[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fB9Pr4LRGiIovFUXN7_YB2L6BbxK4EindwO13xnQ0OdA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":120,"crawl_stats":38,"alternatives":128,"analysis":239,"fingerprints":527},"email-encoder-bundle","Email Encoder – Protect Email Addresses and Phone Numbers","2.4.4","Online Optimisation","https:\u002F\u002Fprofiles.wordpress.org\u002Fonlineoptimisation\u002F","\u003Cp>Full site protection for your email addresses from spam-bots, email harvesters and other robots. No configuration needed.\u003Cbr \u002F>\nIt also protects phone numbers or any other text using our integrated \u003Ccode>[eeb_protect_content]\u003C\u002Fcode> shortcode or href attribute encoding.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Full page protection for all of your emails\u003C\u002Fli>\n\u003Cli>Instant results (No confiruation needed)\u003C\u002Fli>\n\u003Cli>Protects mailto links, plain emails, email input fields, RSS feeds and much more\u003C\u002Fli>\n\u003Cli>Protect phone number links, ftp, skype, file and other custom link attributes\u003C\u002Fli>\n\u003Cli>Autmoatic protection technique detection (Our plugin chooses automatically the best protection technique for each email)\u003C\u002Fli>\n\u003Cli>Exclude posts and pages from protection\u003C\u002Fli>\n\u003Cli>Automatically convert plain emails to mailto-links\u003C\u002Fli>\n\u003Cli>Automatically convert plain emails to png images\u003C\u002Fli>\n\u003Cli>Supports rot13 encoing, escape encoding, CSS directions, entity encoding and much more\u003C\u002Fli>\n\u003Cli>Deactivate CSS directions manually for browser backwards compatibility\u003C\u002Fli>\n\u003Cli>Shortcode support: \u003Ccode>[eeb_protect_emails]\u003C\u002Fcode>, \u003Ccode>[eeb_protect_content]\u003C\u002Fcode>, \u003Ccode>[eeb_mailto]\u003C\u002Fcode>, \u003Ccode>[eeb_form]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Template tag support: \u003Ccode>eeb_protect_emails()\u003C\u002Fcode>, \u003Ccode>eeb_protect_content()\u003C\u002Fcode>, \u003Ccode>eeb_mailto()\u003C\u002Fcode>, \u003Ccode>eeb_form()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Protect phone numbers (or any text or html)\u003C\u002Fli>\n\u003Cli>Also supports special chars, like Ã©, Ã¢, Ã¶, Chinese characters etcetera\u003C\u002Fli>\n\u003Cli>Use the Encoder Form to manually create encoded scripts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatibilities\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin works with mostly any theme and plugin. Some special ones need special treatment. Down below you can learn more about that.\u003C\u002Fli>\n\u003Cli>Compatible with the Maintenance plugin from WP Maintenance\u003C\u002Fli>\n\u003Cli>Divi Theme is fully integrated as well\u003C\u002Fli>\n\u003Cli>Jetpack Image carousel is compatible as well\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Website Check\u003C\u002Fh4>\n\u003Cp>We offer you a free tool to test if your website contains unprotected emails. You can use our website checker by \u003Ca href=\"https:\u002F\u002Fwpemailencoder.com\u002Femail-protection-checker\u002F\" rel=\"nofollow ugc\">clicking here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Easy to use\u003C\u002Fh4>\n\u003Cp>After activating the plugin all email addresses on your website will be protected out-of-the-box.\u003Cbr \u002F>\nWe also offer custom shortcodes and template functions to protect phone numbers or other text.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Documentation – After plugin activation, check the help tab on the plugin options page\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpemailencoder.com\u002F\" rel=\"nofollow ugc\">Documentation on wpemailencoder.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Femail-encoder-bundle\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Like this plugin?\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Femail-encoder-bundle\" rel=\"ugc\">Please Review it\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblueberryware.net\" rel=\"nofollow ugc\">Adam Hunter\u003C\u002Fa> for the encode method ‘JavaScript Escape’ which is taken from his plugin \u003Ca href=\"http:\u002F\u002Fblueberryware.net\u002F2008\u002F09\u002F14\u002Femail-spam-protection\u002F\" rel=\"nofollow ugc\">Email Spam Protection\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Frumkin.com\" rel=\"nofollow ugc\">Tyler Akins\u003C\u002Fa> for the encode method ‘JavaScript ASCII Mixer’\u003C\u002Fli>\n\u003Cli>Title icon on Admin Options Page was made by \u003Ca href=\"http:\u002F\u002Fwww.doublejdesign.co.uk\u002F\" rel=\"nofollow ugc\">Jack Cai\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect email addresses and phone numbers on your site and hide them from spambots. Easy to use & flexible.",90000,1753752,98,88,"2026-02-16T05:52:00.000Z","6.9.4","4.7","7.4",[20,21,22,23,24],"anti-spam","encode","encrypt","hide","protect","https:\u002F\u002Fwpemailencoder.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-encoder-bundle.2.4.4.zip",97,7,0,"2024-07-08 00:00:00","2026-03-15T15:16:48.613Z",[33,49,63,75,87,96,109],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-4483","email-encoder-protect-email-addresses-and-phone-numbers-authenticated-admin-stored-cross-site-scripting","Email Encoder – Protect Email Addresses and Phone Numbers \u003C= 2.2.1 - Authenticated (Admin+) Stored Cross-Site Scripting","The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'WP_Email_Encoder_Bundle_options[protection_text]' parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=2.2.1","2.2.2","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-08-09 17:22:20",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7d98034d-e91e-4f37-8309-621555fcf309?source=api-prod",33,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"CVE-2024-1282","email-encoder-protect-email-addresses-and-phone-numbers-authenticated-contributor-stored-cross-site-scripting-via-shortc","Email Encoder – Protect Email Addresses and Phone Numbers \u003C= 2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.2.0","2.2.1",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-02-13 00:00:00","2024-02-20 18:56:34",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F78da1f88-2446-4ea5-9437-a118324ab6c2?source=api-prod",8,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":38,"affected_versions":68,"patched_in_version":69,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2023-7070","email-encoder-protect-email-addresses-and-phone-numbers-authenticated-contributor-stored-cross-site-scripting","Email Encoder – Protect Email Addresses and Phone Numbers \u003C= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's eeb_mailto shortcode in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.1.9","2.1.10","2024-01-09 00:00:00","2024-07-29 21:37:48",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff5afe6ea-93b8-4782-8593-76468e370a45?source=api-prod",203,{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":82,"updated_date":83,"references":84,"days_to_patch":86},"CVE-2023-47821","email-encoder-bundle-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Email Encoder Bundle \u003C= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode","The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This entry appears to be a duplicate of CVE-2023-4599.","\u003C=2.1.8","2.1.9","2023-11-15 00:00:00","2024-01-22 19:56:02",[85],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F09f328f6-8a66-46bf-80d9-3ffeaecfec32?source=api-prod",69,{"id":88,"url_slug":89,"title":90,"description":91,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":44,"published_date":92,"updated_date":83,"references":93,"days_to_patch":95},"CVE-2023-4599","email-encoder-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Email Encoder \u003C= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Email Encoder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was issued in version 2.1.8. The vulnerability was fully patched in 2.1.9.","2023-08-29 00:00:00",[94],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe90f04e4-eb4c-4822-89c6-79f553987c37?source=api-prod",147,{"id":97,"url_slug":98,"title":99,"description":100,"plugin_slug":4,"theme_slug":38,"affected_versions":101,"patched_in_version":102,"severity":41,"cvss_score":103,"cvss_vector":104,"vuln_type":44,"published_date":105,"updated_date":83,"references":106,"days_to_patch":108},"CVE-2021-24599","email-encoder-reflected-cross-site-scripting","Email Encoder \u003C= 2.1.1 - Reflected Cross Site Scripting","The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data.","\u003C=2.1.1","2.1.2",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-08-02 00:00:00",[107],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F69025975-9fb7-47a7-9dea-68f4c01d5fdc?source=api-prod",904,{"id":110,"url_slug":111,"title":112,"description":113,"plugin_slug":4,"theme_slug":38,"affected_versions":114,"patched_in_version":115,"severity":41,"cvss_score":103,"cvss_vector":104,"vuln_type":44,"published_date":116,"updated_date":83,"references":117,"days_to_patch":119},"WF-52ac7e85-0a01-41f0-b753-7858a859705f-email-encoder-bundle","email-encoder-cross-site-scripting","Email Encoder \u003C 1.4.2 - Cross-Site Scripting","The Email Encoder plugin for WordPress is vulnerable to Cross-Site Scripting via 'email' and 'display' parameters in versions before 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C1.4.2","1.4.2","2015-08-10 00:00:00",[118],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F52ac7e85-0a01-41f0-b753-7858a859705f?source=api-prod",3088,{"slug":121,"display_name":7,"profile_url":8,"plugin_count":122,"total_installs":123,"avg_security_score":124,"avg_patch_time_days":125,"trust_score":126,"computed_at":127},"onlineoptimisation",2,99000,80,572,65,"2026-04-03T21:26:59.668Z",[129,149,175,196,214],{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":29,"num_ratings":29,"last_updated":139,"tested_up_to":140,"requires_at_least":141,"requires_php":142,"tags":143,"homepage":146,"download_link":147,"security_score":148,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wl-email-encrypter","wL Email Encrypter","1.0.5","Art4","https:\u002F\u002Fprofiles.wordpress.org\u002Fwlabs\u002F","\u003Cp>wL Email Encrypter scans pages, articles, comments or RSS feeds for email addresses and encrypts them using JavaScript or replacing the \u003Ccode>@\u003C\u002Fcode> signs with your own text like \u003Ccode>[at]\u003C\u002Fcode>. This allows bots and other email-collectors do not recognize and save the emails.\u003C\u002Fp>\n\u003Cp>A visitor who has not activated JavaScript, gets displayed a userdefined message about it.\u003C\u002Fp>\n\u003Cp>If an user is logged in, the emails won’t be encrypted.\u003C\u002Fp>\n\u003Cp>The protect method can be set separately for posts, comments and rss feeds. For example, RSS Feeds should not include JavaScript, so there should prefer the \u003Ccode>@\u003C\u002Fcode> sign to be replaced.\u003C\u002Fp>\n\u003Cp>wL Email Encrypter also recognizes with \u003Ccode>mailto:\u003C\u002Fcode> email addresses linked with subject information and others, and protect this information also.\u003C\u002Fp>\n\u003Cp>There is a meta box for page-specific settings in the administration, in which a specific protection can be selected or disabled.\u003C\u002Fp>\n\u003Cp>Take a look at the screenshots to find out more.\u003C\u002Fp>\n","This plugin encrypted e-mail addresses to protect and hide them from bots and harvesters.",90,11287,"2011-03-28T23:45:00.000Z","4.6.30","2.9","",[144,22,23,24,145],"email","spam","http:\u002F\u002Fwww.wlabs.de\u002Fplugins\u002Fwl-email-encrypter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwl-email-encrypter.1.0.5.zip",85,{"slug":150,"name":151,"version":152,"author":153,"author_profile":154,"description":155,"short_description":156,"active_installs":157,"downloaded":158,"rating":159,"num_ratings":160,"last_updated":161,"tested_up_to":162,"requires_at_least":163,"requires_php":164,"tags":165,"homepage":170,"download_link":171,"security_score":172,"vuln_count":173,"unpatched_count":29,"last_vuln_date":174,"fetched_at":31},"antispam-bee","Antispam Bee","2.11.8","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Say Goodbye to comment spam on your WordPress blog or website. \u003Cem>Antispam Bee\u003C\u002Fem> blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free and 100% GDPR compliant.\u003C\u002Fp>\n\u003Ch3>Feature\u002FSettings Overview\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Trust approved commenters.\u003C\u002Fli>\n\u003Cli>Trust commenters with a Gravatar.\u003C\u002Fli>\n\u003Cli>Consider the comment time.\u003C\u002Fli>\n\u003Cli>Allow comments only in a certain language.\u003C\u002Fli>\n\u003Cli>Block or allow commenters from certain countries.\u003C\u002Fli>\n\u003Cli>Treat BBCode links as spam.\u003C\u002Fli>\n\u003Cli>Use regular expressions.\u003C\u002Fli>\n\u003Cli>Search local spam database for commenters previously marked as spammers.\u003C\u002Fli>\n\u003Cli>Notify admins by e-mail about incoming spam.\u003C\u002Fli>\n\u003Cli>Delete existing spam after n days.\u003C\u002Fli>\n\u003Cli>Limit approval to comments\u002Fpings (will delete other comment types).\u003C\u002Fli>\n\u003Cli>Select spam indicators to send comments to deletion directly.\u003C\u002Fli>\n\u003Cli>Optionally exclude trackbacks and pingbacks from spam detection.\u003C\u002Fli>\n\u003Cli>Optionally spam-check comment forms on archive pages.\u003C\u002Fli>\n\u003Cli>Display spam statistics on the dashboard, including daily updates of spam detection rate and a total of blocked spam comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Read \u003Ca href=\"https:\u002F\u002Fantispambee.pluginkollektiv.org\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fantispam-bee\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fantispam-bee\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.",700000,10958057,96,225,"2025-07-22T11:23:00.000Z","6.8.5","4.6","5.2",[20,166,167,168,169],"antispam","comments","spam-filter","spam-protection","https:\u002F\u002Fantispambee.pluginkollektiv.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantispam-bee.2.11.8.zip",100,1,"2023-11-27 00:00:00",{"slug":176,"name":177,"version":178,"author":179,"author_profile":180,"description":181,"short_description":182,"active_installs":183,"downloaded":184,"rating":185,"num_ratings":186,"last_updated":187,"tested_up_to":16,"requires_at_least":188,"requires_php":189,"tags":190,"homepage":194,"download_link":195,"security_score":172,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"contact-form-7-honeypot","CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7","3.4.0","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>\u003Cstrong>Add extra Spam Protection functionalities to your Contact Form 7 forms with CF7 Apps.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Contact Form 7 is one of the most popular form plugins for WordPress, but \u003Cstrong>it lacks many advanced features\u003C\u002Fstrong> that modern websites need. CF7 Apps adds extra Spam Protection functionalities to your Contact Form 7 forms, introducing honeypot and hCaptcha options.\u003C\u002Fp>\n\u003Cp>👉 Get Support: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontact-form-7-honeypot\u002F\" rel=\"ugc\">Click Here\u003C\u002Fa>\u003Cbr \u002F>\n👉 Check out the \u003Ca href=\"https:\u002F\u002Fcf7apps.com\u002Fdocs\u002F?utm_source=wp_org&utm_medium=readme&utm_campaign=documentation\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>What CF7 Apps Can Do for You ?\u003C\u002Fh3>\n\u003Cp>Right out of the box, CF7 Apps includes:\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Honeypot App\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>hCaptcha App\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>Database Entries App\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>Redirection App\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>Webhook App\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ \u003Cstrong>ACF Integeration\u003C\u002Fstrong>\u003Cbr \u002F>\n💡 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fcf7apps.com\u002Fsubmit-idea\u002F?utm_source=wp_org&utm_medium=readme&utm_campaign=suggest_a_feature\" rel=\"nofollow ugc\">Suggest a Feature\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>And that’s just the beginning.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Save and Manage CF7 Form Submissions\u003C\u002Fstrong>\u003Cbr \u002F>\nThe Entries Database App stores all Contact Form 7 submissions directly to your WordPress database. Easily filter entries by form or date, view individual CF7 submissions, and export or delete them when needed. This ensures you never lose important leads or messages, even if emails fail to deliver.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Add a Honeypot Field to Prevent Spam\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Our \u003Cstrong>Honeypot Contact Form 7 extension\u003C\u002Fstrong> creates a hidden field inside your Contact Form 7 forms. Real users never see it, but bots do—and that’s how the bots fall for the trap. It blocks automated spam before it even hits your inbox.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Add hCaptcha to Contact Form 7\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Protect your forms from spam bots using \u003Cstrong>hCaptcha,\u003C\u002Fstrong> a privacy-friendly alternative to Google reCAPTCHA. This extension integrates directly with CF7 and works instantly after setup. No coding is required, and no extra plugins are needed. Just set up your site keys and you’re done.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Manage & View Contact Form 7 Entries\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Store, view, and manage all your Contact Form 7 submissions directly inside your WordPress dashboard. This extension logs every form entry automatically, giving you an organized record of user submissions. No coding or third-party tools required just activate and start tracking instantly.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Redirect Users After Form Submission\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily redirect users to any internal or external page after submitting a form. This extension lets you control the post-submission experience with custom URLs, thank-you pages, or marketing funnels. No coding needed configure your redirect URL and it works immediately.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Send Form Data via Webhooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Automatically forward your Contact Form 7 submission data to any external service using \u003Cstrong>webhooks.\u003C\u002Fstrong>This extension enables seamless API integrations, automation workflows, and third-party connections. No additional plugins or coding required just add your webhook URL and you’re ready to go.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Integrate ACF Fields into Your Forms\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily pull Advanced Custom Fields (ACF) data into your Contact Form 7 forms using the built-in ACF field tags. This integration lets you map and display your custom ACF fields directly inside CF7 without any extra plugins or coding. Just enable the feature, select your ACF fields, and your form is ready to use.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe best thing is that both features work independently. You can run them alone or together based on your site’s needs.\u003C\u002Fp>\n\u003Ch3>Real Use Cases for CF7 Apps\u003C\u002Fh3>\n\u003Cp>With the CF7 Apps, you can do the following:\u003Cbr \u002F>\n  ✔️ Trap bots using a honeypot field without affecting users\u003Cbr \u002F>\n  ✔️ Add hCaptcha to Contact Form 7 for privacy-first anti-spam\u003Cbr \u002F>\n  ✔️ Store and manage Contact Form 7 entries directly in WordPress\u003Cbr \u002F>\n  ✔️ Redirect your Contact Form 7 submissions to any internal or external page.\u003Cbr \u002F>\n  ✔️ Send your form data to any third-party service or custom endpoint through our Webhook.\u003Cbr \u002F>\n  ✔️ Display dynamic ACF field values inside your Contact Form 7 forms for personalized entries.\u003C\u002Fp>\n\u003Ch3>Why Should You Install CF7 Apps?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Works exclusively with Contact Form 7\u003C\u002Fli>\n\u003Cli>Modular design — activate only the features you need\u003C\u002Fli>\n\u003Cli>Lightweight — no unnecessary code or bloat\u003C\u002Fli>\n\u003Cli>Built for form security, user control, and advanced customization\u003C\u002Fli>\n\u003Cli>Continuously updated with new apps and requested features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We built CF7 Apps for users who want more power without abandoning the simplicity of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>Try Our Other Awesome WordPress Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-smtp\u002F\" rel=\"ugc\">Post SMTP:\u003C\u002Fa>\u003C\u002Fstrong> Reliable WordPress email delivery plugin with detailed email logs and multiple SMTP integrations.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgutena-forms\u002F\" rel=\"ugc\">Gutena Forms:\u003C\u002Fa>\u003C\u002Fstrong> Create modern, responsive contact forms directly in the Gutenberg block editor. Includes advanced fields, spam protection (reCAPTCHA & Cloudflare Turnstile), and entry management.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-easy-pay\u002F\" rel=\"ugc\">WP EasyPay:\u003C\u002Fa>\u003C\u002Fstrong> Accept Square payments and donations easily on your WordPress site.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-protected\u002F\" rel=\"ugc\">Password Protected:\u003C\u002Fa>\u003C\u002Fstrong> Secure your WordPress site, posts, pages, and categories with simple password protection.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffile-manager-advanced\u002F\" rel=\"ugc\">Advanced File Manager:\u003C\u002Fa>\u003C\u002Fstrong> Manage and organize WordPress files effortlessly from your dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-shop-sync\u002F\" rel=\"ugc\">WC Shop Sync:\u003C\u002Fa>\u003C\u002Fstrong> Add Square payments and sync WooCommerce products, customers, and orders with Square POS.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmycred\u002F\" rel=\"ugc\">myCred:\u003C\u002Fa>\u003C\u002Fstrong> Add gamification, rewards, ranks, and a points management system to your WordPress website.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbookify\u002F\" rel=\"ugc\">Bookify:\u003C\u002Fa>\u003C\u002Fstrong> Your complete online bookings and appointment scheduling solution for WordPress.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faio-login\u002F\" rel=\"ugc\">All In One Login:\u003C\u002Fa>\u003C\u002Fstrong> Secure your WordPress login page, change wp-login.php URL, and add social logins including Google, Facebook, Microsoft, and LINE.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnew-user-approve\u002F\" rel=\"ugc\">New User Approve:\u003C\u002Fa>\u003C\u002Fstrong> Control new user registrations by approving or denying signups.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpexperts.io\u002F\" rel=\"nofollow ugc\">WP Experts WooCommerce Store:\u003C\u002Fa>\u003C\u002Fstrong> Explore premium WooCommerce plugins and solutions by WPExperts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute or Report Issues\u003C\u002Fh3>\n\u003Cp>Do you have a feature request or bug to report? Contact us via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontact-form-7-honeypot\" rel=\"ugc\">official Support Channel.\u003C\u002Fa>\u003C\u002Fp>\n","Addons for Contact Form 7 — Honeypot, Database Entries, Redirection, Spam Protection, Webhooks, ACF integration for Contact Form 7, and more.",300000,5576961,76,131,"2026-01-30T04:54:00.000Z","4.8","5.6",[20,191,192,193,169],"captcha","cf7-database","honeypot","https:\u002F\u002Fcf7apps.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-honeypot.3.4.0.zip",{"slug":193,"name":197,"version":198,"author":199,"author_profile":200,"description":201,"short_description":202,"active_installs":183,"downloaded":203,"rating":172,"num_ratings":204,"last_updated":205,"tested_up_to":16,"requires_at_least":206,"requires_php":142,"tags":207,"homepage":211,"download_link":212,"security_score":13,"vuln_count":122,"unpatched_count":29,"last_vuln_date":213,"fetched_at":31},"WP Armour – Honeypot Anti Spam","2.3.04","Dnesscarkey","https:\u002F\u002Fprofiles.wordpress.org\u002Fdnesscarkey\u002F","\u003Cp>This plugins block spam submissions using honeypot anti spam technic. No Captcha or extra verification field hassle to the users. Only lets spam bots to suffer using our anti spam filter.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic anti spam protection for following forms (Available in Free Version) . No setup required.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Comments\u003C\u002Fli>\n\u003Cli>WP Registraton\u003C\u002Fli>\n\u003Cli>BBPress Forum (\u003Ca href=\"https:\u002F\u002Fbbpress.org\" rel=\"nofollow ugc\">bbpress.org\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Contact Form 7 (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fcontact-form-7\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Gravity Forms (For Non Ajax and Single Page\u002FStep Form – \u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\" rel=\"nofollow ugc\">gravityforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>WPForms (\u003Ca href=\"https:\u002F\u002Fwpforms.com\" rel=\"nofollow ugc\">wpforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Formidable Forms (\u003Ca href=\"https:\u002F\u002Fformidableforms.com\" rel=\"nofollow ugc\">formidableforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Caldera Forms (\u003Ca href=\"https:\u002F\u002Fcalderaforms.com\" rel=\"nofollow ugc\">calderaforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Toolset Forms (\u003Ca href=\"https:\u002F\u002Ftoolset.com\" rel=\"nofollow ugc\">toolset.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Elementor Forms (\u003Ca href=\"https:\u002F\u002Felementor.com\" rel=\"nofollow ugc\">elementor.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Fluent Forms (\u003Ca href=\"https:\u002F\u002Ffluentforms.com\" rel=\"nofollow ugc\">fluentforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Divi Theme Contact Form (\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\" rel=\"nofollow ugc\">elegantthemes.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Theme My Login ( https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftheme-my-login\u002F )\u003C\u002Fli>\n\u003Cli>WooCommerce Reviews Pro\u003C\u002Fli>\n\u003Cli>GDPR compliant. No tracking, cookie storage or external server calls.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WP Armour Extended (Paid Version) supports additional anti spam protection and features.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Record Spam Submission, view what spam bot are trying to submit \u003C\u002Fli>\n\u003Cli>Logs spam bot IPs.\u003C\u002Fli>\n\u003Cli>Block spam bot IPs if multiple spam is submitted. Add extra level of anti spam filter based on IPs. Stops spam bot from using unwanted bandwidth and save valuable server resource.\u003C\u002Fli>\n\u003Cli>WooCommerce Checkout & Registration including Card Testing Orders (\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\" rel=\"nofollow ugc\">woocommerce.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads Checkout and Registration (\u003Ca href=\"https:\u002F\u002Feasydigitaldownloads.com\" rel=\"nofollow ugc\">easydigitaldownloads.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>QuForm Contact Form (\u003Ca href=\"https:\u002F\u002Fwww.quform.com\" rel=\"nofollow ugc\">quform.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Ninja Forms (\u003Ca href=\"https:\u002F\u002Fninjaforms.com\" rel=\"nofollow ugc\">https:\u002F\u002Fninjaforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Gravity Forms (For Ajax Based and Multi Step Forms – \u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\" rel=\"nofollow ugc\">gravityforms.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>MC4WP: Mailchimp for WordPress (\u003Ca href=\"https:\u002F\u002Fwww.mc4wp.com\" rel=\"nofollow ugc\">mc4wp.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>S2 Members (\u003Ca href=\"https:\u002F\u002Fs2member.com\" rel=\"nofollow ugc\">s2member.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Ulimate Members (\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002F\" rel=\"nofollow ugc\">ultimatemember.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Bricks Builder Form (\u003Ca href=\"https:\u002F\u002Fbricksbuilder.io\u002F\" rel=\"nofollow ugc\">bricksbuilder.io\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>BricksForge Pro Form (\u003Ca href=\"https:\u002F\u002Fbricksforge.io\u002F\" rel=\"nofollow ugc\">bricksforge.io\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Beaver Builder Contact Form Module (\u003Ca href=\"https:\u002F\u002Fwww.wpbeaverbuilder.com\u002F\" rel=\"nofollow ugc\">Beaver Builder\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Strong Testimonials (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fstrong-testimonials\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fstrong-testimonials\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Formcraft Form (\u003Ca href=\"https:\u002F\u002Fformcraft-wp.com\u002F\" rel=\"nofollow ugc\">formcraft-wp.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Forminator Form (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforminator\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fforminator\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>WS Form (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fws-form\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fws-form\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>YITH Easy Login & Register Popup for WooCommerce\u003C\u002Fli>\n\u003Cli>UsersWP (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuserswp\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fuserswp\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Youzify (\u003Ca href=\"https:\u002F\u002Fyouzify.com\u002F\" rel=\"nofollow ugc\">youzify.com\u002F\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>MailPoet (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailpoet\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fmailpoet\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Brevo – SendInBlue (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailin\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fmailin\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>JetForm Builder (\u003Ca href=\"https:\u002F\u002Fjetformbuilder.com\u002F\" rel=\"nofollow ugc\">jetformbuilder.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>HTMLform plugin (\u003Ca href=\"https:\u002F\u002Fwww.htmlformsplugin.com\" rel=\"nofollow ugc\">htmlformsplugin.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Avia Enfold Theme (\u003Ca href=\"https:\u002F\u002Fkriesi.at\u002Fthemes\u002Fenfold\" rel=\"nofollow ugc\">kriesi.at\u002Fthemes\u002Fenfold\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>BuddyPress (\u003Ca href=\"https:\u002F\u002Fbuddypress.org\" rel=\"nofollow ugc\">buddypress.org\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>BuddyBoss (\u003Ca href=\"https:\u002F\u002Fwww.buddyboss.com\" rel=\"nofollow ugc\">buddyboss.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Sure Forms (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsureforms\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Fsureforms\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Everest Forms (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feverest-forms\u002F\" rel=\"ugc\">wordpress.org\u002Fplugins\u002Feverest-forms\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can get the WP Armour – Anti Spam Extended from \u003Ca title=\"WP Armour Extended - Anti Spam\" href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fbuy-wp-armour-extended\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How our plugin is different than other honeypot anti spam plugins ? \u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works for most of the forms and wordpress system including registation and comments. So All in one anti spam solution.\u003C\u002Fli>\n\u003Cli>No external API calls like Akismet or CleanTalk for spam filtering. \u003C\u002Fli>\n\u003Cli>GDPR Compliant.\u003C\u002Fli>\n\u003Cli>Spam bots can’t use javascript so we use javascript to insert honeypot anti spam field in the form and spam bots can’t fill it to pass anti spam test. \u003C\u002Fli>\n\u003Cli>Unique honeypot field name generated for each wordpress installation, so it is hard for spam bots to make one fit for all solution to bypass honeypot anti spam test.\u003C\u002Fli>\n\u003Cli>No setup required. Just activate the plugin and it enables anti spam for all supported forms, comment and registration.\u003C\u002Fli>\n\u003Cli>No API or monthly subscription needed like other plugins. Though we have \u003Ca title=\"WP Armour Extended - Anti Spam\" href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fbuy-wp-armour-extended\" rel=\"nofollow ugc\">Premium extended version\u003C\u002Fa> of the plugin for more support with yearly license.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have any issue, you can write to using \u003Ca title=\"WP Armour - Honeypot Anti Spam Forum\" href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fhoneypot\u002F\" rel=\"ugc\">support forum.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Need distance-based delivery fees in WooCommerce?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Calculate accurate shipping costs automatically with \u003Ca href=\"https:\u002F\u002Fhcn.im\u002Froutepricing\" rel=\"nofollow ugc\">RoutePricing\u003C\u002Fa>.\u003Cbr \u002F>\nUses Google Maps to set dynamic prices per km\u002Fmi — perfect for restaurants, local shops, and delivery businesses.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support Us at Patreon\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Your support is vital for us to keep fighting spam. By supporting us on \u003Ca href=\"https:\u002F\u002Fwww.patreon.com\u002Fwp_armour\" rel=\"nofollow ugc\">Patreon\u003C\u002Fa> with as little as USD 1, you will help us continue developing of our anti spam plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Our other plugins\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuse-any-font\" rel=\"ugc\">Use Any Font\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjquery-validation-for-contact-form-7\u002F\" rel=\"ugc\">Jquery Validation For Contact Form 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fjquery-validation-for-gravity-forms\" rel=\"nofollow ugc\">Jquery Validation For Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblock-specific-plugin-updates\u002F\" rel=\"ugc\">Block Specific Plugin Updates\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Fastest growing Anti Spam plugin. No API calls, subscriptions, captcha or puzzle. Full GDPR complaint. For comments, contact form, login, registration",4516082,1330,"2025-12-20T04:14:00.000Z","5.0",[208,20,209,210,169],"akismet","comment-spam","contact-form-spam","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhoneypot\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhoneypot.2.3.04.zip","2024-03-15 00:00:00",{"slug":215,"name":216,"version":217,"author":218,"author_profile":219,"description":220,"short_description":221,"active_installs":222,"downloaded":223,"rating":224,"num_ratings":225,"last_updated":226,"tested_up_to":227,"requires_at_least":228,"requires_php":229,"tags":230,"homepage":235,"download_link":236,"security_score":237,"vuln_count":122,"unpatched_count":29,"last_vuln_date":238,"fetched_at":31},"email-address-encoder","Email Address Encoder","1.0.24","Till Krüss","https:\u002F\u002Fprofiles.wordpress.org\u002Ftillkruess\u002F","\u003Cp>A lightweight plugin that protects plain email addresses and mailto links from email-harvesting robots, by encoding them into decimal and hexadecimal entities. Has an effect on the posts, pages, comments, excerpts, text widgets and other filtered content. Works without JavaScript — just simple spam protection.\u003C\u002Fp>\n\u003Cp>To see whether all your email addresses are properly protected, use the free \u003Ca href=\"https:\u002F\u002Fencoder.till.im\u002Fscanner?utm_source=wp-plugin&utm_medium=readme\" rel=\"nofollow ugc\">page scanner\u003C\u002Fa> tool.\u003C\u002Fp>\n\u003Cp>Other content (like phone numbers) can be protected using \u003Ccode>[encode]\u003C\u002Fcode> shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[encode]+1 (555) 123-4567[\u002Fencode]\n[encode link=\"tel:+15551234567\"]+1 (555) 123-4567[\u002Fencode]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full-page protection\u003C\u002Fstrong> that catches all email addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hardened protection\u003C\u002Fstrong> using JavaScript and CSS techniques\u003C\u002Fli>\n\u003Cli>Improved \u003Cstrong>phone number\u003C\u002Fstrong> protection\u003C\u002Fli>\n\u003Cli>Built-in plugin support for \u003Cstrong>ACF\u003C\u002Fstrong>, \u003Cstrong>Jetpack\u003C\u002Fstrong>, \u003Cstrong>WooCommerce\u003C\u002Fstrong> and many others\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out the \u003Ca href=\"https:\u002F\u002Fencoder.till.im\u002Fdownload?utm_source=wp-plugin&utm_medium=readme\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> version of Email Address Encoder.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcoderisk.com\u002Fwp\u002Fplugin\u002Femail-address-encoder\u002FRIPS-r0bJqKvBws\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","A lightweight plugin that protects email addresses from email-harvesting robots, by encoding them into decimal and hexadecimal entities.",100000,1552799,84,160,"2025-01-20T21:35:00.000Z","6.7.5","2.0","5.3",[231,232,233,234,145],"block","crawler","encryption","protection","https:\u002F\u002Fencoder.till.im\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-address-encoder.1.0.24.zip",91,"2024-08-26 00:00:00",{"attackSurface":240,"codeSignals":366,"taintFlows":456,"riskAssessment":519,"analyzedAt":526},{"hooks":241,"ajaxHandlers":354,"restRoutes":363,"shortcodes":364,"cronEvents":365,"entryPointCount":122,"unprotectedCount":29},[242,248,252,255,259,262,265,268,271,278,280,282,286,289,294,296,298,301,303,308,311,315,318,324,329,333,335,339,343,347,349,352],{"type":243,"name":244,"callback":245,"file":246,"line":247},"action","init","register_hooks","core\\includes\\classes\\class-email-encoder-bundle-ajax.php",12,{"type":243,"name":249,"callback":250,"file":246,"line":251},"admin_enqueue_scripts","enqueue_scripts",25,{"type":243,"name":253,"callback":250,"file":246,"line":254},"wp_enqueue_scripts",30,{"type":243,"name":244,"callback":256,"file":257,"line":258},"load_settings","core\\includes\\classes\\class-email-encoder-bundle-settings.php",92,{"type":243,"name":244,"callback":260,"file":257,"line":261},"load_version",93,{"type":243,"name":244,"callback":263,"file":257,"line":264},"load_email_image_secret",94,{"type":243,"name":244,"callback":266,"file":257,"line":267},"first_version_init",176,{"type":243,"name":244,"callback":269,"file":257,"line":270},"version_update",184,{"type":272,"name":273,"callback":274,"priority":275,"file":276,"line":277},"filter","eeb\u002Fsettings\u002Ffields","deactivate_logic",10,"core\\includes\\integrations\\classes\\avada_builder.php",13,{"type":272,"name":273,"callback":274,"priority":275,"file":279,"line":275},"core\\includes\\integrations\\classes\\bricks_builder.php",{"type":272,"name":273,"callback":274,"priority":275,"file":281,"line":275},"core\\includes\\integrations\\classes\\divi_theme.php",{"type":272,"name":283,"callback":284,"priority":172,"file":285,"line":277},"googlesitekit_admin_data","soft_encode_admin_data","core\\includes\\integrations\\classes\\google_site_kit.php",{"type":272,"name":273,"callback":274,"priority":275,"file":287,"line":288},"core\\includes\\integrations\\classes\\hive_press.php",14,{"type":243,"name":290,"callback":291,"priority":172,"file":292,"line":293},"load_custom_style","load_custom_styles","core\\includes\\integrations\\classes\\maintenance.php",24,{"type":243,"name":295,"callback":295,"priority":172,"file":292,"line":251},"load_custom_scripts",{"type":272,"name":273,"callback":274,"priority":275,"file":297,"line":275},"core\\includes\\integrations\\classes\\oxygen_builder.php",{"type":272,"name":299,"callback":274,"priority":172,"file":300,"line":275},"tribe_get_organizer_email","core\\includes\\integrations\\classes\\the_events_calendar.php",{"type":272,"name":273,"callback":274,"priority":275,"file":302,"line":275},"core\\includes\\integrations\\classes\\wpml.php",{"type":243,"name":304,"callback":305,"file":306,"line":307},"plugins_loaded","EEB","email-encoder-bundle.php",43,{"type":243,"name":244,"callback":245,"file":309,"line":310},"src\\Admin\\Admin.php",21,{"type":243,"name":312,"callback":313,"file":309,"line":314},"admin_init","save_settings_admin",28,{"type":243,"name":249,"callback":316,"file":317,"line":288},"enqueue","src\\Admin\\AdminEnqueue.php",{"type":243,"name":319,"callback":320,"priority":321,"file":322,"line":323},"admin_menu","register_menu",150,"src\\Admin\\AdminMenu.php",20,{"type":243,"name":325,"callback":326,"priority":327,"file":328,"line":288},"wp","display_email_image",999,"src\\Front\\DisplayEmailImage.php",{"type":243,"name":244,"callback":245,"priority":330,"file":331,"line":332},2000,"src\\Front\\Front.php",22,{"type":243,"name":244,"callback":334,"file":331,"line":314},"load_textdomain",{"type":243,"name":244,"callback":336,"priority":337,"file":338,"line":288},"buffer_final_output",1000,"src\\Front\\FrontBuffering.php",{"type":243,"name":244,"callback":340,"file":341,"line":342},"register","src\\Front\\FrontCore.php",18,{"type":272,"name":344,"callback":345,"priority":275,"file":341,"line":346},"do_shortcode_tag","filter_content",99,{"type":243,"name":253,"callback":316,"file":348,"line":288},"src\\Front\\FrontEnqueue.php",{"type":243,"name":244,"callback":350,"priority":275,"file":351,"line":288},"add_custom_template_tags","src\\Front\\FrontTemplateTags.php",{"type":243,"name":244,"callback":340,"file":353,"line":288},"src\\Front\\Shortcodes\\Shortcodes.php",[355,361],{"action":356,"nopriv":357,"callback":358,"hasNonce":359,"hasCapCheck":357,"file":246,"line":360},"eeb_get_email_form_output",false,"handle",true,26,{"action":356,"nopriv":359,"callback":358,"hasNonce":359,"hasCapCheck":357,"file":246,"line":362},31,[],[],[],{"dangerousFunctions":367,"sqlUsage":368,"outputEscaping":370,"fileOperations":29,"externalRequests":29,"nonceChecks":122,"capabilityChecks":454,"bundledLibraries":455},[],{"prepared":29,"raw":29,"locations":369},[],{"escaped":254,"rawEcho":371,"locations":372},54,[373,375,378,379,380,382,385,387,389,391,392,393,395,396,398,399,400,403,404,406,407,408,410,412,413,414,416,417,418,419,420,421,422,425,427,429,431,432,433,434,435,436,437,439,441,443,445,446,447,448,449,450,451,453],{"file":246,"line":14,"context":374},"raw output",{"file":376,"line":377,"context":374},"core\\includes\\classes\\class-email-encoder-bundle-helpers.php",79,{"file":376,"line":377,"context":374},{"file":376,"line":124,"context":374},{"file":328,"line":381,"context":374},48,{"file":383,"line":384,"context":374},"templates\\admin\\meta-box-content.php",6,{"file":386,"line":275,"context":374},"templates\\eeb-page-display.php",{"file":386,"line":388,"context":374},15,{"file":386,"line":390,"context":374},23,{"file":386,"line":390,"context":374},{"file":386,"line":360,"context":374},{"file":394,"line":122,"context":374},"templates\\help-tabs\\general.php",{"file":394,"line":122,"context":374},{"file":394,"line":397,"context":374},4,{"file":394,"line":28,"context":374},{"file":394,"line":275,"context":374},{"file":401,"line":402,"context":374},"templates\\help-tabs\\shortcodes.php",5,{"file":401,"line":28,"context":374},{"file":401,"line":405,"context":374},11,{"file":401,"line":277,"context":374},{"file":401,"line":288,"context":374},{"file":401,"line":409,"context":374},16,{"file":401,"line":411,"context":374},19,{"file":401,"line":251,"context":374},{"file":401,"line":314,"context":374},{"file":415,"line":173,"context":374},"templates\\help-tabs\\template-tags.php",{"file":415,"line":397,"context":374},{"file":415,"line":275,"context":374},{"file":415,"line":277,"context":374},{"file":415,"line":411,"context":374},{"file":415,"line":332,"context":374},{"file":415,"line":254,"context":374},{"file":423,"line":424,"context":374},"templates\\widgets\\main.php",34,{"file":423,"line":426,"context":374},36,{"file":423,"line":428,"context":374},67,{"file":423,"line":430,"context":374},68,{"file":423,"line":430,"context":374},{"file":423,"line":430,"context":374},{"file":423,"line":430,"context":374},{"file":423,"line":430,"context":374},{"file":423,"line":430,"context":374},{"file":423,"line":86,"context":374},{"file":423,"line":438,"context":374},70,{"file":423,"line":440,"context":374},74,{"file":423,"line":442,"context":374},78,{"file":423,"line":444,"context":374},83,{"file":423,"line":444,"context":374},{"file":423,"line":444,"context":374},{"file":423,"line":444,"context":374},{"file":423,"line":444,"context":374},{"file":423,"line":444,"context":374},{"file":423,"line":148,"context":374},{"file":423,"line":452,"context":374},86,{"file":423,"line":261,"context":374},9,[],[457,472,483,491,503,511],{"entryPoint":458,"graph":459,"unsanitizedCount":173,"severity":41},"display_email_image (src\\Front\\DisplayEmailImage.php:18)",{"nodes":460,"edges":470},[461,465],{"id":462,"type":463,"label":464,"file":328,"line":293},"n0","source","$_GET",{"id":466,"type":467,"label":468,"file":328,"line":381,"wp_function":469},"n1","sink","echo() [XSS]","echo",[471],{"from":462,"to":466,"sanitized":357},{"entryPoint":473,"graph":474,"unsanitizedCount":29,"severity":482},"handle (core\\includes\\classes\\class-email-encoder-bundle-ajax.php:56)",{"nodes":475,"edges":480},[476,479],{"id":462,"type":463,"label":477,"file":246,"line":478},"$_POST",60,{"id":466,"type":467,"label":468,"file":246,"line":14,"wp_function":469},[481],{"from":462,"to":466,"sanitized":359},"low",{"entryPoint":484,"graph":485,"unsanitizedCount":29,"severity":482},"\u003Cclass-email-encoder-bundle-ajax> (core\\includes\\classes\\class-email-encoder-bundle-ajax.php:0)",{"nodes":486,"edges":489},[487,488],{"id":462,"type":463,"label":477,"file":246,"line":478},{"id":466,"type":467,"label":468,"file":246,"line":14,"wp_function":469},[490],{"from":462,"to":466,"sanitized":359},{"entryPoint":492,"graph":493,"unsanitizedCount":29,"severity":482},"save_settings_admin (src\\Admin\\Admin.php:35)",{"nodes":494,"edges":501},[495,497],{"id":462,"type":463,"label":477,"file":309,"line":496},50,{"id":466,"type":467,"label":498,"file":309,"line":499,"wp_function":500},"update_option() [Settings Manipulation]",63,"update_option",[502],{"from":462,"to":466,"sanitized":359},{"entryPoint":504,"graph":505,"unsanitizedCount":29,"severity":482},"\u003CAdmin> (src\\Admin\\Admin.php:0)",{"nodes":506,"edges":509},[507,508],{"id":462,"type":463,"label":477,"file":309,"line":496},{"id":466,"type":467,"label":498,"file":309,"line":499,"wp_function":500},[510],{"from":462,"to":466,"sanitized":359},{"entryPoint":512,"graph":513,"unsanitizedCount":173,"severity":482},"\u003CDisplayEmailImage> (src\\Front\\DisplayEmailImage.php:0)",{"nodes":514,"edges":517},[515,516],{"id":462,"type":463,"label":464,"file":328,"line":293},{"id":466,"type":467,"label":468,"file":328,"line":381,"wp_function":469},[518],{"from":462,"to":466,"sanitized":357},{"summary":520,"deductions":521},"The email-encoder-bundle plugin exhibits a mixed security posture.  On the positive side, it demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks on its AJAX endpoints, indicating an effort to prevent common web vulnerabilities. The absence of critical or high severity taint flows is also a positive sign, suggesting that user input is generally handled with care. However, a significant concern arises from its vulnerability history, with 7 known medium severity CVEs, all of which are reported as patched. The prevalence of Cross-Site Scripting (XSS) as the common vulnerability type, even if patched, suggests potential weaknesses in output escaping, which is further supported by the static analysis revealing that only 36% of outputs are properly escaped. This low escaping rate is a notable area of concern, potentially leaving the plugin vulnerable to XSS attacks if new vulnerabilities are discovered or if older, unpatched vulnerabilities are present in a different version.\n\nDespite the strong security measures in place for its entry points and data handling, the low percentage of properly escaped output represents a latent risk. While the vulnerability history shows all past CVEs are patched, the recurring nature of XSS vulnerabilities and the poor output escaping rate suggest a need for more rigorous input validation and output sanitization across the board. The plugin has a small attack surface and no critical static analysis flags, but the historical trend of XSS and the current unescaped output rate are areas that warrant attention.  Therefore, while not in immediate critical danger, the plugin's security could be significantly improved by addressing the output escaping issue.",[522,524],{"reason":523,"points":388},"Output escaping is significantly low (36%)",{"reason":525,"points":275},"7 known medium severity CVEs historically","2026-03-16T17:10:13.375Z",{"wat":528,"direct":543},{"assetPaths":529,"generatorPatterns":535,"scriptPaths":536,"versionParams":537},[530,531,532,533,534],"\u002Fwp-content\u002Fplugins\u002Femail-encoder-bundle\u002Fcore\u002Fincludes\u002Fassets\u002Fjs\u002Fencoder-form.js","\u002Fwp-content\u002Fplugins\u002Femail-encoder-bundle\u002Fsrc\u002FAdmin\u002Fassets\u002Fjs\u002Fcustom-admin.js","\u002Fwp-content\u002Fplugins\u002Femail-encoder-bundle\u002Fsrc\u002FAdmin\u002Fassets\u002Fcss\u002Fstyle-admin.css","\u002Fwp-content\u002Fplugins\u002Femail-encoder-bundle\u002Fsrc\u002FFront\u002Fassets\u002Fjs\u002Fcustom.js","\u002Fwp-content\u002Fplugins\u002Femail-encoder-bundle\u002Fsrc\u002FFront\u002Fassets\u002Fcss\u002Fstyle.css",[],[530,531,533],[538,539,540,541,542],"email-encoder-bundle\u002Fcore\u002Fincludes\u002Fassets\u002Fjs\u002Fencoder-form.js?ver=","email-encoder-bundle\u002Fsrc\u002FAdmin\u002Fassets\u002Fjs\u002Fcustom-admin.js?ver=","email-encoder-bundle\u002Fsrc\u002FAdmin\u002Fassets\u002Fcss\u002Fstyle-admin.css?ver=","email-encoder-bundle\u002Fsrc\u002FFront\u002Fassets\u002Fjs\u002Fcustom.js?ver=","email-encoder-bundle\u002Fsrc\u002FFront\u002Fassets\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":544,"htmlComments":547,"htmlAttributes":548,"restEndpoints":553,"jsGlobals":554,"shortcodeOutput":556},[545,546],"eeb-frontend-emails","eeb-content-emails",[],[549,550,551,552],"data-eeb-email","data-eeb-method","data-eeb-display","data-eeb-protected",[],[555],"eeb_ef",[557,558,559,560,561,562,563,564,565,566,567,568],"[eeb_protect_content]","[\u002Feeb_protect_content]","[eeb_mailto]","[\u002Feeb_mailto]","[eeb_encoder_form]","[\u002Feeb_encoder_form]","[eeb_protect_emails]","[\u002Feeb_protect_emails]","[eeb_content]","[\u002Feeb_content]","[eeb_email]","[\u002Feeb_email]"]