[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWOV3PuxptC2RS-A8w7u7TxrxnfXybIFB6NKAsUMGq3s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":150,"fingerprints":177},"frontier-restrict-backend","Frontier Restrict Backend","1.6.0","finnj","https:\u002F\u002Fprofiles.wordpress.org\u002Ffinnj\u002F","\u003Cp>Frontier Restrict Backend will restrict users from access to the backend (admin area)\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Users without the capability manage_options (Administrators) will not have access to the backend (admin area, and will be redirected to the home url).\u003C\u002Fli>\n\u003Cli>Frontier Restrict Backend allows AJAX call such as upload files, but restricted users will not be allowed to access the backend area.\u003C\u002Fli>\n\u003Cli>Access level chan be changed using a filter – Please see FAQ to allow authors and above to access the back end\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Frontier plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-post\u002F\" rel=\"ugc\">Frontier Post\u003C\u002Fa>  – Complete frontend management of posts\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-query\u002F\" rel=\"ugc\">Frontier Query\u003C\u002Fa>  – Display lists and groupings of posts in post\u002Fpages and widgets.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-buttons\u002F\" rel=\"ugc\">Frontier Buttons\u003C\u002Fa>  – Full control of tinymce toolbars and buttons buttons\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-set-featured\u002F\" rel=\"ugc\">Frontier Set Featured \u003C\u002Fa>  – Set featured image aut. based on post images \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-restrict-media\u002F\" rel=\"ugc\">Frontier Restrict Media \u003C\u002Fa>  – Restrict media access to users own media\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffrontier-restrict-backend\u002F\" rel=\"ugc\">Frontier Restrict Backend \u003C\u002Fa>  – Restrict access to the backend (wp-admin)\u003C\u002Fli>\n\u003C\u002Ful>\n","Frontier Restrict Backend will restrict users from access to the backend (admin area)",100,7280,3,"2023-04-13T14:30:00.000Z","6.2.9","6.1","7.4.33",[19,20,21,22],"access","admin","backend","frontier","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffrontier-restrict-backend","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffrontier-restrict-backend.1.6.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},5,570,30,84,"2026-04-04T21:47:37.433Z",[37,61,83,107,128],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":26,"last_vuln_date":60,"fetched_at":28},"loginizer","Loginizer","2.0.6","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>Loginizer is a WordPress plugin which helps you fight against bruteforce attack by blocking login for the IP after it reaches maximum retries allowed. You can blacklist or whitelist IPs for login using Loginizer. You can use various other features like Two Factor Auth, reCAPTCHA, PasswordLess Login, etc. to improve security of your website.\u003C\u002Fp>\n\u003Cp>Loginizer is actively used by more than 1000000+ WordPress websites.\u003C\u002Fp>\n\u003Cp>You can find our official documentation at \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fdocs\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.com\u002Fdocs\u003C\u002Fa>. We are also active in our community support forums on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Floginizer\" rel=\"ugc\">wordpress.org\u003C\u002Fa> if you are one of our free users. Our Premium Support Ticket System is at \u003Ca href=\"https:\u002F\u002Floginizer.deskuss.com\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.deskuss.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Free Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brute force protection. IPs trying to brute force your website will be blocked for 15 minutes after 3 failed login attempts. After multiple lockouts the IP is blocked for 24 hours. This is the default configuration and can be changed from Loginizer -> Brute force page in WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Failed login attempts logs.\u003C\u002Fli>\n\u003Cli>Blacklist IPs\u003C\u002Fli>\n\u003Cli>Whitelist IPs\u003C\u002Fli>\n\u003Cli>Custom error messages on failed login.\u003C\u002Fli>\n\u003Cli>Permission check for important files and folders.\u003C\u002Fli>\n\u003Cli>Allow only Trusted IP.\u003C\u002Fli>\n\u003Cli>Blocked Screen in place of the Login page.\u003C\u002Fli>\n\u003Cli>Email Notification on successful login.\u003C\u002Fli>\n\u003Cli>Let users login with LinkedIn\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Support and Pro Features\u003C\u002Fh4>\n\u003Cp>Get professional support from our experts and pro features to take your site’s security to the next level with \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fpricing\" rel=\"nofollow ugc\">Loginizer-Security\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Pro Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.\u003C\u002Fli>\n\u003Cli>PasswordLess Login – At the time of Login, the username \u002F email address will be asked and an email will be sent to the email address of that account with a temporary link to login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via App – The user can configure the account with a 2FA App like Google Authenticator, Authy, etc.\u003C\u002Fli>\n\u003Cli>Login Challenge Question – The user can setup a Challenge Question and Answer as an additional security layer. After Login, the user will need to answer the question to complete the login.\u003C\u002Fli>\n\u003Cli>reCAPTCHA – Google’s reCAPTCHA v3\u002Fv2, Cloudflare Turnstile, hCAPTCHA can be configured for the Login screen, Comments Section, Registration Form, etc. to prevent automated brute force attacks. Supports WooCommerce as well.\u003C\u002Fli>\n\u003Cli>Rename Login Page – The Admin can rename the login URL (slug) to something different from wp-login.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename WP-Admin URL – The Admin area in WordPress is accessed via wp-admin. With loginizer you can change it to anything e.g. site-admin\u003C\u002Fli>\n\u003Cli>CSRF Protection – This helps in preventing CSRF attacks as it updates the admin URL with a session string which makes it difficult and nearly impossible for the attacker to predict the URL.\u003C\u002Fli>\n\u003Cli>Rename Login with Secrecy – If set, then all Login URL’s will still point to wp-login.php and users will have to access the New Login Slug by typing it in the browser.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC – An option to simply disable XML-RPC in WordPress. Most of the WordPress users don’t need XML-RPC and can disable it to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename XML-RPC – The Admin can rename the XML-RPC to something different from xmlrpc.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Username Auto Blacklist – Attackers generally use common usernames like admin, administrator, or variations of your domain name \u002F business name. You can specify such username here and Loginizer will auto-blacklist the IP Address(s) of clients who try to use such username(s).\u003C\u002Fli>\n\u003Cli>New Registration Domain Blacklist – If you would like to ban new registrations from a particular domain, you can use this utility to do so.\u003C\u002Fli>\n\u003Cli>Change the Admin Username – The Admin can rename the admin username to something more difficult.\u003C\u002Fli>\n\u003Cli>Auto Blacklist IPs – IPs will be auto blacklisted, if certain usernames saved by the Admin are used to login by malicious bots \u002F users.\u003C\u002Fli>\n\u003Cli>Disable Pingbacks – Simple way to disable PingBacks.\u003C\u002Fli>\n\u003Cli>SSO – Single Sign-on, let any user access to your WordPress Dashboard without the need to share username or password.\u003C\u002Fli>\n\u003Cli>Limit Concurrent Logins – It prevents user to login from different devices concurrently, you can define how many devices you want to allow, and how you want to restrict the user when concurrent limit is reached.\u003C\u002Fli>\n\u003Cli>Social Login – Users can login or register with their Google, Github, Facebook, X (Twitter), Discord, Twitch, LinkedIn, Microsoft with support for WooCommerce and Ultimate Member.\u003C\u002Fli>\n\u003Cli>Key Less Social Login – Use Loginizer’s Social Auth for easy key less Social login configuration, now supports Google, GitHub, X, LinkedIn more to be added later\u003C\u002Fli>\n\u003Cli>Country Blocking – Block IPs from specific countries to restrict access to your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features in Loginizer include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Blocks IP after maximum retries allowed\u003C\u002Fli>\n\u003Cli>Extended Lockout after maximum lockouts allowed\u003C\u002Fli>\n\u003Cli>Email notification to admin after max lockouts\u003C\u002Fli>\n\u003Cli>Blacklist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Whitelist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Check logs of failed attempts\u003C\u002Fli>\n\u003Cli>Create IP ranges\u003C\u002Fli>\n\u003Cli>Delete IP ranges\u003C\u002Fli>\n\u003Cli>Licensed under LGPLv2.1\u003C\u002Fli>\n\u003Cli>Safe & Secure\u003C\u002Fli>\n\u003C\u002Ful>\n","Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.",1000000,29791210,96,1020,"2026-03-02T12:38:00.000Z","6.9.4","3.0","5.5",[19,20,54,38,55],"login","security","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Floginizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floginizer.2.0.6.zip",87,8,"2024-11-04 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":81,"download_link":82,"security_score":71,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"remove-dashboard-access-for-non-admins","Remove Dashboard Access","1.2.1","TrustedLogin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustedlogin\u002F","\u003Cp>The easiest and safest way to restrict access to your WordPress site’s Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn’t have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role\u002Fper-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit Dashboard access to user roles:\n\u003Cul>\n\u003Cli>Admins only\u003C\u002Fli>\n\u003Cli>Admins + editors\u003C\u002Fli>\n\u003Cli>Admins, editors, and authors\u003C\u002Fli>\n\u003Cli>or restrict by specific user capability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Choose your own redirect URL\u003C\u002Fli>\n\u003Cli>Optionally allow users to edit their profiles\u003C\u002Fli>\n\u003Cli>Display a message on the login screen so users know why they’re being redirected\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn’t, and to keep your site’s backend more secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Allow only users with roles or capabilities:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Grant access to user profiles:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won’t be able to access any other sections of the Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show a custom login message:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Supply a message to display on the login screen. Leaving this blank disables the message.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.",30000,467245,92,78,"2024-11-29T20:13:00.000Z","6.7.5","3.1.0","5.3",[19,78,79,54,80],"administration","dashboard","restrict","https:\u002F\u002Fwww.trustedlogin.com\u002Fremove-dashboard-access\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-dashboard-access-for-non-admins.1.2.1.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":74,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":103,"download_link":104,"security_score":71,"vuln_count":105,"unpatched_count":26,"last_vuln_date":106,"fetched_at":28},"simple-admin-language-change","Simple Admin Language Change","2.0.5","Karolina Vyskocilova","https:\u002F\u002Fprofiles.wordpress.org\u002Fvyskoczilova\u002F","\u003Cp>The lightweight plugin extends the default WordPress functionality (user settings in Profile) and pulls out the language selection to the admin bar so you can easily switch between them.\u003C\u002Fp>\n\u003Cp>Do you want help with the development? Join the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvyskoczilova\u002FSimple-Admin-Language-Change\u002F\" rel=\"nofollow ugc\">Github\u003C\u002Fa>!\u003C\u002Fp>\n","Change your dashboard language quickly and easily from the admin bar as often as you need.",10000,84968,94,22,"2024-10-31T16:40:00.000Z","4.7","",[99,21,100,101,102],"admin-language","backend-language","english","localization","http:\u002F\u002Fkybernaut.cz\u002Fpluginy\u002Fsimple-admin-language-change","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-admin-language-change.2.0.5.zip",1,"2021-05-05 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":93,"num_ratings":117,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":126,"download_link":127,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"featured-galleries","Featured Galleries","2.1.0","Andy Mercer","https:\u002F\u002Fprofiles.wordpress.org\u002Fkelderic\u002F","\u003Ch4>Hello Theme Developers!\u003C\u002Fh4>\n\u003Cp>Have you ever added a Featured Image to a post and thought to yourself, “I wish I could add more than one image this way”? Well, now you can. Featured Galleries mirrors the Featured Images functionality of WordPress. The only difference is that posts get an entire gallery rather than just a single image. These galleries behave almost exactly like Featured Images, and make use of  WordPress’s built in Media Manager. Users can select images, define the order, and save the gallery, all through a simple drag-n-drop interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>: This plugin DOES NOT HANDLE THE FRONTEND HTML CREATION. That is left for themes to handle, to allow for maximum flexibility. Featured Galleries just handles the backend\u002Fadmin interface for creating featured galleries and storing them as metadata. You will need to integrate this into your theme, or use a theme with prebuilt integration.\u003C\u002Fp>\n\u003Ch4>Quick Start Guide to Integrate Into Themes\u003C\u002Fh4>\n\u003Cp>\u003Cem>For more information, see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\" rel=\"nofollow ugc\">GitHub Wiki\u003C\u002Fa>\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>I’ve tried to make this as intuitive as possible. Themes can integrate Featured Galleries in the same way they integrate Featured Images. Inside any template file where the gallery should appear, the theme will call the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\u002Fget_post_gallery_ids\" rel=\"nofollow ugc\">\u003Ccode>get_post_gallery_ids()\u003C\u002Fcode>\u003C\u002Fa> function. As long as it is used inside the loop, the function doesn’t need any parameters. By default, it will return an array of image IDs.\u003C\u002Fp>\n\u003Ch4>Example\u003C\u002Fh4>\n\u003Cp>Set inside the Loop. This returns all images in the Featured Gallery, as an array, then loops through to display each using an HTML \u003Ccode>\u003Cimg>\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$galleryArray = get_post_gallery_ids(); \n\nforeach ( $galleryArray as $id ) {\n\n    echo '\u003Cimg src=\"' . wp_get_attachment_url( $id ) .'\">';\n\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also customize the returned value from the function to suit your needs. See the full \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\u002Fget_post_gallery_ids\" rel=\"nofollow ugc\">function documentation\u003C\u002Fa> page for details.\u003C\u002Fp>\n\u003Ch4>Custom Post Types\u003C\u002Fh4>\n\u003Cp>The plugin comes with a filter to easily add Featured Galleries to custom post types. See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\u002Ffg_post_types\" rel=\"nofollow ugc\">\u003Ccode>fg_post_types\u003C\u002Fcode>\u003C\u002Fa> documentation page for details.\u003C\u002Fp>\n\u003Ch4>Customizing the Media Manager\u003C\u002Fh4>\n\u003Cp>The media manager can be customized in sevearl ways. See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\u002Ffg_show_sid℮bar\" rel=\"nofollow ugc\">\u003Ccode>fg_show_sidebar\u003C\u002Fcode>\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FKelderic\u002Ffeatured-galleries\u002Fwiki\u002Ffg_use_legacy_selection\" rel=\"nofollow ugc\">\u003Ccode>fg_use_legacy_selection\u003C\u002Fcode>\u003C\u002Fa> filter documentation pages for details.\u003C\u002Fp>\n\u003Ch4>Want to Help?\u003C\u002Fh4>\n\u003Cp>I’d love some help with internationalization. It was working at one point, but drivingralle did that code because I don’t really understand it, and I’m not sure it’s still working.\u003C\u002Fp>\n","Do you like giving posts a Featured Image? Try out a Featured Gallery. It's like a Featured Images ... except as many images as you want.",3000,37233,20,"2018-08-02T22:31:00.000Z","4.9.29","3.8.0","5.4",[20,21,123,124,125],"featured","galleries","images","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffeatured-galleries\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-galleries.2.1.0.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":136,"downloaded":137,"rating":138,"num_ratings":139,"last_updated":140,"tested_up_to":141,"requires_at_least":142,"requires_php":97,"tags":143,"homepage":148,"download_link":149,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"webmaster-user-role","Simple Client Dashboard","2.1.7.25","TylerDigital","https:\u002F\u002Fprofiles.wordpress.org\u002Ftylerdigital\u002F","\u003Cp>Simple Client Dashboard offers a new “Admin” user role, which fits perfectly between the default WordPress roles for Administrator and Editor access. This allows clients and Webmasters to manage their website content without you having to worry about critical settings or information being removed or adjusted.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Preserve your hard work\u003C\u002Fli>\n\u003Cli>Avoid unexpected messes and troubleshooting sessions\u003C\u002Fli>\n\u003Cli>One-click access restriction\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Incorporate Into Your Clients Site with Ease\u003C\u002Fh3>\n\u003Cp>Getting started with Simple Client Dashboard is a breeze — unlike other full user-role solutions that eat up your time, this one won’t have you scratching your head or testing endlessly. Simply install this on your client’s site right from the get-go and it’s smooth sailing from there.\u003C\u002Fp>\n\u003Cp>There’s little to no setup required, just install Simple Client Dashboard, and you’ll instantly have access to the new “Admin” user role. If you’d like to adjust the “Admin” role, the free plugin offers a clean and tidy interface so that you can make adjustments. And, \u003Ca href=\"https:\u002F\u002Fsimpleclientdashboard.com?utm_source=website&utm_medium=promo-link&utm_campaign=wordpress-org&utm_content=readme\" rel=\"nofollow ugc\">Simple Client Dashboard Pro\u003C\u002Fa>, lets you further customize permissions for more advanced third party plugins.\u003C\u002Fp>\n\u003Ch3>Give Clients and Webmasters The Access They Need\u003C\u002Fh3>\n\u003Cp>Restrict access to only the features and functions they need to manage their site – without breaking it! Restrict their capabilities and permissions just enough to make sure no unexpected problems arise as they begin working on their website.\u003C\u002Fp>\n\u003Ch3>Simple and Clean “Admin” Role Editing Interface\u003C\u002Fh3>\n\u003Cp>The Simple Client Dashboard offers a clean and straightforward editing interface for the new “Admin” role. Effortlessly make updates to the permissions and abilities that your clients have on their websites with a few clicks.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FrIOTZyhDNo8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simple Client Dashboard creates a new user role named “Admin”\u003C\u002Fstrong> which is similar to the default “Administrator” role, but with the following changes:\u003C\u002Fp>\n\u003Ch3>Hides Non-essential and Troublesome WordPress Dashboard Items\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hide the WordPress Settings menu\u003C\u002Fli>\n\u003Cli>Hide the WordPress Plugins menu\u003C\u002Fli>\n\u003Cli>Hide the WordPress Tools menu\u003C\u002Fli>\n\u003Cli>Hide the WordPress Users menu\u003C\u002Fli>\n\u003Cli>Hide the WordPress Appearance > Editor tab\u003C\u002Fli>\n\u003Cli>Disable the theme installation button\u003C\u002Fli>\n\u003Cli>Disable theme-switching buttons\u003C\u002Fli>\n\u003Cli>Disable the WordPress Core Updates button\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(More options in \u003Ca href=\"https:\u002F\u002Fsimpleclientdashboard.com?utm_source=website&utm_medium=promo-link&utm_campaign=wordpress-org&utm_content=readme\" rel=\"nofollow ugc\">Simple Client Dashboard Pro\u003C\u002Fa>)\u003C\u002Fp>\n\u003Ch3>Simple Client Dashboard PRO also provides Third Party Plugin Constraints\u003C\u002Fh3>\n\u003Cp>Upgrade to \u003Ca href=\"https:\u002F\u002Fsimpleclientdashboard.com?utm_source=website&utm_medium=promo-link&utm_campaign=wordpress-org&utm_content=readme\" rel=\"nofollow ugc\">Simple Client Dashboard Pro\u003C\u002Fa> to get even more control over how the Admin role can interact with popular third party plugins.\u003C\u002Fp>\n\u003Cp>Other user role solutions expect you to enter raw code names for permissions or are limited to capabilities that WordPress exposes by default. While Simple Client Dashboard takes it a step further by custom coding beyond standard WordPress permissions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Advanced Custom Fields – Hide ACF menu and settings, including definitions, rules, and fields.\u003C\u002Fli>\n\u003Cli>Custom Post Types – Restrict ability to create Custom Post Types.\u003C\u002Fli>\n\u003Cli>Contact Form 7 – Restrict the ability to create new forms, delete forms, and edit forms but allow the Admin role to view submissions.\u003C\u002Fli>\n\u003Cli>Draw Attention – Restrict ability to add Draw Attention images.\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads – Allow the Admin role to manage products, manage customer payments, manage reports & sales data, and\u002For manage settings\u003C\u002Fli>\n\u003Cli>Five Star Business Profile and Scheme – Hide business profile settings.\u003C\u002Fli>\n\u003Cli>Gravity Forms – Restrict the ability to create new forms, delete forms, and preview forms. Only allow the Admin role to edit forms and view submissions.\u003C\u002Fli>\n\u003Cli>iThemes Security – Hide iThemes security menus and settings.\u003C\u002Fli>\n\u003Cli>Jetpack – Hide the Jetpack stats.\u003C\u002Fli>\n\u003Cli>LearnDash – Restrict permissions to edit courses, assignments, groups and the group leader.\u003C\u002Fli>\n\u003Cli>Ninja Forms – Restrict the ability to import and export forms, manage settings or extensions, and view the system status. Only allow the Admin role to edit forms and view submissions.\u003C\u002Fli>\n\u003Cli>Redirection – Remove permission to manage URL redirection settings.\u003C\u002Fli>\n\u003Cli>Revolution Slider – Restrict access to the Revolution Slider menu.\u003C\u002Fli>\n\u003Cli>Simple Custom CSS – Hide option to add CSS.\u003C\u002Fli>\n\u003Cli>SiteGround Optimizer – Hide the Optimizer settings menu.\u003C\u002Fli>\n\u003Cli>Sucuri Scanner – Hide security scan information.\u003C\u002Fli>\n\u003Cli>TablePress – Hide the TablePress Options screen. Only allow the Admin role to show, edit, import, and export TablePress content.\u003C\u002Fli>\n\u003Cli>The Events Calendar – Restrict the Admin role’s ability to manage and delete events, venues, and organizers.\u003C\u002Fli>\n\u003Cli>WooCommerce – Hide the settings. Only allow the Admin role to edit & view products, coupons, or orders, allow the Admin role to view reports.\u003C\u002Fli>\n\u003Cli>Wordfence – Hide the Wordfence Dashboard Widget\u003C\u002Fli>\n\u003Cli>WordPress Plugins – Restrict ability to install, activate, update, edit, and delete plugins.\u003C\u002Fli>\n\u003Cli>WordPress Themes – Restrict ability to install, update, switch, edit, or delete themes. Only allow the Admin role to edit theme options such as widgets, menus, and the Customizer.\u003C\u002Fli>\n\u003Cli>WP All Import – Remove ability to use WP All Import Settings Menu.\u003C\u002Fli>\n\u003Cli>Yoast SEO – Hide Yoast SEO settings menu and hide the SEO meta box when editing pages\u002Fposts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.7.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Added support for Jetpack Stats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.7.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Added GoPricing Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added Revolution Slider Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added Boss Theme Support\u003C\u002Fli>\n\u003Cli>New: Added Canvas Theme Support\u003C\u002Fli>\n\u003Cli>New: Added Genesis Theme Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.6.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fixed: members_get_capabilities() conflict with Members plugin\u003C\u002Fli>\n\u003Cli>Fixed: CF7 issues with update\u003C\u002Fli>\n\u003Cli>Improved: EDD capabilities\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.6.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Added Ninja Forms Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added LearnDash Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added Envato Toolkit Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added CPTUI Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added Wordfence Plugin Support\u003C\u002Fli>\n\u003Cli>New: Added Google Analytics Plugin by Yoast Support\u003C\u002Fli>\n\u003Cli>New: Added Divi Theme Support\u003C\u002Fli>\n\u003Cli>New: Added NativeChurch Theme Support\u003C\u002Fli>\n\u003Cli>Update: Improved Portuguese Language Support\u003C\u002Fli>\n\u003Cli>Fixed: Contact Form 7 Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.5.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Added Settings link in plugins list\u003C\u002Fli>\n\u003Cli>New: Added Easy Digital Downloads Module\u003C\u002Fli>\n\u003Cli>New: Added iThemes Exchange Module\u003C\u002Fli>\n\u003Cli>New: Added WooCommerce Module\u003C\u002Fli>\n\u003Cli>New: Added Event Espresso Module\u003C\u002Fli>\n\u003Cli>New: Added Events Calendar Module\u003C\u002Fli>\n\u003Cli>New: Added WP All Import Module\u003C\u002Fli>\n\u003Cli>New: Added Siteground SuperCacher Module\u003C\u002Fli>\n\u003Cli>New: Theme support for Avian theme\u003C\u002Fli>\n\u003Cli>New: Theme support for Cardinal theme\u003C\u002Fli>\n\u003Cli>New: Theme support for Ken theme\u003C\u002Fli>\n\u003Cli>New: Theme support for Total theme\u003C\u002Fli>\n\u003Cli>Update: Improved Gravity Forms Module\u003C\u002Fli>\n\u003Cli>Update: Improved i18n\u003C\u002Fli>\n\u003Cli>New: Serbian Language Support\u003C\u002Fli>\n\u003Cli>New: Portuguese Language Support (PT & BR)\u003C\u002Fli>\n\u003Cli>Fix: multisite activation bug with _blogs() function\u003C\u002Fli>\n\u003Cli>Fix: Improve Yoast SEO module\u003C\u002Fli>\n\u003Cli>Fix: Fatal error with CF7 module\u003C\u002Fli>\n\u003Cli>Fix: config array error on Multisite\u003C\u002Fli>\n\u003Cli>Fix: removed Administrator from editable roles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.3.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Improved: Show Yoast metabox when editing pages (still hide settings) by default\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.3.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Hide Users menu (often requested, and really the webmaster user couldn’t do much in this screen anyway)\u003C\u002Fli>\n\u003Cli>New: Add support for ACF5 (hide Custom Fields Menu compatible with new version)\u003C\u002Fli>\n\u003Cli>New: Add support for Contact Form 7\u003C\u002Fli>\n\u003Cli>New: Add support for iThemes Security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.2.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Add support for TablePress [https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftablepress\u002F]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.2.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multisite bugfix: Prevent webmaster from removing users from individual sites\u003C\u002Fli>\n\u003Cli>Multisite bugfix: Stop removing Settings & Tools from network administrator\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.1.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Now hides non-essential dashboard items\u003C\u002Fli>\n\u003Cli>Fixed: Fixes a conflict with Mizzo theme (thanks djesch)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Add support for Sucuri Scanner [https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsucuri-scanner\u002F]\u003C\u002Fli>\n\u003Cli>New: Add support for Advanced Custom Fields [https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-custom-fields\u002F]\u003C\u002Fli>\n\u003Cli>New: Remove tools menu – so webmaster users can’t import\u002Fexport\u002Fmigrate\u002Ffind&replace\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.9\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Add support for Ultimate Branding [http:\u002F\u002Fpremium.wpmudev.org\u002Fproject\u002Fultimate-branding\u002F]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.8\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Improved: Add Gravity Forms edit_forms capability as an option (only allows entry viewing by default) via filter:\u003Cbr \u002F>\nadd_filter( ‘td-webmaster-user-roleoption_cap_gravityforms_edit_forms’, __return_true );\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.7\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Remove settings menu from wp-admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.5\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Remove capability to delete users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.4\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Add “editor” cap for role so plugins checking for “editor” explicitly work\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New: Remove capabiilty to add, edit, promote users\u003C\u002Fli>\n\u003Cli>New: Remove capability to update core\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>2.1.0.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial Release\u003C\u002Fli>\n\u003C\u002Ful>\n","Restrict permissions with Simple Client Dashboard. Our new \"Admin\" user role between Administrator and Editor is perfect for clients and Webmasters.",2000,84659,90,26,"2026-02-10T17:32:00.000Z","7.0","3.5",[20,144,145,146,147],"client","restrict-access","role","user","https:\u002F\u002Fnsquared.io\u002Fwebmaster-user-role\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebmaster-user-role.2.1.7.25.zip",{"attackSurface":151,"codeSignals":163,"taintFlows":170,"riskAssessment":171,"analyzedAt":176},{"hooks":152,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":26,"unprotectedCount":26},[153],{"type":154,"name":155,"callback":156,"file":157,"line":158},"action","init","frontier_restrict_backend","frontier-restrict-backend.php",72,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":105,"bundledLibraries":169},[],{"prepared":26,"raw":26,"locations":166},[],{"escaped":26,"rawEcho":26,"locations":168},[],[],[],{"summary":172,"deductions":173},"The plugin \"frontier-restrict-backend\" v1.6.0 demonstrates a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate a clean codebase with no dangerous functions, file operations, or external HTTP requests. The 100% usage of prepared statements for SQL queries and proper output escaping are excellent security practices. The presence of a capability check is also a positive sign for access control.\n\nThe taint analysis shows zero flows, suggesting that even if there were potential input vectors, they are not leading to any identified security risks. The plugin's vulnerability history is also clean, with no recorded CVEs, which is a testament to either a well-written and secure plugin or a lack of past issues being publicly disclosed. However, the absence of any nonce checks, while not necessarily a direct vulnerability in this specific analysis given the limited entry points, is a general best practice that is missing.\n\nIn conclusion, this plugin appears to be very secure with no immediate critical or high-risk vulnerabilities evident in the static analysis or historical data. The developer has followed good coding practices regarding SQL and output sanitization. The primary area for improvement, though not a current glaring issue based on the data, is the lack of nonce checks, which is a standard security measure in WordPress development.",[174],{"reason":175,"points":31},"Missing nonce checks","2026-03-16T20:43:48.754Z",{"wat":178,"direct":183},{"assetPaths":179,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[],[],[],[],{"cssClasses":184,"htmlComments":185,"htmlAttributes":186,"restEndpoints":187,"jsGlobals":188,"shortcodeOutput":189},[],[],[],[],[],[]]