-and-drop interface for managing fields.\u003C\u002Fli>\n\u003Cli>Display custom fields in user profiles.\u003C\u002Fli>\n\u003Cli>Save custom field data in user meta.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa> for more details.\u003C\u002Fp>\n","Custom Login\u002FRegister Fields allows you to add custom fields to the WordPress registration forms with an easy drag-and-drop interface.",1123,"2024-10-10T06:01:00.000Z","6.6.5","5.0","7.0",[109,110,20,21,111],"admin","custom-fields","user-profile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-loginregister-fields.1.0.1.zip",92,{"slug":115,"name":116,"version":6,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":13,"downloaded":121,"rating":68,"num_ratings":56,"last_updated":17,"tested_up_to":122,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":127,"download_link":128,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":129},"custom-registration-and-login","Custom Registration and Login","Pushpendra","https:\u002F\u002Fprofiles.wordpress.org\u002Fnidhi1512\u002F","\u003Cp>This plugin involves log-in & registration’s functionality on front-end. We can easily create our login & registration page on front-end through this plug-in. It also provides profile page & is most user friendly from user’s perspective. It provides short code by which an user can easily use this.\u003C\u002Fp>\n","This plugin involves log-in & registration’s functionality on front-end. We can easily create our login & registration page on front-end throu &hellip;",15496,"4.7.32","4.6","5.2.4",[19,20,126,21],"profile","https:\u002F\u002Fwww.f5buddy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-registration-and-login.zip","2026-03-15T14:44:11.924Z",{"attackSurface":131,"codeSignals":160,"taintFlows":168,"riskAssessment":196,"analyzedAt":204},{"hooks":132,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":13,"unprotectedCount":13},[133,139,144,148,152],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","init","cr_adding_style","cr.php",22,{"type":134,"name":140,"callback":141,"priority":142,"file":137,"line":143},"admin_notices","cr_remove_default",9,43,{"type":134,"name":145,"callback":146,"file":137,"line":147},"register_form","cr_register_form",73,{"type":134,"name":149,"callback":150,"file":137,"line":151},"registration_errors","cr_registration_errors",96,{"type":134,"name":153,"callback":154,"file":137,"line":155},"user_register","cr_saving_password",115,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":167},[],{"prepared":13,"raw":13,"locations":163},[],{"escaped":165,"rawEcho":13,"locations":166},6,[],[],[169,188],{"entryPoint":170,"graph":171,"unsanitizedCount":13,"severity":187},"cr_register_form (cr.php:49)",{"nodes":172,"edges":184},[173,178],{"id":174,"type":175,"label":176,"file":137,"line":177},"n0","source","$_POST (x2)",51,{"id":179,"type":180,"label":181,"file":137,"line":182,"wp_function":183},"n1","sink","echo() [XSS]",59,"echo",[185],{"from":174,"to":179,"sanitized":186},true,"low",{"entryPoint":189,"graph":190,"unsanitizedCount":13,"severity":187},"\u003Ccr> (cr.php:0)",{"nodes":191,"edges":194},[192,193],{"id":174,"type":175,"label":176,"file":137,"line":177},{"id":179,"type":180,"label":181,"file":137,"line":182,"wp_function":183},[195],{"from":174,"to":179,"sanitized":186},{"summary":197,"deductions":198},"The 'custom-registration' plugin v1.0 exhibits a strong security posture based on the provided static analysis. The absence of any detected dangerous functions, direct SQL queries, file operations, or external HTTP requests is a significant positive. Furthermore, all detected output is properly escaped, and there are no identified taint flows with unsanitized paths, indicating good input handling practices.\n\nHowever, a notable concern is the complete lack of nonce checks and capability checks across all entry points. While the current analysis shows zero unprotected entry points and no known vulnerabilities, this absence of built-in security mechanisms makes the plugin vulnerable to potential CSRF and privilege escalation attacks should new entry points be introduced or existing ones be exploited in conjunction with other plugin vulnerabilities. The plugin's history of zero CVEs is encouraging but does not negate the inherent risk associated with missing fundamental security checks.\n\nIn conclusion, 'custom-registration' v1.0 demonstrates excellent code hygiene in several key areas. Nevertheless, the lack of nonce and capability checks represents a critical weakness that significantly elevates its risk profile, especially for a plugin that handles user registration, a sensitive operation. This omission needs to be addressed to ensure robust security.",[199,202],{"reason":200,"points":201},"Missing nonce checks",15,{"reason":203,"points":201},"Missing capability checks","2026-03-16T20:08:46.184Z",{"wat":206,"direct":212},{"assetPaths":207,"generatorPatterns":209,"scriptPaths":210,"versionParams":211},[208],"\u002Fwp-content\u002Fplugins\u002Fcustom-registration\u002Fcss\u002Fstyle.css",[],[],[],{"cssClasses":213,"htmlComments":215,"htmlAttributes":216,"restEndpoints":217,"jsGlobals":218,"shortcodeOutput":219},[214],"input",[],[],[],[],[220,221,222,223],"\u003Cp>\n\t\t\u003Clabel for=\"user_pass\">New Password\u003C\u002Flabel>\n\t\t\u003Cinput type=\"password\" class=\"input\" name=\"user_pass\" value=\"","\">\u003C\u002Fp>\n\n\t\u003Cp>\n\t\t\u003Clabel for=\"confirm_pass\">Repeat Password\u003C\u002Flabel>\n\t\t\u003Cinput type=\"password\" class=\"input\" name=\"confirm_pass\" value=\"","\">\u003C\u002Fp>\n\n\t\u003Cp>\n\t\t\u003Cdiv id=\"pass-strength-result\">","\u003C\u002Fdiv>\n\t\u003C\u002Fp>"]