[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faiHal1sIccHL-7gxzPc2Dh5WyXRB4D9wB0guPxAMag0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":51,"analysis":154,"fingerprints":728},"domain-check","Domain Check","1.0.19","domaincheckplugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fdomaincheckplugin\u002F","\u003Cp>\u003Cstrong>Domain Check\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Domain Check allows you to see what domains and SSL certificates are coming up for expiration and to quickly locate the coupons, coupon codes, and deals from your favorite sites before renewing. Add any email addresses and have multiple people get alerts for upcoming domain renewals or SSL certificate expiration.  You can also search for new domain names with the domain checker using hundreds of supported extensions and even check if your SSL certificates are working on a number of sites. All this plus bulk importing makes Domain Check the best domain management tool for your domain portfolio.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Your Domains\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Marking a domain as Owned will show it within the Your Domains section. This is used to easily filter out the domain names within Domain Check that you own. You can use this section to easily filter your own domains and add expiration notifications and domain expiration alerts to all of your domains. Searching a domain from the Your Domains section will automatically mark it as Owned. Its also the perfect for anyone using domain mapping to keep track of their domains.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Domain Search\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Domain Search is where you can search the availability of domain names just like any other domain checker and see a history of your past domain name searches. Search any of the available domain extensions and TLDs within Domain Check, mark domains as Owned or Taken and set a domain expiration notification for a domain. You can easily click from any search result to see other domains available with the name name but a different domain extension.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Domain Watch\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Domain Watch lets you see at a glance which domains you’ve set up domain expiration alerts for and allows you to view at a glance when your domains are expiring. You can see domains that are Owned or Taken allowing you to monitor other domains you may want backorder to keep track of expiration dates on.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SSL Check\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>SSL Check is where you can search to see the status of your SSL certificates and check if your current SSL certificates are valid. See all your previous SSL checks easily so you can keep checking all your certificates and mark any of them as needing SSL expirtation notification alerts. See at a glance which SSL certificates are valid and which sites are not secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SSL Expiration Alerts\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>SSL Expiration Alerts allow you to monitor your SSL certificates and send out SSL certificate expiration notifications and alerts. All of the SSL certificates and domains you are monitoring are seen in this SSL Expiration Alerts list and you can refresh or remove any SSL certificate at any time.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Import \u002F Export\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Import \u002F Export is how you get your domain names and SSL certificates in to Domain Check. You can use any CSV or XML outputs from your domain registrar or even just highlight you entire list of domains and copy and paste. Domain Check will find any domain names within the CSV, XML, or copy and pasted text and allow you to bulk import your domain names. You can also bulk import SSL certificate URLs and mark any bulk imports to set all domains or SSL certificates to have expiration alerts. This is also a great bulk domain checker.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Like most plugins Domain Check allows you to adjust certain settings within the plugin to help you stay on top your domains and domain names.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Coupons & Deals\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Coupons and Deals section of the plugin is where you can view all of the coupons or deals from major domain registrars, SSL certificate providers, and hosting companies. Refresh the coupons to get the most up to date daily coupon codes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Services & APIs Used\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin uses some data and services for free through calls to URLs & APIs at the domain \u003Ca href=\"http:\u002F\u002Fdomaincheckplugin.com\" rel=\"nofollow ugc\">domaincheckplugin.com\u003C\u002Fa>. No tricks, no signups, and everything is 100% free and included with use of the plugin! This plugin uses affiliate links from some registrars and services to help keep this plugin free 🙂\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Help\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdomaincheckplugin.com\" rel=\"nofollow ugc\">Looking for more help with Domain Check, the Domain Search domain checker, Domain Watch, SSL Check, SSL Alerts, or Coupon, Coupon Codes, and Deals? Please see the Domain Check website: http:\u002F\u002Fdomaincheckplugin.com\u003C\u002Fa>\u003C\u002Fp>\n","Domain Check lets you search domain names, check SSL certificates and HTTPS, set email alerts for domain and SSL expiration, and get daily coupons.",100,17641,9,"2022-01-26T21:25:00.000Z","5.9.13","3.8","",[19,20,21,22,23],"admin","domain","https","multisite","ssl","http:\u002F\u002Fdomaincheckplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdomain-check.1.0.19.zip",85,1,0,"2021-12-28 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2021-24926","domain-check-reflected-cross-site-scripting-via-domain","Domain Check \u003C= 1.0.16 - Reflected Cross-Site Scripting via domain","The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue",null,"\u003C=1.0.16","1.0.17","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc6b3d91c-591b-444d-888b-1b443e72afca?source=api-prod",756,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":47,"trust_score":49,"computed_at":50},69,"2026-04-05T02:03:41.842Z",[52,71,92,111,132],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":11,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":69,"download_link":70,"security_score":26,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"https-domain-alias","HTTPS Domain Alias","1.4.3","Otto Kekäläinen","https:\u002F\u002Fprofiles.wordpress.org\u002Fottok\u002F","\u003Cp>This plugin is useful e.g. if you have a wildcard SSL\u002FTLS certificate for server but not for each site.\u003C\u002Fp>\n\u003Cp>If the site is normally at say \u003Ccode>http:\u002F\u002Fexample.org\u002F\u003C\u002Fcode> and you want to have the admin area https protected, but you don’t have a SSL\u002FTLS certificate so that \u003Ccode>https:\u002F\u002Fexample.org\u002F\u003C\u002Fcode> would work, you can define another domain for secure connections.\u003C\u002Fp>\n\u003Cp>For example instead of \u003Ccode>https:\u002F\u002Fexample.org\u002Fwp-login.php\u003C\u002Fcode> or \u003Ccode>https:\u002F\u002Fexample.org\u002Fwp-admin\u002F\u003C\u002Fcode> the user is redirected to \u003Ccode>https:\u002F\u002Fexample.seravo.com\u002Fwp-login.php\u003C\u002Fcode> or \u003Ccode>https:\u002F\u002Fexample.seravo.com\u002Fwp-admin\u002F\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>This plugin works with both normal WordPress installations and WordPress Network installation and is compatible with the WordPress MU Domain Mapping plugin.\u003C\u002Fp>\n\u003Cp>The code is optimized to be fast and does not for example do any database lookups or use cookies.\u003C\u002Fp>\n\u003Cp>This plugin is made by \u003Ca href=\"https:\u002F\u002Fseravo.com\u002F\" rel=\"nofollow ugc\">Seravo Oy\u003C\u002Fa>, which specializes in open source support services and among others is the only company in Finland to provide \u003Ca href=\"https:\u002F\u002Fseravo.com\u002F\" rel=\"nofollow ugc\">WordPress Premium Hosting\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Source available at https:\u002F\u002Fgithub.com\u002FSeravo\u002Fwp-https-domain-alias\u003C\u002Fp>\n","Enable your site to have a different domains for HTTP and HTTPS.",40,12507,5,"2020-07-28T08:06:00.000Z","4.9.29","3.7",[67,20,21,23,68],"alias","tls","https:\u002F\u002Fgithub.com\u002FSeravo\u002Fwp-https-domain-alias","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-domain-alias.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":81,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":90,"download_link":91,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"https-redirection","Easy HTTPS Redirection (SSL)","2.0.0","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Ch4>Only use this plugin if you have installed SSL certificate on your site and HTTPS is working correctly\u003C\u002Fh4>\n\u003Cp>Once you’ve installed an SSL certificate on your site, it’s important to ensure that your webpages are accessed via their secure HTTPS URLs.\u003C\u002Fp>\n\u003Cp>To improve SEO and user security, you want search engines and visitors to always use the HTTPS version of your pages. This plugin makes that easy by automatically redirecting users to the HTTPS version whenever they try to access the non-HTTPS (HTTP) version of a page.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cp>Let’s say you want to ensure the following page is always accessed over HTTPS:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If a visitor tries to access:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will automatically redirect them to the secure version:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This ensures that visitors always access the HTTPS version of your pages or site.\u003C\u002Fp>\n\u003Cp>You can choose to automatically redirect your entire domain to HTTPS, or selectively apply HTTPS redirection to specific pages.\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoyJgRFCM6u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLtyBraB64v8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Force Load Static Files Using HTTPS\u003C\u002Fh3>\n\u003Cp>If you started using SSL from day 1 of your site then all your static files are already embedded using HTTPS URL. You have no issue there.\u003C\u002Fp>\n\u003Cp>However, if you have an existing website where you have a lot of static files that are embedded in your posts and pages using NON-HTTPS URL then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors.\u003C\u002Fp>\n\u003Cp>This plugin has an option that will allow you to force load those static files using HTTPS URL dynamically.\u003C\u002Fp>\n\u003Cp>This will help you make the webpage fully compatible with SSL.\u003C\u002Fp>\n\u003Ch3>SSL Certificate Expiry Notification\u003C\u002Fh3>\n\u003Cp>This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.\u003C\u002Fp>\n\u003Cp>You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.\u003C\u002Fp>\n\u003Cp>This feature is especially useful for site owners who may not frequently check their SSL status, or for those managing multiple websites. By receiving timely alerts, you can renew your SSL certificate in advance and prevent potential downtime or security warnings.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically redirect all HTTP traffic to HTTPS\u003C\u002Fli>\n\u003Cli>Option to force HTTPS on the entire site\u003C\u002Fli>\n\u003Cli>Option to selectively apply HTTPS redirection to specific pages\u003C\u002Fli>\n\u003Cli>Helps search engines index the secure versions of your pages\u003C\u002Fli>\n\u003Cli>Improves site security and user trust\u003C\u002Fli>\n\u003Cli>Force load static files (images, js, css etc) using a HTTPS URL\u003C\u002Fli>\n\u003Cli>SSL certificate expiry notification – Option to send SSL expiry notifications to a specific email address\u003C\u002Fli>\n\u003Cli>Easily see which SSL certificates on your site are approaching their expiry date.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View more details on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin\" rel=\"nofollow ugc\">HTTPS Redirection plugin\u003C\u002Fa> page.\u003C\u002Fp>\n","The plugin allows an automatic redirection to the \"HTTPS\" version\u002FURL of the site. Make your site SSL compatible easily.",100000,1169853,84,71,"2025-12-02T03:12:00.000Z","6.9.4","6.5",[87,21,88,89,23],"force-ssl","insecure-content","redirection","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-redirection.2.0.0.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":79,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":84,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":109,"download_link":110,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"ssl-insecure-content-fixer","SSL Insecure Content Fixer","2.7.2","webaware","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebaware\u002F","\u003Cp>Clean up your WordPress website’s HTTPS insecure content and mixed content warnings. Installing the SSL Insecure Content Fixer plugin will solve most insecure content warnings with little or no effort. The remainder can be diagnosed with a few simple tools.\u003C\u002Fp>\n\u003Cp>When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.\u003C\u002Fp>\n\u003Cp>WordPress Multisite gets a network settings page. This can be used to set default settings for all sites within a network, so that network administrators only need to specify settings on sites that have requirements differing from the network defaults.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fssl.webaware.net.au\u002F\" rel=\"nofollow ugc\">SSL Insecure Content Fixer website\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Many thanks to the generous efforts of our translators:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bulgarian (bg_BG) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fbg\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Bulgarian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chinese simplified (zh_CN) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fzh-cn\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Chinese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_CA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-ca\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (Canadian) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_GB) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-gb\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (British) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_ZA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-za\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (South African) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fnl\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Dutch translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (de_DE) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fde\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the German translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>French (fr_FR) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Ffr\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the French translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (it_IT) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fit\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Italian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese (ja) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fja\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Japanese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fru\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Russian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fes\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Spanish translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to help out by translating this plugin, please \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">sign up for an account and dig in\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>SSL Insecure Content Fixer does not collect any personally identifying information, and does not set any cookies.\u003C\u002Fp>\n","Clean up WordPress website HTTPS insecure content",2650141,96,221,"2025-12-14T04:38:00.000Z","4.0","5.3",[21,88,107,108,23],"mixed-content","partially-encrypted","https:\u002F\u002Fssl.webaware.net.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-insecure-content-fixer.2.7.2.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":121,"num_ratings":122,"last_updated":123,"tested_up_to":84,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":128,"download_link":129,"security_score":130,"vuln_count":27,"unpatched_count":28,"last_vuln_date":131,"fetched_at":30},"wp-force-ssl","WP Force SSL & HTTPS SSL Redirect","1.68","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F?ref=wporg\" rel=\"nofollow ugc\">WP Force SSL\u003C\u002Fa> helps you redirect insecure HTTP traffic to secure HTTPS and fix SSL errors \u003Cstrong>without touching any code\u003C\u002Fstrong>. Activate Force SSL and everything will be set and SSL enabled. The entire site will move to HTTPS using your SSL certificate. It works with any SSL certificate. It can be free SSL certificate from Let’s Encrypt or a paid SSL certificate.\u003C\u002Fp>\n\u003Cp>How to add SSL & enable SSL? Most hosting companies support the free SSL certificate from Let’s Encrypt, so login to your hosting panel and add SSL certificate. You’ll see a button labeled “Add SSL Certificate” or “Add Let’s Encrypt Certificate” and after that it’s 1 click to have the SSL enabled on your site with WP Force SSL. If that doesn’t work get \u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F\" rel=\"nofollow ugc\">WP Force SSL PRO\u003C\u002Fa> and it’ll generate free SSL certificate for your site. And will regenerate SSL certificate every 90 days.\u003C\u002Fp>\n\u003Cp>Access WP Force SSL settings via the main Settings menu -> WP Force SSL.\u003C\u002Fp>\n\u003Ch4>SSL Tests available in the plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>is site on localhost?\u003C\u002Fli>\n\u003Cli>check SSL certificate\u003C\u002Fli>\n\u003Cli>check SSL certificate expiry date\u003C\u002Fli>\n\u003Cli>is latest version of Force SSL used?\u003C\u002Fli>\n\u003Cli>are known incompatible SSL plugins active?\u003C\u002Fli>\n\u003Cli>is WP address URL set for SSL?\u003C\u002Fli>\n\u003Cli>is WP home URL set for SSL?\u003C\u002Fli>\n\u003Cli>is SSL monitoring enabled (pro feature)\u003C\u002Fli>\n\u003Cli>is HTTPS redirection working?\u003C\u002Fli>\n\u003Cli>is file redirection working (pro feature)\u003C\u002Fli>\n\u003Cli>is HSTS enabled?\u003C\u002Fli>\n\u003Cli>check mixed-content issue (pro feature)\u003C\u002Fli>\n\u003Cli>is htaccess available & writable?\u003C\u002Fli>\n\u003Cli>is 404 redirection enabled (pro feature)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>redirect HTTP to HTTPS\u003C\u002Fli>\n\u003Cli>fix mixed-content (pro)\u003C\u002Fli>\n\u003Cli>enable HSTS\u003C\u002Fli>\n\u003Cli>force secure cookies (pro)\u003C\u002Fli>\n\u003Cli>cross-site scripting protection (pro)\u003C\u002Fli>\n\u003Cli>expect CT header\u003C\u002Fli>\n\u003Cli>X-Frame options\u003C\u002Fli>\n\u003Cli>show WP Force SSL menu in admin bar\u003C\u002Fli>\n\u003Cli>show WP Force SSL widget in admin dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SSL certificate testing tool\u003C\u002Fh4>\n\u003Cp>WP Force SSL comes with an SSL certificate testing tool. It tests if the SSL certificate is valid, properly installed & up-to date.\u003C\u002Fp>\n\u003Ch4>Need support?\u003C\u002Fh4>\n\u003Cp>We’re here for you! Things get frustrating when they don’t work so make sure you \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-force-ssl\u002F\" rel=\"ugc\">open a support topic\u003C\u002Fa> in the official Force SSL forum. We answer all questions within a few hours!\u003C\u002Fp>\n\u003Ch4>External Assets\u003C\u002Fh4>\n\u003Cp>A big thank you to \u003Ca href=\"https:\u002F\u002Fsweetalert2.github.io\u002F\" rel=\"nofollow ugc\">SweetAlert2\u003C\u002Fa> authors which we use to make alerts nicer. And to \u003Ca href=\"https:\u002F\u002Fdepositphotos.com\u002F248496280\u002Fstock-illustration-online-payment-protection-system-concept.html\" rel=\"nofollow ugc\">DepositPhotos\u003C\u002Fa> for the lovely header image.\u003C\u002Fp>\n","Enable SSL & HTTPS redirect with 1 click! Add SSL certificate & WP Force SSL to redirect site from HTTP to HTTPS & fix SSL errors.",90000,1746375,94,179,"2025-12-03T20:17:00.000Z","4.6","5.2",[87,21,107,23,127],"ssl-certificate","https:\u002F\u002Fwpforcessl.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-force-ssl.1.68.zip",99,"2024-06-07 00:00:00",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":84,"requires_at_least":145,"requires_php":146,"tags":147,"homepage":151,"download_link":152,"security_score":142,"vuln_count":27,"unpatched_count":28,"last_vuln_date":153,"fetched_at":30},"wp-letsencrypt-ssl","WP Encryption – One Click Free SSL Certificate & SSL \u002F HTTPS Redirect, Security & SSL Scan","7.8.5.11","WP Encryption SSL","https:\u002F\u002Fprofiles.wordpress.org\u002Fgowebsmarty\u002F","\u003Cp>HTTPS Secure your WordPress site with SSL certificate provided by \u003Ca href=\"https:\u002F\u002Fletsencrypt.com\" rel=\"nofollow ugc\">Let’s Encrypt®\u003C\u002Fa> and force SSL \u002F HTTPS sitewide, check your SSL score, fix insecure content & mixed content issues easily. Enable HTTPS secure padlock on your site within minutes.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002F?utm_source=wordpress&utm_medium=description&utm_campaign=wpencryption\" rel=\"nofollow ugc\">WP Encryption\u003C\u002Fa> plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge. A typical SSL installation without WP Encryption would require you to generate CSR, prove domain ownership, provide your bussiness data and deal with many more technical tasks!.\u003C\u002Fp>\n\u003Ch3>PRO FEATURES WORTH UPGRADING\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjrkFwFH7r6o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic domain verification\u003C\u002Fli>\n\u003Cli>Automatic SSL certificate installation\u003C\u002Fli>\n\u003Cli>Automatic SSL renewal (Auto renews SSL certificate 30 days prior to expiry date)\u003C\u002Fli>\n\u003Cli>Wildcard SSL support – Install Wildcard SSL certificate for your primary domain that covers ALL sub-domains. Automatic DNS based domain verification for Wildcard SSL installation (DNS should be managed by cPanel or Godaddy)\u003C\u002Fli>\n\u003Cli>Multisite + Mapped domains support – Supports SSL installation for mapped domains\u003C\u002Fli>\n\u003Cli>Advanced security headers & SSL monitoring\u003C\u002Fli>\n\u003Cli>Top notch one to one priority support – Live Chat, Email, Premium Support Forum\u003C\u002Fli>\n\u003Cli>SSL installation help for non-cPanel sites\u003C\u002Fli>\n\u003Cli>Login security via passkeys (powered by WebAuthn) – No passwords. No brute force. Log in with passkeys protected by your browser or password manager — fast, secure, and frictionless.\u003C\u002Fli>\n\u003Cli>Automated daily vulnerability scanning & reporting.\u003C\u002Fli>\n\u003Cli>Automated daily malware & integrity scan\u003C\u002Fli>\n\u003Cli>Instant notification for threats & security issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002F?utm_source=wordpress&utm_medium=premiumfeatures&utm_campaign=wpencryption\" rel=\"nofollow ugc\">BUY PREMIUM VERSION\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>5M+ SSL certificates generated – Switch to HTTPS easily\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FaKvvVlAlZ14?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>FREE SSL PLUGIN FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Unlock every premium feature other plugins charge for — absolutely Free.\u003C\u002Fli>\n\u003Cli>Verify domain ownership and generate free SSL certificate\u003C\u002Fli>\n\u003Cli>Secure webmail and email with HTTPS\u003C\u002Fli>\n\u003Cli>Download generated SSL certificate, key and Intermediate certificate files\u003C\u002Fli>\n\u003Cli>Force HTTPS \u002F Enable HTTPS with 301 htaccess redirection sitewide in one click\u003C\u002Fli>\n\u003Cli>HTTPS redirection includes redirect loop fix for Cloudflare, StackPath, Load balancers and reverse proxies.\u003C\u002Fli>\n\u003Cli>SSL Health page – Track your SSL score and control various SSL & Security features like HSTS strict transport security Header, HttpOnly secure cookies, etc,.\u003C\u002Fli>\n\u003Cli>Enable important security headers including X-XSS-Protection, X-Content-Type-Options, Referrer-Policy\u003C\u002Fli>\n\u003Cli>Enable mixed content \u002F insecure content fixer\u003C\u002Fli>\n\u003Cli>SSL monitoring & Automatic email notification prior to SSL certificate expiration\u003C\u002Fli>\n\u003Cli>Advanced security features – stop user enumeration, disable file editing, hide login error, hide wp version and much more\u003C\u002Fli>\n\u003Cli>Security score & security scanners including malware & integrity scanner, vulnerability scanner.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(Optional) Running WordPress on a specialized VPS\u002FDedicated server without cPanel? You can download the generated SSL certificate files easily via “Download SSL Certificates” page and install it on your server by modifying server config file via SSH access as explained in our \u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">DOCS\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>(7.8.0) NEW ADVANCED SECURITY PAGE WITH INTEGRITY SCAN & MALWARE SCAN\u003C\u002Fh3>\n\u003Cp>Discover the brand-new ‘Advanced Security & Scanner’ page — your command center for the most powerful protection your WordPress site has ever seen. Run malware and integrity scans to detect modified, additional, or suspicious files in your installation. Stay ahead of threats and keep your security score at its peak.\u003C\u002Fp>\n\u003Ch3>ADVANCED HTTP SECURITY HEADERS\u003C\u002Fh3>\n\u003Cp>Safeguard your site from cross-site scripting attacks, clickjacking, MIME sniffing attacks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable HTTPS Strict Transport Security Header to avoid request protocol downgrading\u003C\u002Fli>\n\u003Cli>Disable directory listing to avoid directory traversing\u003C\u002Fli>\n\u003Cli>Enable X-XSS protection, secure cookies, X-Content-Type-Options to avoid cross site scripting and MIME sniffing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Switch to HTTPS in seconds\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Secure HTTPS browser padlock in minutes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Free domain validated (DV) SSL certificates are provided by Let’s Encrypt (A non profit Global certificate Authority).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>SSL encryption ensures protection against man-in-middle attacks by securely encrypting the data transfer between client and your server.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Optimized for Cloudflare and Reverse Proxies\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Forcing HTTPS using the .htaccess method prevents redirect loops when your site is behind Cloudflare.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Compatible with reverse proxies and load balancers — avoids redirection conflicts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Top Reasons Your WordPress Site Needs an SSL Certificate\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>SEO Benefit: Major search engines like Google ranks SSL enabled sites higher compared to non SSL sites. Thus bringing more organic traffic for your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Data Encryption: Data transmission between server and visitor are securely encrypted on a SSL site thus avoiding any data hijacks in-between the transmission(Ex: personal information, credit card information).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Trust: Google chrome shows non-SSL sites as ‘insecure’, bringing a feel of insecurity in website visitors.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Authentic: HTTPS green padlock represents symbol of trust, authenticity and security.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>REQUIREMENTS\u003C\u002Fh4>\n\u003Cp>Linux hosting, OpenSSL, CURL, allow_url_fopen should be enabled.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Many thanks to the generous efforts of our translators.\u003C\u002Fp>\n\u003Cp>If you would like to translate plugin to your language, \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-letsencrypt-ssl\u002F\" rel=\"nofollow ugc\">Feel free to sign up and start translating!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Show Your Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you find any issue, please submit a bug via support forum.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>LOVE WP ENCRYPTION SSL PLUGIN?\u003C\u002Fh3>\n\u003Cp>If you find this plugin useful, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-letsencrypt-ssl\u002Freviews\u002F\" rel=\"ugc\">positive review\u003C\u002Fa>. Your reviews are our biggest motivation for further development of plugin.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>WP Encryption uses SSLLabs API for SSL scan & detection. By using the plugin, you agree to terms & conditions of \u003Ca href=\"https:\u002F\u002Fwww.ssllabs.com\u002Fdownloads\u002FQualys_SSL_Labs_Terms_of_Use.pdf\" rel=\"nofollow ugc\">SSLLabs\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>By enabling the Vulnerability Scan feature, you agree to terms & conditions of \u003Ca href=\"https:\u002F\u002Fvulnerability.wpsysadmin.com\" rel=\"nofollow ugc\">WPVulnerability Database API\u003C\u002Fa>. The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information.\u003C\u002Fp>\n\u003Cp>Security is an important subject regarding SSL\u002FTLS certificates, of course. It is obvious that your private key, stored on your web server, should never be accessible from the web. When the plugin created the keys directory for the first time, it will store a .htaccess file in this directory, denying all visitors. Always make sure yourself your keys aren’t accessible from the web! We are in no way responsible if your private keys go public. If this does happen, the easiest solution is to check folder permissions on your server and make sure public access is forbidden for root folders. Next, create a new certificate.\u003C\u002Fp>\n","Lifetime SSL solution - Free SSL certificate & HTTPS redirect, resolve insecure site, fix SSL errors, SSL score, SSL monitoring, really simple setup.",50000,3043225,98,1128,"2026-03-12T07:29:00.000Z","5.4","7.0",[148,149,21,150,23],"force-https","free-ssl","https-redirect","https:\u002F\u002Fwpencryption.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-letsencrypt-ssl.7.8.5.11.zip","2024-04-09 00:00:00",{"attackSurface":155,"codeSignals":231,"taintFlows":435,"riskAssessment":713,"analyzedAt":727},{"hooks":156,"ajaxHandlers":199,"restRoutes":221,"shortcodes":222,"cronEvents":223,"entryPointCount":230,"unprotectedCount":230},[157,162,165,167,170,176,180,184,186,189,192,195],{"type":158,"name":159,"callback":159,"file":160,"line":161},"action","admin_init","admin\\domain-check-admin.php",67,{"type":158,"name":163,"callback":163,"file":160,"line":164},"admin_enqueue_scripts",68,{"type":158,"name":166,"callback":166,"file":160,"line":49},"admin_menu",{"type":158,"name":168,"callback":168,"file":160,"line":169},"admin_notices",70,{"type":171,"name":172,"callback":173,"priority":174,"file":160,"line":175},"filter","set-screen-option","set_screen",10,88,{"type":158,"name":177,"callback":178,"file":160,"line":179},"plugins_loaded","closure",928,{"type":158,"name":181,"callback":181,"file":182,"line":183},"init","domain-check.php",112,{"type":158,"name":177,"callback":177,"file":182,"line":185},113,{"type":158,"name":187,"callback":187,"file":182,"line":188},"domain_check_cron_email",114,{"type":158,"name":190,"callback":190,"file":182,"line":191},"domain_check_cron_coupons",115,{"type":158,"name":193,"callback":193,"file":182,"line":194},"domain_check_cron_watch",116,{"type":171,"name":196,"callback":197,"file":182,"line":198},"cron_schedules","add_intervals",123,[200,204,207,210,213,217],{"action":201,"nopriv":202,"callback":201,"hasNonce":202,"hasCapCheck":202,"file":160,"line":203},"watch_trigger",false,73,{"action":205,"nopriv":202,"callback":205,"hasNonce":202,"hasCapCheck":202,"file":160,"line":206},"status_trigger",75,{"action":208,"nopriv":202,"callback":208,"hasNonce":202,"hasCapCheck":202,"file":160,"line":209},"autorenew_trigger",77,{"action":211,"nopriv":202,"callback":211,"hasNonce":202,"hasCapCheck":202,"file":160,"line":212},"ssl_watch_trigger",79,{"action":214,"nopriv":202,"callback":215,"hasNonce":202,"hasCapCheck":202,"file":160,"line":216},"domain_search","ajax_domain_search",81,{"action":218,"nopriv":202,"callback":219,"hasNonce":202,"hasCapCheck":202,"file":160,"line":220},"settings","ajax_settings",83,[],[],[224,226,228],{"hook":193,"callback":193,"file":182,"line":225},665,{"hook":190,"callback":190,"file":182,"line":227},668,{"hook":187,"callback":187,"file":182,"line":229},671,6,{"dangerousFunctions":232,"sqlUsage":233,"outputEscaping":235,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":434},[],{"prepared":60,"raw":28,"locations":234},[],{"escaped":236,"rawEcho":130,"locations":237},550,[238,242,244,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,310,312,314,316,318,321,323,325,326,328,330,332,334,335,337,339,341,343,346,348,350,351,353,355,356,357,359,361,363,364,366,368,370,372,374,376,378,380,382,384,385,388,390,393,395,397,399,401,403,405,407,408,410,412,415,417,418,420,421,423,426,427,429,431,433],{"file":239,"line":240,"context":241},"admin\\domain-check-admin-ajax.php",147,"raw output",{"file":239,"line":243,"context":241},158,{"file":245,"line":246,"context":241},"admin\\domain-check-admin-coupons.php",42,{"file":245,"line":248,"context":241},44,{"file":245,"line":250,"context":241},63,{"file":245,"line":252,"context":241},194,{"file":245,"line":254,"context":241},372,{"file":256,"line":174,"context":241},"admin\\domain-check-admin-dashboard.php",{"file":256,"line":258,"context":241},17,{"file":256,"line":260,"context":241},18,{"file":256,"line":262,"context":241},26,{"file":256,"line":264,"context":241},27,{"file":256,"line":266,"context":241},76,{"file":256,"line":268,"context":241},90,{"file":256,"line":270,"context":241},110,{"file":256,"line":272,"context":241},111,{"file":256,"line":274,"context":241},160,{"file":256,"line":276,"context":241},174,{"file":256,"line":278,"context":241},196,{"file":256,"line":280,"context":241},197,{"file":256,"line":282,"context":241},205,{"file":256,"line":284,"context":241},206,{"file":256,"line":286,"context":241},264,{"file":256,"line":288,"context":241},281,{"file":256,"line":290,"context":241},294,{"file":256,"line":292,"context":241},313,{"file":256,"line":294,"context":241},314,{"file":256,"line":296,"context":241},369,{"file":256,"line":298,"context":241},383,{"file":256,"line":300,"context":241},396,{"file":256,"line":302,"context":241},417,{"file":256,"line":304,"context":241},418,{"file":256,"line":306,"context":241},439,{"file":308,"line":309,"context":241},"admin\\domain-check-admin-header.php",462,{"file":308,"line":311,"context":241},479,{"file":308,"line":313,"context":241},504,{"file":308,"line":315,"context":241},789,{"file":308,"line":317,"context":241},821,{"file":319,"line":320,"context":241},"admin\\domain-check-admin-help.php",46,{"file":319,"line":322,"context":241},48,{"file":319,"line":324,"context":241},102,{"file":319,"line":272,"context":241},{"file":319,"line":327,"context":241},120,{"file":319,"line":329,"context":241},129,{"file":319,"line":331,"context":241},140,{"file":319,"line":333,"context":241},149,{"file":319,"line":243,"context":241},{"file":319,"line":336,"context":241},159,{"file":319,"line":338,"context":241},168,{"file":319,"line":340,"context":241},177,{"file":319,"line":342,"context":241},187,{"file":344,"line":345,"context":241},"admin\\domain-check-admin-import-export.php",11,{"file":344,"line":347,"context":241},13,{"file":344,"line":349,"context":241},14,{"file":344,"line":206,"context":241},{"file":344,"line":352,"context":241},268,{"file":354,"line":320,"context":241},"admin\\domain-check-admin-profile.php",{"file":354,"line":81,"context":241},{"file":354,"line":175,"context":241},{"file":354,"line":358,"context":241},92,{"file":354,"line":360,"context":241},143,{"file":354,"line":362,"context":241},151,{"file":354,"line":336,"context":241},{"file":354,"line":365,"context":241},182,{"file":354,"line":367,"context":241},189,{"file":354,"line":369,"context":241},225,{"file":354,"line":371,"context":241},338,{"file":354,"line":373,"context":241},370,{"file":354,"line":375,"context":241},371,{"file":354,"line":377,"context":241},390,{"file":379,"line":347,"context":241},"admin\\domain-check-admin-search.php",{"file":379,"line":381,"context":241},15,{"file":379,"line":383,"context":241},50,{"file":379,"line":220,"context":241},{"file":386,"line":387,"context":241},"admin\\domain-check-admin-settings.php",58,{"file":386,"line":389,"context":241},60,{"file":391,"line":392,"context":241},"admin\\domain-check-admin-ssl-profile.php",33,{"file":391,"line":394,"context":241},51,{"file":391,"line":396,"context":241},55,{"file":391,"line":398,"context":241},59,{"file":391,"line":400,"context":241},93,{"file":391,"line":402,"context":241},101,{"file":391,"line":404,"context":241},124,{"file":391,"line":406,"context":241},131,{"file":391,"line":340,"context":241},{"file":391,"line":409,"context":241},243,{"file":391,"line":411,"context":241},244,{"file":413,"line":414,"context":241},"admin\\domain-check-admin-ssl-search.php",153,{"file":413,"line":416,"context":241},155,{"file":413,"line":409,"context":241},{"file":419,"line":347,"context":241},"admin\\domain-check-admin-ssl-watch.php",{"file":419,"line":381,"context":241},{"file":419,"line":422,"context":241},201,{"file":424,"line":425,"context":241},"admin\\domain-check-admin-watch.php",12,{"file":424,"line":349,"context":241},{"file":424,"line":428,"context":241},227,{"file":430,"line":260,"context":241},"admin\\domain-check-admin-your-domains.php",{"file":430,"line":432,"context":241},20,{"file":430,"line":206,"context":241},[],[436,454,462,475,483,503,514,532,549,562,573,587,595,603,617,626,634,646,658,667,681,695,705],{"entryPoint":437,"graph":438,"unsanitizedCount":452,"severity":453},"ajax_settings (admin\\domain-check-admin-ajax.php:38)",{"nodes":439,"edges":450},[440,445],{"id":441,"type":442,"label":443,"file":239,"line":444},"n0","source","$_POST (x8)",41,{"id":446,"type":447,"label":448,"file":239,"line":389,"wp_function":449},"n1","sink","update_option() [Settings Manipulation]","update_option",[451],{"from":441,"to":446,"sanitized":202},8,"low",{"entryPoint":455,"graph":456,"unsanitizedCount":452,"severity":453},"\u003Cdomain-check-admin-ajax> (admin\\domain-check-admin-ajax.php:0)",{"nodes":457,"edges":460},[458,459],{"id":441,"type":442,"label":443,"file":239,"line":444},{"id":446,"type":447,"label":448,"file":239,"line":389,"wp_function":449},[461],{"from":441,"to":446,"sanitized":202},{"entryPoint":463,"graph":464,"unsanitizedCount":28,"severity":453},"coupons_site (admin\\domain-check-admin-coupons.php:153)",{"nodes":465,"edges":472},[466,468],{"id":441,"type":442,"label":467,"file":245,"line":336},"$_GET",{"id":446,"type":447,"label":469,"file":245,"line":470,"wp_function":471},"echo() [XSS]",195,"echo",[473],{"from":441,"to":446,"sanitized":474},true,{"entryPoint":476,"graph":477,"unsanitizedCount":28,"severity":453},"\u003Cdomain-check-admin-coupons> (admin\\domain-check-admin-coupons.php:0)",{"nodes":478,"edges":481},[479,480],{"id":441,"type":442,"label":467,"file":245,"line":336},{"id":446,"type":447,"label":469,"file":245,"line":470,"wp_function":471},[482],{"from":441,"to":446,"sanitized":474},{"entryPoint":484,"graph":485,"unsanitizedCount":501,"severity":502},"profile (admin\\domain-check-admin-profile.php:5)",{"nodes":486,"edges":498},[487,489,492,495],{"id":441,"type":442,"label":488,"file":354,"line":345},"$_GET (x2)",{"id":446,"type":447,"label":490,"file":354,"line":381,"wp_function":491},"get_results() [SQLi]","get_results",{"id":493,"type":442,"label":494,"file":354,"line":345},"n2","$_GET (x41)",{"id":496,"type":447,"label":469,"file":354,"line":497,"wp_function":471},"n3",72,[499,500],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":474},2,"high",{"entryPoint":504,"graph":505,"unsanitizedCount":27,"severity":502},"autorenew_trigger (admin\\domain-check-admin-profile.php:481)",{"nodes":506,"edges":512},[507,510],{"id":441,"type":442,"label":508,"file":354,"line":509},"$_POST",487,{"id":446,"type":447,"label":490,"file":354,"line":511,"wp_function":491},494,[513],{"from":441,"to":446,"sanitized":202},{"entryPoint":515,"graph":516,"unsanitizedCount":531,"severity":502},"\u003Cdomain-check-admin-profile> (admin\\domain-check-admin-profile.php:0)",{"nodes":517,"edges":527},[518,520,521,522,523,525],{"id":441,"type":442,"label":519,"file":354,"line":345},"$_GET (x3)",{"id":446,"type":447,"label":490,"file":354,"line":381,"wp_function":491},{"id":493,"type":442,"label":494,"file":354,"line":345},{"id":496,"type":447,"label":469,"file":354,"line":497,"wp_function":471},{"id":524,"type":442,"label":508,"file":354,"line":509},"n4",{"id":526,"type":447,"label":490,"file":354,"line":511,"wp_function":491},"n5",[528,529,530],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":474},{"from":524,"to":526,"sanitized":202},4,{"entryPoint":533,"graph":534,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-search-list> (admin\\domain-check-admin-search-list.php:0)",{"nodes":535,"edges":546},[536,540,542,543],{"id":441,"type":442,"label":537,"file":538,"line":539},"$_REQUEST","admin\\domain-check-admin-search-list.php",49,{"id":446,"type":447,"label":490,"file":538,"line":541,"wp_function":491},57,{"id":493,"type":442,"label":537,"file":538,"line":539},{"id":496,"type":447,"label":544,"file":538,"line":121,"wp_function":545},"get_var() [SQLi]","get_var",[547,548],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":202},{"entryPoint":550,"graph":551,"unsanitizedCount":27,"severity":502},"ssl_profile (admin\\domain-check-admin-ssl-profile.php:5)",{"nodes":552,"edges":559},[553,554,555,557],{"id":441,"type":442,"label":467,"file":391,"line":174},{"id":446,"type":447,"label":490,"file":391,"line":347,"wp_function":491},{"id":493,"type":442,"label":556,"file":391,"line":174},"$_GET (x30)",{"id":496,"type":447,"label":469,"file":391,"line":558,"wp_function":471},37,[560,561],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":474},{"entryPoint":563,"graph":564,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-ssl-profile> (admin\\domain-check-admin-ssl-profile.php:0)",{"nodes":565,"edges":570},[566,567,568,569],{"id":441,"type":442,"label":488,"file":391,"line":174},{"id":446,"type":447,"label":490,"file":391,"line":347,"wp_function":491},{"id":493,"type":442,"label":556,"file":391,"line":174},{"id":496,"type":447,"label":469,"file":391,"line":558,"wp_function":471},[571,572],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":474},{"entryPoint":574,"graph":575,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-ssl-search-list> (admin\\domain-check-admin-ssl-search-list.php:0)",{"nodes":576,"edges":584},[577,580,582,583],{"id":441,"type":442,"label":537,"file":578,"line":579},"admin\\domain-check-admin-ssl-search-list.php",47,{"id":446,"type":447,"label":490,"file":578,"line":581,"wp_function":491},53,{"id":493,"type":442,"label":537,"file":578,"line":579},{"id":496,"type":447,"label":544,"file":578,"line":268,"wp_function":545},[585,586],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":202},{"entryPoint":588,"graph":589,"unsanitizedCount":27,"severity":502},"ssl_check_init (admin\\domain-check-admin-ssl-search.php:7)",{"nodes":590,"edges":593},[591,592],{"id":441,"type":442,"label":467,"file":413,"line":174},{"id":446,"type":447,"label":490,"file":413,"line":444,"wp_function":491},[594],{"from":441,"to":446,"sanitized":202},{"entryPoint":596,"graph":597,"unsanitizedCount":27,"severity":502},"\u003Cdomain-check-admin-ssl-search> (admin\\domain-check-admin-ssl-search.php:0)",{"nodes":598,"edges":601},[599,600],{"id":441,"type":442,"label":467,"file":413,"line":174},{"id":446,"type":447,"label":490,"file":413,"line":444,"wp_function":491},[602],{"from":441,"to":446,"sanitized":202},{"entryPoint":604,"graph":605,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-ssl-watch-list> (admin\\domain-check-admin-ssl-watch-list.php:0)",{"nodes":606,"edges":614},[607,609,611,612],{"id":441,"type":442,"label":537,"file":608,"line":320},"admin\\domain-check-admin-ssl-watch-list.php",{"id":446,"type":447,"label":490,"file":608,"line":610,"wp_function":491},52,{"id":493,"type":442,"label":537,"file":608,"line":320},{"id":496,"type":447,"label":544,"file":608,"line":613,"wp_function":545},89,[615,616],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":202},{"entryPoint":618,"graph":619,"unsanitizedCount":27,"severity":502},"ssl_watch_trigger (admin\\domain-check-admin-ssl-watch.php:136)",{"nodes":620,"edges":624},[621,623],{"id":441,"type":442,"label":508,"file":419,"line":622},142,{"id":446,"type":447,"label":490,"file":419,"line":333,"wp_function":491},[625],{"from":441,"to":446,"sanitized":202},{"entryPoint":627,"graph":628,"unsanitizedCount":27,"severity":502},"\u003Cdomain-check-admin-ssl-watch> (admin\\domain-check-admin-ssl-watch.php:0)",{"nodes":629,"edges":632},[630,631],{"id":441,"type":442,"label":508,"file":419,"line":622},{"id":446,"type":447,"label":490,"file":419,"line":333,"wp_function":491},[633],{"from":441,"to":446,"sanitized":202},{"entryPoint":635,"graph":636,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-watch-list> (admin\\domain-check-admin-watch-list.php:0)",{"nodes":637,"edges":643},[638,640,641,642],{"id":441,"type":442,"label":537,"file":639,"line":320},"admin\\domain-check-admin-watch-list.php",{"id":446,"type":447,"label":490,"file":639,"line":610,"wp_function":491},{"id":493,"type":442,"label":537,"file":639,"line":320},{"id":496,"type":447,"label":544,"file":639,"line":613,"wp_function":545},[644,645],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":202},{"entryPoint":647,"graph":648,"unsanitizedCount":27,"severity":502},"watch_profile (admin\\domain-check-admin-watch.php:84)",{"nodes":649,"edges":655},[650,652,653,654],{"id":441,"type":442,"label":519,"file":424,"line":651},86,{"id":446,"type":447,"label":469,"file":424,"line":268,"wp_function":471},{"id":493,"type":442,"label":467,"file":424,"line":651},{"id":496,"type":447,"label":490,"file":424,"line":121,"wp_function":491},[656,657],{"from":441,"to":446,"sanitized":474},{"from":493,"to":496,"sanitized":202},{"entryPoint":659,"graph":660,"unsanitizedCount":27,"severity":502},"watch_trigger (admin\\domain-check-admin-watch.php:152)",{"nodes":661,"edges":665},[662,663],{"id":441,"type":442,"label":508,"file":424,"line":243},{"id":446,"type":447,"label":490,"file":424,"line":664,"wp_function":491},165,[666],{"from":441,"to":446,"sanitized":202},{"entryPoint":668,"graph":669,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-watch> (admin\\domain-check-admin-watch.php:0)",{"nodes":670,"edges":677},[671,672,673,674,675,676],{"id":441,"type":442,"label":519,"file":424,"line":651},{"id":446,"type":447,"label":469,"file":424,"line":268,"wp_function":471},{"id":493,"type":442,"label":467,"file":424,"line":651},{"id":496,"type":447,"label":490,"file":424,"line":121,"wp_function":491},{"id":524,"type":442,"label":508,"file":424,"line":243},{"id":526,"type":447,"label":490,"file":424,"line":664,"wp_function":491},[678,679,680],{"from":441,"to":446,"sanitized":474},{"from":493,"to":496,"sanitized":202},{"from":524,"to":526,"sanitized":202},{"entryPoint":682,"graph":683,"unsanitizedCount":501,"severity":502},"\u003Cdomain-check-admin-your-domains-list> (admin\\domain-check-admin-your-domains-list.php:0)",{"nodes":684,"edges":692},[685,687,689,690],{"id":441,"type":442,"label":537,"file":686,"line":322},"admin\\domain-check-admin-your-domains-list.php",{"id":446,"type":447,"label":490,"file":686,"line":688,"wp_function":491},54,{"id":493,"type":442,"label":537,"file":686,"line":322},{"id":496,"type":447,"label":544,"file":686,"line":691,"wp_function":545},91,[693,694],{"from":441,"to":446,"sanitized":202},{"from":493,"to":496,"sanitized":202},{"entryPoint":696,"graph":697,"unsanitizedCount":27,"severity":502},"status_trigger (admin\\domain-check-admin.php:810)",{"nodes":698,"edges":703},[699,701],{"id":441,"type":442,"label":508,"file":160,"line":700},815,{"id":446,"type":447,"label":490,"file":160,"line":702,"wp_function":491},822,[704],{"from":441,"to":446,"sanitized":202},{"entryPoint":706,"graph":707,"unsanitizedCount":27,"severity":502},"\u003Cdomain-check-admin> (admin\\domain-check-admin.php:0)",{"nodes":708,"edges":711},[709,710],{"id":441,"type":442,"label":508,"file":160,"line":700},{"id":446,"type":447,"label":490,"file":160,"line":702,"wp_function":491},[712],{"from":441,"to":446,"sanitized":202},{"summary":714,"deductions":715},"The domain-check plugin v1.0.19 exhibits a concerning security posture primarily due to its unprotected attack surface. All six identified AJAX handlers lack authentication checks, meaning any unauthenticated user could potentially trigger these actions, leading to unauthorized operations or unintended consequences.  While the plugin demonstrates good practices in its SQL query handling, using prepared statements exclusively, and largely escapes output, the vulnerability history, particularly a past medium-severity Cross-Site Scripting (XSS) vulnerability, highlights a latent risk of input validation failures. The taint analysis also reveals a significant number of flows with unsanitized paths, with 19 identified as high severity. This suggests that user-supplied data might be reaching sensitive functions without proper sanitization, which, combined with the unprotected AJAX handlers, creates a substantial risk of exploitation.",[716,718,720,722,725],{"reason":717,"points":174},"AJAX handlers without authentication checks",{"reason":719,"points":381},"High severity unsanitized taint flows",{"reason":721,"points":62},"Past medium severity XSS vulnerability",{"reason":723,"points":724},"Lack of nonce checks on AJAX handlers",7,{"reason":726,"points":724},"Lack of capability checks on AJAX handlers","2026-03-16T21:00:09.013Z",{"wat":729,"direct":742},{"assetPaths":730,"generatorPatterns":735,"scriptPaths":736,"versionParams":737},[731,732,733,734],"\u002Fwp-content\u002Fplugins\u002Fdomain-check\u002Fcss\u002Fdomain-check.css","\u002Fwp-content\u002Fplugins\u002Fdomain-check\u002Fcss\u002Fdomain-check-admin.css","\u002Fwp-content\u002Fplugins\u002Fdomain-check\u002Fjs\u002Fdomain-check.js","\u002Fwp-content\u002Fplugins\u002Fdomain-check\u002Fjs\u002Fdomain-check-admin.js",[],[733,734],[738,739,740,741],"domain-check\u002Fcss\u002Fdomain-check.css?ver=","domain-check\u002Fcss\u002Fdomain-check-admin.css?ver=","domain-check\u002Fjs\u002Fdomain-check.js?ver=","domain-check\u002Fjs\u002Fdomain-check-admin.js?ver=",{"cssClasses":743,"htmlComments":750,"htmlAttributes":752,"restEndpoints":758,"jsGlobals":759,"shortcodeOutput":762},[744,745,746,747,748,749],"domain-check-dashboard-widget","dc-dashboard-widget","domain-check-settings-fields","dc-field","domain-check-main","dc-main",[751],"\u003C!-- Domain Check Dashboard Widget -->",[753,754,755,756,757],"data-dc-domain-input","data-dc-domain-search-results","data-dc-domain-search-loading","data-dc-domain-search-error","data-dc-domain-search-empty",[],[760,761],"DomainCheck","DomainCheckAdmin",[]]