[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVw0X_J2KDWvsW9uttTtNeYDEAb2tixDxs3LGrK69MHI":3,"$fW0bjnJ6TqaRj-ugaOk9kpheJzb0OcGysw2gwlR9EWb0":188,"$f7k8zfrtXJHhVy-QfvpDH0RJ7ZPlsG9lhHIVFISn4en8":193},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":41,"analysis":139,"fingerprints":174},"deactivate-users","Deactivate WordPress Users","1.1","Eric Binnion","https:\u002F\u002Fprofiles.wordpress.org\u002Febinnion\u002F","\u003Cp>Allows admins to deactivate a user as opposed to deleting a user. Works with web and XML-RPC based authentication.\u003C\u002Fp>\n\u003Cp>Once installed and activated, a checkbox appears on the user profile settings page. When checked, the user will not be able to login with the account. If they attempt to login, \u003Ccode>This user has been deactivated. Please contact the administrator.\u003C\u002Fcode> will be displayed in the login error box.\u003C\u002Fp>\n","Allows admins to deactivate a user as opposed to deleting a user. Works with web and XML-RPC based authentication.",10,1801,80,1,"2014-06-20T15:25:00.000Z","3.9.40","3.0.1","",[20,21,22,23,24],"authentication","deactivate","disable","user","users","http:\u002F\u002Fcrane-west.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdeactivate-users.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":37,"avg_patch_time_days":38,"trust_score":39,"computed_at":40},"ebinnion",5,50,86,30,84,"2026-05-20T06:44:39.350Z",[42,65,86,103,121],{"slug":43,"name":44,"version":45,"author":46,"author_profile":47,"description":48,"short_description":49,"active_installs":50,"downloaded":51,"rating":52,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":61,"download_link":62,"security_score":63,"vuln_count":14,"unpatched_count":28,"last_vuln_date":64,"fetched_at":30},"user-blocker","User Blocker","2.2","solwininfotech","https:\u002F\u002Fprofiles.wordpress.org\u002Fsolwininfotech\u002F","\u003Cp>User Blocker plugin provide the ability to admin to block or unblock user accounts quickly and effortlessly. User can be blocked by Roll or username for specific day & time OR date range Or permanently. When someone tries to log in, and if that user blocked then a friendly error message is displayed on the login screen. You can unblock accounts at any time you want.\u003Cbr \u002F>\nAlso admin can view blocked user list and quickly search user and unblock account if require.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Blocker Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block user by time (FROM-time to TO-time) for certain week days\u003C\u002Fli>\n\u003Cli>Block user by date (FROM-date to TO-date)\u003C\u002Fli>\n\u003Cli>Block user Permanently\u003C\u002Fli>\n\u003Cli>Unblock user any time\u003C\u002Fli>\n\u003Cli>Block user by UserName OR by Role\u003C\u002Fli>\n\u003Cli>Customizable message for each blocked User OR Blocked Role\u003C\u002Fli>\n\u003Cli>View blocked user list By Time, By Date and Permanently blocked users.\u003C\u002Fli>\n\u003Cli>Easy to search any blocked user by username\u002F email \u002F First name to view blocking status and modify or remove blocking\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Technical Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You have any suggestion with User Blocker plugin or you found a bug, please contact us at \u003Ca href=\"http:\u002F\u002Fsupport.solwininfotech.com\" rel=\"nofollow ugc\">support.solwininfotech.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Permissions:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Only administrators are allowed to use this system. People with lower access levels are neither shown the new bulk actions, nor are they allowed to change the status of accounts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important: Plugin does not deactivate any Admin users.\u003C\u002Fstrong>\u003C\u002Fp>\n","To block users from admin side except admin users for specific day,time, and date or permanently.",3000,81777,82,"2024-08-09T14:45:00.000Z","6.6.5","5.4",[57,4,58,59,60],"block-user","deny-user","disable-users","restrict-user","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-blocker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-blocker.zip",92,"2022-11-09 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":35,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":83,"download_link":84,"security_score":75,"vuln_count":14,"unpatched_count":28,"last_vuln_date":85,"fetched_at":30},"disable-user-login","Disable User Login","2.1.7","Saint Systems","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaintsystems\u002F","\u003Cp>This plugin gives you the ability to disable specific user accounts via a profile setting.\u003C\u002Fp>\n\u003Cp>Once installed and activated, a checkbox appears on the user profile settings (only for admins). When checked, the user’s account will be disabled and they will be unable to login with the account. If they try to login, they are instantly logged out and redirected to the login page with a message that notifies them their account is disabled.\u003C\u002Fp>\n\u003Cp>This can be useful in a few situations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You want freelance writers to still show up in the authors box, but you don’t want them to be able to login.\u003C\u002Fli>\n\u003Cli>You have former employees who have authored posts and you don’t want to delete them or reassign their posts to other users, but still need them to show up in the “Authors box.”\u003C\u002Fli>\n\u003Cli>You are working on a site for a client who has an account, but do not want him to login and\u002For make changes during development.\u003C\u002Fli>\n\u003Cli>You have a client who has an unpaid invoice.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsaintsystems\u002Fdisable-user-login\u002F\" rel=\"nofollow ugc\">This plugin is on GitHub!\u003C\u002Fa>\u003C\u002Fstrong> Pull requests are welcome. If possible please report issues through Github.\u003C\u002Fp>\n\u003Ch4>Upgrade to Pro\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.saintsystems.com\u002Fproducts\u002Fdisable-user-login-pro\u002F\" rel=\"nofollow ugc\">Disable User Login Pro\u003C\u002Fa> adds powerful tools for managing user accounts at scale:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>CSV Import & Export\u003C\u002Fstrong> — bulk enable or disable hundreds of users at once via spreadsheet\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications\u003C\u002Fstrong> — automatically notify users when their account is disabled or re-enabled, with customizable email templates, merge tags, and optional admin CC\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Audit Log\u003C\u002Fstrong> — full history of every disable\u002Fenable action with timestamps, who performed it, and why\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filterable User List\u003C\u002Fstrong> — “Disabled” and “Enabled” filter views on the Users screen with count badges and a sortable Disabled column\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for membership sites, nonprofits managing volunteers, agencies onboarding\u002Foffboarding clients, and universities managing student accounts.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.saintsystems.com\u002Fproducts\u002Fdisable-user-login-pro\u002F\" rel=\"nofollow ugc\">Learn more about Disable User Login Pro\u003C\u002Fa>\u003C\u002Fp>\n","Disable user accounts without deleting them. One-click enable\u002Fdisable, bulk actions, force logout, and customizable disabled message.",5000,65754,100,"2026-04-03T18:58:00.000Z","6.9.4","6.2","7.4",[81,22,82,23,24],"account","login","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-user-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-user-login.2.1.7.zip","2023-11-15 00:00:00",{"slug":59,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":18,"tags":100,"homepage":101,"download_link":102,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Disable Users","1.0.5","Jared Atchison","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaredatch\u002F","\u003Cp>This plugin gives you the ability to disable specific user accounts via a profile setting.\u003C\u002Fp>\n\u003Cp>Once installed and activated, a checkbox appears on the user profile settings (only for admins). When checked, the users account will be disabled and they will be unable to login with the account. If they try to login, they are instantly logged out and redirected to the login page with a message that notifies them their account is disabled.\u003C\u002Fp>\n\u003Cp>This can be useful in a few situations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You are working on a site for a client who has an account, but do not want him to login and\u002For make changes during development.\u003C\u002Fli>\n\u003Cli>You have a client who has an unpaid invoice.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjaredatch\u002FDisable-Users\u002F\" rel=\"nofollow ugc\">This plugin is on GitHub!\u003C\u002Fa>\u003C\u002Fstrong> Pull requests are welcome. If possible please report issues through Github.\u003C\u002Fp>\n","This plugin gives you the ability to disable specific user accounts via a profile setting.",2000,40330,94,18,"2017-11-28T19:50:00.000Z","4.3.34","4.0.0",[22,82,24],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fdisable-users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-users.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":18,"short_description":109,"active_installs":38,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":18,"tags":116,"homepage":18,"download_link":120,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"prevent-users-from-deleting-pages-posts-custom-post-types","Prevent Users From Deleting Post and Pages","0.3","Ravi Shakya","https:\u002F\u002Fprofiles.wordpress.org\u002Fravisakya\u002F","This plugin prevents users from deleting pages, posts and custom post types.",2155,60,2,"2015-08-17T08:28:00.000Z","4.2.39","3.0",[117,22,118,119,24],"delete","disable-delete","restrict-delete","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-users-from-deleting-pages-posts-custom-post-types.0.3.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":38,"downloaded":129,"rating":28,"num_ratings":28,"last_updated":130,"tested_up_to":77,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":137,"download_link":138,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"require-auth-users-rest-endpoint","Require Auth Users REST Endpoint","1.0.0","Sal Ferrarello","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalcode\u002F","\u003Cp>This plugin modifies the \u003Ccode>\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fcode> endpoint to require authentication.\u003C\u002Fp>\n\u003Cp>By default on a WordPress site you can list the users that have posted content on the site by visiting this endpoint.\u003C\u002Fp>\n\u003Cp>This plugin requires the user to be authenticated to view the list of users.\u003C\u002Fp>\n\u003Ch3>What this means\u003C\u002Fh3>\n\u003Cp>If you go directly to the URL \u003Ccode>\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fcode> you will get a \u003Ccode>401 Unauthorized\u003C\u002Fcode> response.\u003C\u002Fp>\n\u003Cp>But if you open a block editor page and run the following from the browser console,\u003C\u002Fp>\n\u003Cpre>\u003Ccode>await wp.apiFetch({path: 'wp\u002Fv2\u002Fusers'});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>you will get a list of users (because the \u003Ccode>wp.apiFetch()\u003C\u002Fcode> function authenticates the user’s call to the WordPress REST API).\u003C\u002Fp>\n\u003Ch3>Author\u003C\u002Fh3>\n\u003Cp>Sal Ferrarello \u002F \u003Ca href=\"https:\u002F\u002Fsalferrarello.com\" rel=\"nofollow ugc\">salferrarello.com\u003C\u002Fa>\u003C\u002Fp>\n","Require authentication when accessing the \u002Fwp-json\u002Fwp\u002Fv2\u002Fusers REST API endpoint.",1079,"2026-01-13T02:22:00.000Z","6.5","7.2",[134,20,135,136,24],"api","endpoint","rest","https:\u002F\u002Fgithub.com\u002Fsalcode\u002Frequire-auth-users-rest-endpoint","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frequire-auth-users-rest-endpoint.1.0.0.zip",{"attackSurface":140,"codeSignals":162,"taintFlows":169,"riskAssessment":170,"analyzedAt":173},{"hooks":141,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":28,"unprotectedCount":28},[142,148,154],{"type":143,"name":144,"callback":144,"priority":145,"file":146,"line":147},"action","init",9999,"deactivate-users.php",32,{"type":149,"name":150,"callback":151,"priority":152,"file":146,"line":153},"filter","cmb_meta_boxes","add_user_meta",12,33,{"type":149,"name":155,"callback":156,"priority":36,"file":146,"line":157},"authenticate","validate_active_user",34,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":14,"bundledLibraries":168},[],{"prepared":28,"raw":28,"locations":165},[],{"escaped":28,"rawEcho":28,"locations":167},[],[],[],{"summary":171,"deductions":172},"The \"deactivate-users\" plugin v1.1 exhibits a strong security posture based on the provided static analysis. There are no identified dangerous functions, all SQL queries utilize prepared statements, and output escaping is complete. Furthermore, the absence of file operations, external HTTP requests, and a very limited attack surface (zero AJAX handlers, REST API routes, shortcodes, or cron events) significantly reduce the potential for exploitation. The presence of one capability check further indicates a degree of authorization awareness in the codebase.\n\nThe vulnerability history is equally reassuring, showing zero known CVEs, currently unpatched vulnerabilities, or any recorded common vulnerability types. This lack of past security incidents, coupled with the clean static analysis, suggests a well-developed and secure plugin. \n\nHowever, the complete absence of nonce checks and the single capability check, while not directly indicative of a vulnerability in this specific version given the zero attack surface, represent a potential area for concern if the plugin were to evolve and introduce more interactive features. The current analysis suggests a highly secure plugin, but it's important to maintain vigilance for future updates.",[],"2026-03-17T01:00:53.771Z",{"wat":175,"direct":180},{"assetPaths":176,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[],[],[],[],{"cssClasses":181,"htmlComments":182,"htmlAttributes":183,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[],[],[184],"data-id=\"_deactivate_user_meta\"",[],[],[],{"error":189,"url":190,"statusCode":191,"statusMessage":192,"message":192},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdeactivate-users\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":194},[]]