[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxNm7ql-6Nz1vZZIUHi7N7MfuPp-kb924DQhz-ksUDS8":3,"$f-Kp6_X8No4tY8N2-F1rGIXlo9JdImkqb79mCVNGFy80":212,"$fb1OzewLBeGfUgIJSG5sGxuYyqTbm0gutZwfgdxWnmB8":217},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":36,"analysis":130,"fingerprints":197},"disableremove-login-hints","Disable\u002FRemove Login Hints","0.1","ubaidullahop","https:\u002F\u002Fprofiles.wordpress.org\u002Fubaidullahop\u002F","\u003Cp>When you type a non-existent\u002Fincorrect username or password while logging into WordPress, it will provide a very detailed error message telling you exactly whether your username is wrong or the password doesn’t match. That could offer an hint to people who are trying to break into your WordPress webiste but, fortunately, this plugin allows you to put your custom error message or you could use the default one.\u003C\u002Fp>\n","A security plugin to disable\u002Fremove WordPress login hints during login process to protect your website.",10,949,0,"2020-07-23T08:34:00.000Z","5.4.19","3.5","",[19,20,21,22,23],"custom-error-message","disable-login-hints","disable-wordpress-login-hints","error-message","login-hints","https:\u002F\u002Fwordpress.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisableremove-login-hints.0.1.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-05-20T08:01:33.228Z",[37,56,75,94,113],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":17,"requires_php":17,"tags":49,"homepage":54,"download_link":55,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"custom-error-messages-for-gravityforms","Custom Error Messages for Gravity Forms","1.0.6","Zbynek Nedoma","https:\u002F\u002Fprofiles.wordpress.org\u002Fdomaneni\u002F","\u003Cp>This plugin allows you to set custom error messages for Gravity Forms inputs. We support messages for Required, Unique and Email Validation errors.\u003C\u002Fp>\n\u003Ch4>Links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomaneni.cz\u002Fgfcem\u002F\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fdomaneni\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Ch4>How to use form global settings\u003C\u002Fh4>\n\u003Cp>In the settings of each form, you will find the \u003Cstrong>Custom Error Message\u003C\u002Fstrong> section. Here you can enable them for the entire form and set the default messages to be used for supported fields.\u003C\u002Fp>\n\u003Ch4>How to use form field settings\u003C\u002Fh4>\n\u003Cp>Use this option if you need to set a custom error message only for a specific field or to override the default message. Go to the \u003Cstrong>Advanced\u003C\u002Fstrong> Field Settings tab and you will find the \u003Cstrong>Allow custom error messages\u003C\u002Fstrong> checkbox. Once enabled, you can set a custom message for this field.\u003C\u002Fp>\n","Adds custom error messages to Gravity Forms inputs",400,3099,"2023-10-23T06:57:00.000Z","6.3.8",[50,51,22,52,53],"custom","error","gravity-forms","gravityforms","https:\u002F\u002Fdomaneni.cz\u002Fgfcem","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-error-messages-for-gravityforms.1.0.6.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":17,"tags":71,"homepage":17,"download_link":74,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"custom-login-error-message","Custom Login Error Message","1.0.0","Muhammad Umer","https:\u002F\u002Fprofiles.wordpress.org\u002Fmuhammadumer\u002F","\u003Cp>This plugin shows a custom error message of your choice to users when they enter invalid username or password.\u003C\u002Fp>\n","This plugin shows a custom error message of your choice to users when they enter invalid username or password.",100,2371,90,2,"2016-01-23T01:25:00.000Z","4.4.34","4.0.0",[22,72,73],"login","message","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-login-error-message.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":64,"downloaded":83,"rating":64,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":17,"tags":88,"homepage":92,"download_link":93,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"display-wp-mail-error-messages","Display wp_mail Error Messages","1.0","WonderPlugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderplugin\u002F","\u003Cp>\u003Cstrong>Display wp_mail Error Messages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Many plugins use the WordPress function \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fwp_mail\u002F\" rel=\"nofollow ugc\">wp_mail\u003C\u002Fa> to send emails. When an error happens, it’s hard to locate the problem. This plugin will catch the wp_mail error messages and display them.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>Automatically clear the log when it exceeds the defined maximum length limit.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How to Use\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>After the plugin is installed and activated, in the WordPress backend, goto the left menu WP Error Messages -> Show Errors.\u003C\u002Fp>\n","Display wp_mail error messages",5895,3,"2023-12-05T23:35:00.000Z","6.4.8","3.6",[89,90,91],"error-messages","phpmailer","wp_mail","https:\u002F\u002Fwww.wonderplugin.com\u002Fdisplay-wordpress-error-messages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-wp-mail-error-messages.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":11,"downloaded":102,"rating":64,"num_ratings":84,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":17,"tags":106,"homepage":17,"download_link":112,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"jc-ajax-comment","JC Ajax Comments","1.00","llavillaccama","https:\u002F\u002Fprofiles.wordpress.org\u002Fllavillaccama\u002F","\u003Cp>Ajax functionality to comments, this plugin makes the error message is displayed in a popup window and updates the comments.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwebdesignjc.com\u002Frecaptchawp\u002Findex.html\" rel=\"nofollow ugc\">Plugin Website\u003C\u002Fa>\u003C\u002Fp>\n","Ajax in wordpress comments, this plugin makes the error message is displayed in a popup and updates the comments.",2651,"2015-02-27T13:59:00.000Z","4.0.38","3.3",[107,108,109,110,111],"ajax-comment","ajax-comment-form","ajax-comments","ajax-comments-form","error-message-ajax","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjc-ajax-comment.zip",{"slug":114,"name":115,"version":78,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":11,"downloaded":120,"rating":13,"num_ratings":13,"last_updated":121,"tested_up_to":69,"requires_at_least":122,"requires_php":17,"tags":123,"homepage":127,"download_link":128,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":129},"validation-error-message-cf7","Validation Error Message – CF7","Praveen Goswami","https:\u002F\u002Fprofiles.wordpress.org\u002Fpraveen_goswami\u002F","\u003Cp>This plugin help you to add custom validation error message for each tag in form for the Contact form 7.\u003C\u002Fp>\n\u003Cp>Use this light weight and very well sorted plug-in, which is as easy to use as to install and implement.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin let you add a custom error message for each tag (like: text, number, tel, email etc) for each and every contact form.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin help you to add custom validation error message for each tag in form for the Contact form 7.",1269,"2015-12-17T09:16:00.000Z","3.0",[124,22,125,126],"contact-form-validation-error","validation-error","validation-message","http:\u002F\u002Fsaurabhspeaks.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvalidation-error-message-cf7.zip","2026-03-15T15:16:48.613Z",{"attackSurface":131,"codeSignals":149,"taintFlows":159,"riskAssessment":187,"analyzedAt":196},{"hooks":132,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":13,"unprotectedCount":13},[133,139],{"type":134,"name":135,"callback":136,"file":137,"line":138},"filter","login_errors","itc_dlh_wordpress_errors","disableremove-login-hints.php",20,{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_menu","itc_dlh_create_menu","includes\\admin-options.php",6,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":158},[],{"prepared":13,"raw":13,"locations":152},[],{"escaped":13,"rawEcho":32,"locations":154},[155],{"file":143,"line":156,"context":157},37,"raw output",[],[160,179],{"entryPoint":161,"graph":162,"unsanitizedCount":32,"severity":178},"itc_option_form (includes\\admin-options.php:15)",{"nodes":163,"edges":175},[164,169],{"id":165,"type":166,"label":167,"file":143,"line":168},"n0","source","$_POST",25,{"id":170,"type":171,"label":172,"file":143,"line":173,"wp_function":174},"n1","sink","update_option() [Settings Manipulation]",26,"update_option",[176],{"from":165,"to":170,"sanitized":177},false,"low",{"entryPoint":180,"graph":181,"unsanitizedCount":32,"severity":178},"\u003Cadmin-options> (includes\\admin-options.php:0)",{"nodes":182,"edges":185},[183,184],{"id":165,"type":166,"label":167,"file":143,"line":168},{"id":170,"type":171,"label":172,"file":143,"line":173,"wp_function":174},[186],{"from":165,"to":170,"sanitized":177},{"summary":188,"deductions":189},"The plugin \"disableremove-login-hints\" v0.1 exhibits a generally good security posture in terms of its attack surface and lack of known vulnerabilities. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for attackers. Furthermore, the plugin does not appear to have any recorded CVEs, which is a strong indicator of past security diligence. The use of prepared statements for SQL queries is also a positive sign, mitigating the risk of SQL injection vulnerabilities.\n\nHowever, there are concerning findings in the code analysis. The most significant is that 100% of output is not properly escaped. This means that any data displayed by the plugin, if it originates from user input or an untrusted source, could be vulnerable to Cross-Site Scripting (XSS) attacks. Additionally, the taint analysis reveals two flows with unsanitized paths. While not classified as critical or high severity, these unsanitized paths still represent a potential weakness that could be exploited, especially in conjunction with unescaped output.\n\nOverall, the plugin has a low attack surface and no vulnerability history, which are positive attributes. The primary weakness lies in the complete lack of output escaping and the presence of unsanitized paths. While there are no immediate critical vulnerabilities indicated, the unescaped output presents a significant risk of XSS, and the unsanitized paths should be addressed to further strengthen the plugin's security.",[190,193],{"reason":191,"points":192},"100% of outputs are unescaped",8,{"reason":194,"points":195},"2 flows with unsanitized paths",4,"2026-03-16T23:53:22.590Z",{"wat":198,"direct":205},{"assetPaths":199,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[],[],[],[203,204],"disableremove-login-hints\u002Fstyle.css?ver=","disableremove-login-hints\u002Fscript.js?ver=",{"cssClasses":206,"htmlComments":207,"htmlAttributes":208,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":211},[],[],[],[],[],[],{"error":213,"url":214,"statusCode":215,"statusMessage":216,"message":216},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdisableremove-login-hints\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":32,"versions":218},[219],{"version":6,"download_url":25,"svn_tag_url":220,"released_at":27,"has_diff":177,"diff_files_changed":221,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":222,"is_current":213},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdisableremove-login-hints\u002Ftags\u002F0.1\u002F",[],[]]