[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKBudwcp2f-a0X6pDnbTbas6mAxFcAMxgvVX8TrsqBfg":3,"$fsyXrYEfY9uZ20YSKBiwCD4jfmnLON9iRoJE1ztlVjsw":245,"$fqD9jxiAkdMzWQAh9g2iZUXawnG9zxa_lrxKkB6-Z5-Y":250},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":138,"fingerprints":232},"force-user-login-modified","Force User Login","1.0","smatric","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmatric\u002F","\u003Cp>This is a very small plugin that forces users to login before viewing any content. This is done by checking if the user is logged in, and if not, redirecting them to the login page. Users attempting to view blog content via RSS are also authenticated via HTTP Auth.\u003C\u002Fp>\n\u003Cp>Modification: use get_site_url() to redirect to the login page properly when WordPress is located in a subdirectory.\u003C\u002Fp>\n","A very small plugin that forces users to login to view blog content.",40,8241,0,"2015-08-28T22:12:00.000Z","4.3.34","2.0.2","",[19,20,21,22],"force-user-login","login","password","privacy","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-user-login-modified.1.0.2.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-05-20T04:11:53.855Z",[36,55,75,91,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":31,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":52,"download_link":53,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"force-user-login-multisite","Force User Login Multisite","1.2.1","jamesdlow","https:\u002F\u002Fprofiles.wordpress.org\u002Fjamesdlow\u002F","\u003Cp>Makes your wordpress blog private unless the user is logged in, optionally setting a minium user level. Modified from https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fforce-user-login\u002F\u003C\u002Fp>\n","Makes your wordpress blog private unless the user is logged in, optionally setting a minium user level. Modified from http:\u002F\u002Fwordpress.",20,5928,100,"2023-10-24T09:26:00.000Z","3.2.1","3.0.0",[19,20,21,22,51],"private","http:\u002F\u002Fjameslow.com\u002F2011\u002F10\u002F11\u002Fforce-user-login-multisite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-user-login-multisite.1.2.1.zip","2026-04-06T09:54:40.288Z",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":73,"download_link":74,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"chap-secure-login","Chap Secure Password Login","1.6.6","Enrico Rossomando","https:\u002F\u002Fprofiles.wordpress.org\u002Fredsend\u002F","\u003Cp>Whenever you try to login into your website, you can use this plugin to trasmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols. By activating the ChapSecureLogin plugin, the only information transmitted unencrypted is the username; password is hided with a random number (nonce) generated by the session – and opportunely transformed by the SHA-256 algorithm.\u003Cbr \u002F>\nIn the first login there will be an error, but don’t worry is only a tecnical error. Indeed in the next login’s operation, if the values are correct, there will not be errors, but you give mind because the password will sended in unencrypted way.\u003Cbr \u002F>\nIf you want more details about this algorithm, check \u003Ca href=\"http:\u002F\u002Fwww.devarticles.com\u002Fc\u002Fa\u002FJavaScript\u002FBuilding-a-CHAP-Login-System-An-ObjectOriented-Approach\u002F\" rel=\"nofollow ugc\">“Building a CHAP Login System”\u003C\u002Fa>.\u003Cbr \u002F>\nThis is a zero-configuration plugin.\u003C\u002Fp>\n\u003Cp>Enrico Rossomando (redsend) this is my blog about programming, gaming and startup > \u003Ca href=\"https:\u002F\u002Fwww.mrred.it\u002F\" title=\"Blog about programming, gaming and startup\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.mrred.it\u003C\u002Fa>\u003C\u002Fp>\n","Do not show password, during login, on an insecure channel (without SSL). Use a SHA-256 hash algorithm.",700,58432,62,8,"2020-06-07T08:21:00.000Z","5.4.19","2.5",[71,20,21,22,72],"admin","username","https:\u002F\u002Fwww.mrred.it\u002Fchap-secure-login-a-wordpress-plugin-for-secure-password-authentication\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchap-secure-login.1.6.6.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":13,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":17,"download_link":90,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"encrypt-my-login-password","Encrypt My Login Password","1.0.0","himansu1","https:\u002F\u002Fprofiles.wordpress.org\u002Fhimansu1\u002F","\u003Cp>Whenever you try to login into your website, you can use this plugin to encrypt your password.\u003C\u002Fp>\n","Do not show password on login page.",948,"2021-10-23T03:27:00.000Z","5.8.13","4.9","5.6",[71,20,89,22,72],"password-encryption","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fencrypt-my-login-password.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":46,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":112,"download_link":113,"security_score":46,"vuln_count":31,"unpatched_count":13,"last_vuln_date":114,"fetched_at":27},"temporary-login-without-password","Temporary Login Without Password","1.9.7","storeapps","https:\u002F\u002Fprofiles.wordpress.org\u002Fstoreapps\u002F","\u003Cp>Create secure, self-expiring ⏱️, automatic login links 🔗 for WordPress. Give them to developers when they ask for admin access to your site. Or an editor for a quick review of work done. Login works just by opening the link, no password needed.\u003C\u002Fp>\n\u003Cp>Using the “Temporary Login Without Password” plugin you can create a self-expiring account for someone and give them a special link with which they can login to your WordPress without needing a username and password.\u003C\u002Fp>\n\u003Cp>You can choose when the login expires, as well as the role of the temporary account.\u003C\u002Fp>\n\u003Cp>Really useful when you need to give admin access to a developer for support or for performing routine tasks.\u003C\u002Fp>\n\u003Cp>Read \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F\" rel=\"nofollow ugc\">this article\u003C\u002Fa> to know more about what’s the Current Problem – Creating a Separate Admin Login for Outsiders (Devs\u002F Guest bloggers) and how to avoid this pain, Top Benefits of using this plugin & Why and Who need Temporary Login links.\u003C\u002Fp>\n\u003Ch4>\u003Cstrong>Benefits of Temporary Logins\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>➡️  Create unlimited temporary logins\u003Cbr \u002F>\n  ➡️  Create temporary logins with any role\u003Cbr \u002F>\n  ➡️  No username & password required. Login with just a simple link\u003Cbr \u002F>\n  ➡️  Set account expiry. So, a temporary user can’t login after the expiry time\u003Cbr \u002F>\n  ➡️  Various expiration options like one day, one week, one month, and many more. Also, set a custom date\u003Cbr \u002F>\n  ➡️  Redirect user to a specific page after login\u003Cbr \u002F>\n  ➡️  Set a language for a temporary user\u003Cbr \u002F>\n  ➡️  See the last logged in time of a temporary user\u003Cbr \u002F>\n  ➡️  Also see, how many times a temporary user accessed your setup\u003Cbr \u002F>\n  ➡️  Track user activity with detailed logs to know what each temporary user did\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>\u003Cstrong>For Developers\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cp>If you need an admin access to your client’s WordPress setup to resolve any issues, use following template to ask your client to give you a temporary access to their WordPress setup.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Hi {%customer_name%},\u003C\u002Fp>\n\u003Cp>To allow me to investigate on your site, install & activate the free WordPress plugin – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"ugc\">Temporary Login Without Password\u003C\u002Fa>, and give me admin access to your site via the temporary link generated. Once I’ll get the admin access, I’ll check your site & will try to resolve the issue.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>:\u003Cbr \u002F>\n  Keep the expiry of a temporary login link for one month. Send the created login link as a reply to this email.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Temporary Login Without Password Pro Features\u003C\u002Fh3>\n\u003Cp>➡️ Limit Link Usage: Set a maximum number of times a temporary login link can be used, ensuring controlled, secure access.\u003C\u002Fp>\n\u003Cp>➡️ Instant Admin Alerts: Receive notifications each time a temporary login is accessed, keeping you informed of all activity.\u003C\u002Fp>\n\u003Cp>➡️ Activity Log: View detailed activity of each temporary user to monitor what actions they performed while logged in.\u003C\u002Fp>\n\u003Cp>Ready to take your security and convenience to the next level?\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.icegram.com\u002F?buy-now=445245&qty=1&coupon=tlwp-pro-20&with-cart=1\" rel=\"nofollow ugc\">Upgrade to TLWP Pro\u003C\u002Fa>\u003C\u002Fstrong> today to unlock our advanced features. Experience the full power of secure, temporary, passwordless access for your WordPress \u002F WooCommerce site.\u003C\u002Fp>\n\u003Ch4>What users have to say about Temporary Login Without Password?\u003C\u002Fh4>\n\u003Cp>👉 \u003Cstrong>It works with WordPress.com business plan!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I love this plugin! I got the impression that Temporary Login Without Password plugin would only work with WordPress.org sites. When I had a problem with another plugin, I reached out to their tech support. They recommended Temporary Login. I crossed my fingers, installed it, and it worked like a charm. No more worrying about possibly compromising my sites. When tech support was done, I went into the settings and revoked access. This is a game changer!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fit-works-with-wordpress-com-business-plan\u002F\" rel=\"ugc\">Suzanne Loeb\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Convenient. No rabbit holes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I can’t say I’ve used a whole bunch of these plugins, but I can say I’ve used 2 or 3. This one was the most straight forward and rushing through it I still didn’t run into any issues. The login was shot to the company I needed to let in and I was able to get back to marking things off of my checklist. Highly recommend to anyone that is needing to make a temporary user account for the first time. There’s literally nowhere to get confused from my personal experience\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fconvenient-no-rabbit-holes\u002F\" rel=\"ugc\">Peter Higgins\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Clear and efficient.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Clear and efficient. Nothing to add !\u003Cbr \u002F>\n  Continue like that !\u003Cbr \u002F>\n  Make the world of the web even more fun for all pro and amateur users!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fclear-and-efficient-2\u002F\" rel=\"ugc\">muten7\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Excellent Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Having problems with another plugin the developer recommended TPWP. It does exactly as it states. The developer was able to identify the bug, done without comprising security. The fact it records the access you have granted is a another advantage.\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fexcellent-plugin-3772\u002F\" rel=\"ugc\">mickpamg\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>A huge help and easy!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin was just what I needed to make it easy for support people to come in and get their assessments done then I don’t have to worry about revoking permission…this takes care of that for me! Love it!!!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fa-huge-help-and-easy\u002F\" rel=\"ugc\">bfauscette\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F\" rel=\"ugc\">Temporary Login Without Password plugin review section\u003C\u002Fa> and read our recent reviews.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spread The Love ❤️\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like Temporary Login Without Password, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F#new-post\" rel=\"ugc\">five stars ⭐⭐⭐⭐⭐\u003C\u002Fa> and also spread the word about it via \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fsharer.php?u=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?url=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>. That helps fellow website owners assess Temporary Login Without Password easily and benefit from it!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Next\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like this plugin then consider checking out our other solutions:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-subscribers\u002F\" rel=\"ugc\">Icegram Express\u003C\u002Fa> – A complete newsletter plugin which lets you collect leads, send automated new blog post notification emails, create & send broadcasts, and also manage them all in one single place.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-mailer\u002F\" rel=\"ugc\">Icegram Mailer\u003C\u002Fa> – Reliable built‑in email delivery for WordPress & WooCommerce with real‑time logs, analytics, and a free 200‑email plan.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram\u002F\" rel=\"ugc\">Icegram Engage\u003C\u002Fa> – Popups, Welcome Bar, Opt-ins & Lead Generation plugin\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-rainmaker\u002F\" rel=\"ugc\">Icegram Collect\u003C\u002Fa> – Best form plugin on WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-manager-for-wp-e-commerce\u002F\" rel=\"ugc\">Smart Manager\u003C\u002Fa> – Manage & Bulk edit Products, Orders & more..\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foffermative-discount-pricing-related-products-upsell-funnels-for-woocommerce\u002F\" rel=\"ugc\">Offermative\u003C\u002Fa> – Dynamic discount pricing, related product recommendations, upsells and funnels for WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fduplicate-post-page-copy-clone-wp\u002F\" rel=\"ugc\">Post \u002F Page Duplicate\u003C\u002Fa> – Ultimate one‑click content duplicator for WordPress, letting you clone posts, pages & custom post types effortlessly\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-cookie-manager\u002F\" rel=\"ugc\">Icegram Cookie Manager\u003C\u002Fa> – Customizable cookie consent banner with privacy policy links and styling options for WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fswitch-user-login-by-icegram\u002F\" rel=\"ugc\">Switch User Login\u003C\u002Fa> – Instantly switch between WordPress user accounts from the admin bar for seamless testing, debugging, and multisite\u002FWooCommerce management\u003C\u002Fp>\n\u003Cp>Also, check our other \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fshop\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=sa_products_upsell&utm_content=readme\" rel=\"nofollow ugc\">Premium WooCommerce plugins.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you use WooCommerce? Our analytics tool \u003Ca href=\"https:\u002F\u002Fwww.putler.com\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=putler_outreach&utm_content=readme\" rel=\"nofollow ugc\">Putler\u003C\u002Fa> will help you enriches your store data. Using Putler, you’ll understand your business better and make profitable decisions quickly.\u003C\u002Fp>\n","Create self-expiring, temporary admin accounts. Easily share direct login links (no need for username\u002Fpassword) with your developers or editors.",100000,1878755,1507,"2025-12-22T11:48:00.000Z","6.8.5","3.0.1","5.3",[107,108,109,110,111],"developer-access","magic-pin","passwordless-login","secure-login","temporary-access","http:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemporary-login-without-password.1.9.7.zip","2021-11-15 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":103,"requires_at_least":128,"requires_php":17,"tags":129,"homepage":133,"download_link":134,"security_score":135,"vuln_count":136,"unpatched_count":13,"last_vuln_date":137,"fetched_at":27},"theme-my-login","Theme My Login","7.1.14","Jeff Farthing","https:\u002F\u002Fprofiles.wordpress.org\u002Fjfarthing84\u002F","\u003Cp>Ever wished that your WordPress login page matched the rest of your site? Your wish has come true! Theme My Login allows you to bypass the default WordPress-branded login page that looks nothing like the rest of your site. Instead, your users will be presented with the login, registration and password recovery pages right within your theme. The best part? It works right out of the box, with no configuration necessary! Take back your login page, WordPress users!\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Have you users log in from the frontend of your site.\u003C\u002Fli>\n\u003Cli>Have your users register from the frontend of your site.\u003C\u002Fli>\n\u003Cli>Have your users recover their password from the frontend of your site.\u003C\u002Fli>\n\u003Cli>Customize the slugs used for login, registration, password recovery and other pages.\u003C\u002Fli>\n\u003Cli>Allow your users to register with only their email.\u003C\u002Fli>\n\u003Cli>Allow your users to set their own passwords upon registration.\u003C\u002Fli>\n\u003Cli>Allow your users to log in using either their email and password, username and password or a combination of the two.\u003C\u002Fli>\n\u003Cli>Allow your users to be logged in automatically after registration with auto-login.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Do More With Extensions\u003C\u002Fh4>\n\u003Cp>Boost your user experience even more with add-on plugins from our \u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\" rel=\"nofollow ugc\">extensions catalog\u003C\u002Fa>. Some of our extensions include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Fredirection\" rel=\"nofollow ugc\">Redirection\u003C\u002Fa> allows you to redirect your users on login, logout and registration based on their role.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Frestrictions\" rel=\"nofollow ugc\">Restrictions\u003C\u002Fa> allows you to restrict posts\u002Fpages, widgets and nav menu items based on a users login status and\u002For role.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Fprofiles\" rel=\"nofollow ugc\">Profiles\u003C\u002Fa> lets your users edit their profile from the frontend of your site.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Fmoderation\" rel=\"nofollow ugc\">Moderation\u003C\u002Fa> allows you to moderate your users by requiring them to confirm their email or by requiring admin approval.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Frecaptcha\" rel=\"nofollow ugc\">reCAPTCHA\u003C\u002Fa> enables Google reCAPTCHA support for your registration and login forms.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthememylogin.com\u002Fextensions\u002Fsocial\" rel=\"nofollow ugc\">Social\u003C\u002Fa> allows you to allow your users to log in to your site using their favorite social providers.\u003C\u002Fli>\n\u003C\u002Ful>\n","The ultimate login branding solution! Theme My Login offers matchless customization of your WordPress user experience!",60000,4310780,74,460,"2025-09-30T14:04:00.000Z","5.4",[130,131,20,21,132],"branding","customize","register","https:\u002F\u002Fthememylogin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-my-login.zip",95,4,"2025-09-26 00:00:00",{"attackSurface":139,"codeSignals":154,"taintFlows":161,"riskAssessment":225,"analyzedAt":231},{"hooks":140,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":13,"unprotectedCount":13},[141,147],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","template_redirect","force_login","force_login.php",32,{"type":142,"name":143,"callback":144,"file":148,"line":149},"trunk\u002Fforce_login.php",33,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":160},[],{"prepared":13,"raw":13,"locations":157},[],{"escaped":13,"rawEcho":13,"locations":159},[],[],[162,189,200,214],{"entryPoint":163,"graph":164,"unsanitizedCount":187,"severity":188},"force_login (force_login.php:34)",{"nodes":165,"edges":183},[166,171,176,180],{"id":167,"type":168,"label":169,"file":145,"line":170},"n0","source","$_SERVER['SERVER_NAME']",46,{"id":172,"type":173,"label":174,"file":145,"line":170,"wp_function":175},"n1","sink","header() [Header Injection]","header",{"id":177,"type":168,"label":178,"file":145,"line":179},"n2","$_SERVER",35,{"id":181,"type":173,"label":174,"file":145,"line":182,"wp_function":175},"n3",52,[184,186],{"from":167,"to":172,"sanitized":185},false,{"from":177,"to":181,"sanitized":185},2,"medium",{"entryPoint":190,"graph":191,"unsanitizedCount":187,"severity":188},"\u003Cforce_login> (force_login.php:0)",{"nodes":192,"edges":197},[193,194,195,196],{"id":167,"type":168,"label":169,"file":145,"line":170},{"id":172,"type":173,"label":174,"file":145,"line":170,"wp_function":175},{"id":177,"type":168,"label":178,"file":145,"line":179},{"id":181,"type":173,"label":174,"file":145,"line":182,"wp_function":175},[198,199],{"from":167,"to":172,"sanitized":185},{"from":177,"to":181,"sanitized":185},{"entryPoint":201,"graph":202,"unsanitizedCount":187,"severity":188},"force_login (trunk\u002Fforce_login.php:35)",{"nodes":203,"edges":211},[204,206,207,209],{"id":167,"type":168,"label":169,"file":148,"line":205},47,{"id":172,"type":173,"label":174,"file":148,"line":205,"wp_function":175},{"id":177,"type":168,"label":178,"file":148,"line":208},36,{"id":181,"type":173,"label":174,"file":148,"line":210,"wp_function":175},53,[212,213],{"from":167,"to":172,"sanitized":185},{"from":177,"to":181,"sanitized":185},{"entryPoint":215,"graph":216,"unsanitizedCount":187,"severity":188},"\u003Cforce_login> (trunk\u002Fforce_login.php:0)",{"nodes":217,"edges":222},[218,219,220,221],{"id":167,"type":168,"label":169,"file":148,"line":205},{"id":172,"type":173,"label":174,"file":148,"line":205,"wp_function":175},{"id":177,"type":168,"label":178,"file":148,"line":208},{"id":181,"type":173,"label":174,"file":148,"line":210,"wp_function":175},[223,224],{"from":167,"to":172,"sanitized":185},{"from":177,"to":181,"sanitized":185},{"summary":226,"deductions":227},"The \"force-user-login-modified\" v1.0 plugin exhibits a seemingly strong security posture based on the provided static analysis.  There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero attack surface.  Furthermore, the code signals indicate a lack of dangerous functions, proper SQL statement preparation, output escaping, file operations, external HTTP requests, nonce checks, and capability checks. This suggests a deliberate effort to avoid common vulnerabilities.  However, the taint analysis reveals four flows with unsanitized paths, all of which were flagged as having no severity. This is a peculiar finding and warrants closer inspection to understand why these paths were not deemed a risk despite being unsanitized.\n\nThe vulnerability history shows no known CVEs for this plugin, which is a positive indicator of its current security status.  The absence of any recorded vulnerabilities, common or otherwise, and the lack of recent issues further contribute to an impression of stability. Despite the positive indicators, the presence of unsanitized paths in the taint analysis, even without a reported severity, introduces a degree of uncertainty. A truly robust security posture would ideally have zero unsanitized paths. Therefore, while the plugin demonstrates good practices in many areas and lacks known vulnerabilities, the unexplained unsanitized paths represent a potential area for deeper investigation.",[228],{"reason":229,"points":230},"Flows with unsanitized paths",5,"2026-04-16T11:14:31.876Z",{"wat":233,"direct":238},{"assetPaths":234,"generatorPatterns":235,"scriptPaths":236,"versionParams":237},[],[],[],[],{"cssClasses":239,"htmlComments":240,"htmlAttributes":241,"restEndpoints":242,"jsGlobals":243,"shortcodeOutput":244},[],[],[],[],[],[],{"error":246,"url":247,"statusCode":248,"statusMessage":249,"message":249},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fforce-user-login-modified\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":251,"versions":252},3,[253,259,266],{"version":254,"download_url":24,"svn_tag_url":255,"released_at":26,"has_diff":185,"diff_files_changed":256,"diff_lines":26,"trac_diff_url":257,"vulnerabilities":258,"is_current":185},"1.0.2","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fforce-user-login-modified\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fforce-user-login-modified%2Ftags%2F1.0.1&new_path=%2Fforce-user-login-modified%2Ftags%2F1.0.2",[],{"version":260,"download_url":261,"svn_tag_url":262,"released_at":26,"has_diff":185,"diff_files_changed":263,"diff_lines":26,"trac_diff_url":264,"vulnerabilities":265,"is_current":185},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-user-login-modified.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fforce-user-login-modified\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fforce-user-login-modified%2Ftags%2F1.0&new_path=%2Fforce-user-login-modified%2Ftags%2F1.0.1",[],{"version":6,"download_url":267,"svn_tag_url":268,"released_at":26,"has_diff":185,"diff_files_changed":269,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":270,"is_current":246},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-user-login-modified.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fforce-user-login-modified\u002Ftags\u002F1.0\u002F",[],[]]