[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_dBT9QEWge_ZMxt4kXCUVNv3Z3oV6LQHag9wbw3icAI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":131,"fingerprints":199},"gatelink-client","GateLink Client – Passwordless SSO & One‑Click Admin Access","1.8.3","NUMAN RASHEED","https:\u002F\u002Fprofiles.wordpress.org\u002Fnumanrki\u002F","\u003Cp>\u003Cstrong>GateLink Client\u003C\u002Fstrong> is the receiving end of the GateLink ecosystem. It pairs with \u003Cstrong>GateLink Manager\u003C\u002Fstrong> to deliver instant, passwordless admin access to your WordPress sites. Once installed and trusted, it accepts HMAC‑signed login links from your Manager site, validates them, and redirects the user straight to wp‑admin—no passwords, no hassle. Designed for developers, freelancers and site admins who maintain multiple installations, GateLink Client makes it easy to manage trust relationships and keep your sites secure.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Trust Management\u003C\u002Fstrong> – Explicitly approve or revoke which Manager sites can access your admin.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick Connect & Manual Pairing\u003C\u002Fstrong> – Choose between instant pairing or manual shared token setup for finer control.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>HMAC‑Signed Security\u003C\u002Fstrong> – Enforces HMAC‑SHA256 signatures with TTL and replay protection for every login URL.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Health Monitoring\u003C\u002Fstrong> – Provides a REST endpoint for status checks, so you know when connections are healthy.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Logs\u003C\u002Fstrong> – Tracks connection attempts and logins for auditing and troubleshooting.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessible Admin Interface\u003C\u002Fstrong> – Built with modern design and accessibility support for a seamless user experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Establish Trust\u003C\u002Fstrong> – Generate a Shared Token in the Manager and paste it under \u003Cstrong>GateLink Client \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Trusted Manager\u003C\u002Fstrong>.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Validate Links\u003C\u002Fstrong> – When the Manager issues a login link, the Client verifies the HMAC signature and checks the timestamp.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Login\u003C\u002Fstrong> – Upon successful validation, the user is logged into wp‑admin without needing credentials.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Expire & Revoke\u003C\u002Fstrong> – Links expire after two minutes and can only be used once; you can revoke trust anytime via the admin interface.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Short‑lived Tokens\u003C\u002Fstrong> – Login URLs are valid for only a couple of minutes to minimize exposure.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server‑Side Signing\u003C\u002Fstrong> – All signatures are generated on the Manager; the Client never stores admin passwords.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTTPS Recommended\u003C\u002Fstrong> – Run both Manager and Client over HTTPS and avoid caching login requests.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Peer‑to‑Peer Communication\u003C\u002Fstrong> – The Client only exchanges data (site info, tokens, timestamps) with your Manager sites; no third parties are involved.\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure, zero‑config SSO for WordPress sites—validate HMAC‑signed links and log users into wp‑admin automatically.",0,159,"2025-10-17T08:15:00.000Z","6.8.5","6.3","8.0",[18,19,20,21,22],"admin-login","one-click-login","passwordless","security","single-sign-on","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgatelink-client.1.8.3.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":33,"computed_at":35},"numanrki",3,550,99,1,"2026-04-04T11:19:38.148Z",[37,49,73,92,112],{"slug":38,"name":39,"version":6,"author":7,"author_profile":8,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":11,"num_ratings":11,"last_updated":44,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":45,"homepage":23,"download_link":48,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gatelink-manager","GateLink Manager – Secure One‑Click Admin Login & WordPress SSO","\u003Cp>\u003Cstrong>GateLink Manager\u003C\u002Fstrong> pairs with the companion GateLink Client to deliver secure, zero‑config single sign‑on for WordPress. Skip copying credentials across sites: connect your hub to client sites and teleport into their dashboards with a single click. Whether you’re a developer, freelancer or agency managing many installations, GateLink saves time and reduces risk by using cryptographically signed links that expire within minutes.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Zero‑config, one‑click login\u003C\u002Fstrong> – Jump straight into any connected site’s wp‑admin without passwords.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Passwordless SSO & HMAC security\u003C\u002Fstrong> – Each login URL is HMAC‑signed and valid for only a short time.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi‑site management\u003C\u002Fstrong> – Add, edit, delete, verify and log in to client sites from a single dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free plan included\u003C\u002Fstrong> – Manage up to 3 sites at no cost; upgrade to Pro (20 sites) or Business (unlimited) when needed.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built‑in logs & metrics\u003C\u002Fstrong> – View connection history and lightweight stats right from the dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong> – Responsive admin interface styled with Tailwind, tuned for accessibility and ease of use.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Add a site\u003C\u002Fstrong> – Enter the client’s base URL on your Manager dashboard.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share a token\u003C\u002Fstrong> – Create or paste the Shared Token in Manager; paste the same token in the Client’s “Trusted Manager” screen.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Verify & trust\u003C\u002Fstrong> – Click \u003Cstrong>Verify\u003C\u002Fstrong> to perform a health check and establish trust.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login\u003C\u002Fstrong> – Click \u003Cstrong>Login\u003C\u002Fstrong>; a short‑lived, HMAC‑signed URL opens the client site in a new tab, validates the signature and redirects to \u003Ccode>\u002Fwp-admin\u003C\u002Fcode>.  \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Security & Privacy\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cryptographically signed tokens\u003C\u002Fstrong> – All login links use HMAC‑SHA256 signatures with nonce‑based replay protection.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time‑limited links\u003C\u002Fstrong> – Tokens expire after a few minutes to reduce attack windows.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>No stored credentials\u003C\u002Fstrong> – GateLink never stores your admin passwords; only minimal metadata and logs are kept locally.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTTPS required\u003C\u002Fstrong> – Both Manager and Client sites must run over HTTPS; allow‑list the login query parameters (\u003Ccode>gatelink_login\u003C\u002Fcode>, \u003Ccode>cid\u003C\u002Fcode>, \u003Ccode>ts\u003C\u002Fcode>, \u003Ccode>sig\u003C\u002Fcode>) in security\u002FCDN tools if necessary.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plans & Licensing\u003C\u002Fh3>\n\u003Cp>GateLink is free to use for up to three client sites. Professional and Business plans unlock higher site limits and additional support options. Licensing is handled through Freemius; no license key is required for the free tier.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>GateLink communicates only with other WordPress sites that have the GateLink Client plugin installed. Data exchanged includes site URLs, shared tokens, and connection timestamps. Licensing and support are provided via the Freemius service; activating a paid license sends your site domain, license key, and environment info to Freemius for validation.\u003C\u002Fp>\n","Secure, passwordless admin access for multiple WordPress sites—one‑click, HMAC‑signed SSO for remote wp‑admin login.",50,541,"2025-10-14T13:42:00.000Z",[46,47,19,20,22],"admin-access","multi-site","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgatelink-manager.1.8.3.zip",{"slug":50,"name":51,"version":52,"author":53,"author_profile":54,"description":55,"short_description":56,"active_installs":57,"downloaded":58,"rating":59,"num_ratings":60,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":64,"tags":65,"homepage":23,"download_link":69,"security_score":70,"vuln_count":71,"unpatched_count":11,"last_vuln_date":72,"fetched_at":27},"auth0","Login by Auth0","4.6.2","Auth0","https:\u002F\u002Fprofiles.wordpress.org\u002Fauth0\u002F","\u003Cp>This plugin replaces standard WordPress login forms with one powered by \u003Ca href=\"https:\u002F\u002Fauth0.com\" rel=\"nofollow ugc\">Auth0\u003C\u002Fa> that enables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Universal authentication\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Over 30 social login providers\u003C\u002Fli>\n\u003Cli>Enterprise connections (ADFS, Active Directory \u002F LDAP, SAML, Office 365, Google Apps and more)\u003C\u002Fli>\n\u003Cli>Connect your own database\u003C\u002Fli>\n\u003Cli>Passwordless connections (using email or SMS)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra secure\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Multifactor authentication\u003C\u002Fli>\n\u003Cli>Password policies\u003C\u002Fli>\n\u003Cli>Email validation\u003C\u002Fli>\n\u003Cli>Mitigate brute force attacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>IMPORTANT\u003C\u002Fstrong>: By using this plugin you are delegating the site authentication and profile handling to Auth0. That means that you won’t be using the WordPress database to authenticate users and the default WordPress login forms will be replaced.\u003C\u002Fp>\n\u003Cp>Please see our \u003Ca href=\"https:\u002F\u002Fauth0.com\u002Fdocs\u002Fcms\u002Fwordpress\u002Fhow-does-it-work\" rel=\"nofollow ugc\">How It Works page\u003C\u002Fa> for more information on how Auth0 authenticates and manages your users.\u003C\u002Fp>\n\u003Ch4>Migrating Existing Users\u003C\u002Fh4>\n\u003Cp>Auth0 allows multiple authentication providers. You can have social providers like Facebook, Twitter, Google+, and more, a database of users and passwords (just like WordPress but hosted in Auth0), or you can use an Enterprise directory like Active Directory, LDAP, Office365, Google Apps, or SAML. All those authentication providers might give you an email and a flag indicating whether the email was verified or not. We use that email (only if it is verified) to associate a previous \u003Cstrong>existing\u003C\u002Fstrong> user with the one coming from Auth0.\u003C\u002Fp>\n\u003Cp>If the email was not verified and there is an account with that email in WordPress, the user will be presented with a page saying that the email was not verified and a link to “Re-send the verification email.” For either scenario, you can choose whether it is mandatory that the user has a verified email or not in the plugin settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please note:\u003C\u002Fstrong> In order for a user to log in using Auth0, they will need to sign up via the Auth0 login form (or have an account created for them in Auth0). Once signup is complete, their Auth0 user will be automatically associated with their WordPress user.\u003C\u002Fp>\n\u003Ch4>Widget\u003C\u002Fh4>\n\u003Cp>You can enable Auth0 as a WordPress widget in order to show it in a sidebar. The widget inherits the main plugin settings but can be overridden with its own settings in the widget form. Note: this form will not display for logged-in users.\u003C\u002Fp>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cp>Also, you can use the Auth0 widget as a shortcode in your editor. Just add the following to use the global settings:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[auth0]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Like widgets, shortcode login forms will use the settings of the plugin. It can be customized by adding the following attributes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>icon_url\u003C\u002Fcode> – A direct URL to an image used at the top of the login form\u003C\u002Fli>\n\u003Cli>\u003Ccode>form_title\u003C\u002Fcode> – Text to appear at the top of the login form\u003C\u002Fli>\n\u003Cli>\u003Ccode>gravatar\u003C\u002Fcode> – Display the user’s Gravatar; set to \u003Ccode>1\u003C\u002Fcode> for yes\u003C\u002Fli>\n\u003Cli>\u003Ccode>redirect_to\u003C\u002Fcode> – A direct URL to use after successful login\u003C\u002Fli>\n\u003Cli>\u003Ccode>dict\u003C\u002Fcode> – Valid JSON to override form text (\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fauth0\u002Flock\u002Fblob\u002Fmaster\u002Fsrc\u002Fi18n\u002Fen.js\" rel=\"nofollow ugc\">see options here\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>extra_conf\u003C\u002Fcode> – Valid JSON to override Lock configuration (\u003Ca href=\"https:\u002F\u002Fauth0.com\u002Fdocs\u002Flibraries\u002Flock\u002Fv11\u002Fconfiguration\" rel=\"nofollow ugc\">see options here\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>show_as_modal\u003C\u002Fcode> – Display a button that triggers the login form in a modal; set to \u003Ccode>1\u003C\u002Fcode> for yes\u003C\u002Fli>\n\u003Cli>\u003Ccode>modal_trigger_name\u003C\u002Fcode> – Button text to display when using a modal\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[auth0 show_as_modal=\"1\" modal_trigger_name=\"Login button: This text is configurable!\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Note: this form will not display for logged-in users.\u003C\u002Fp>\n","Login by Auth0 provides improved username\u002Fpassword login, Passwordless login, Social login and Single Sign On for all your sites.",10000,253954,62,18,"2024-07-12T16:57:00.000Z","6.5.8","6.5.5","7.4",[66,67,21,22,68],"authentication","multi-factor","social","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauth0.4.6.2.zip",83,7,"2024-07-09 00:00:00",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":25,"downloaded":81,"rating":82,"num_ratings":31,"last_updated":83,"tested_up_to":62,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":89,"download_link":90,"security_score":91,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"biometric-authentication","Biometric Authentication","0.3.8","Ivan Kristianto","https:\u002F\u002Fprofiles.wordpress.org\u002Fivankristianto\u002F","\u003Cp>This innovative plugin introduces passkey login to your WordPress experience. No more struggling to remember complex passwords.\u003Cbr \u002F>\nSimply use your fingerprint, face ID, or a secure PIN to log in with ease. You can still use your username and password to login to your site as fallback.\u003C\u002Fp>\n\u003Ch3>Enhanced Security, Frictionless Access:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Effortless Login: Unlock the power of passkeys for a smooth and secure login experience.\u003C\u002Fli>\n\u003Cli>Superior Security: Passkeys offer enhanced protection against breaches compared to traditional passwords.\u003C\u002Fli>\n\u003Cli>Convenience at Your Fingertips: Enjoy the freedom of logging in with your biometrics or a secure PIN.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>GitHub Repository\u003C\u002Fh3>\n\u003Cp>You can find the source code of this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fivankristianto\u002Fwp-passkey\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Passkeys are a safer and easier alternative to passwords. Simply use your fingerprint or face ID to log in with ease.",2889,94,"2024-05-01T04:23:00.000Z","6.1","8.1",[66,87,88,20,21],"biometric","passkey","https:\u002F\u002Fgithub.com\u002Fivankristianto\u002Fwp-passkey\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbiometric-authentication.0.3.8.zip",92,{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":25,"num_ratings":34,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":109,"download_link":110,"security_score":111,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"magiclabs","Login by Magic","1.0.4","Magic","https:\u002F\u002Fprofiles.wordpress.org\u002Fmagiclabs\u002F","\u003Cp>This plugin replaces the standard WordPress login form with one powered by \u003Ca href=\"https:\u002F\u002Fmagic.link\" rel=\"nofollow ugc\">Magic\u003C\u002Fa> that enables passwordless email magic link login.\u003C\u002Fp>\n\u003Cp>Magic offers passwordless authentication and cryptographically secured user identity to your applications. With just a few lines of code, your application’s security is instantaneously upgraded, and your end users can enjoy a future-proof and blockchain-enabled login solution.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fmagic.link\" rel=\"nofollow ugc\">https:\u002F\u002Fmagic.link\u003C\u002Fa> to learn more.\u003C\u002Fp>\n","Login by Magic plugin replaces the standard WordPress login form with one powered by Magic that enables passwordless email magic link login.",20,2392,"2022-08-29T22:06:00.000Z","5.8.13","5.5.1","7.3",[66,107,108,20,21],"login","magiclink","https:\u002F\u002Fgithub.com\u002Fmagiclabs\u002Fwp-magic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmagiclabs.zip",85,{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":101,"rating":11,"num_ratings":11,"last_updated":23,"tested_up_to":121,"requires_at_least":122,"requires_php":123,"tags":124,"homepage":128,"download_link":129,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":130},"magic-link","Magic Link – Secure one click passwordless login","1.2.3","KaizenCoders","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaizencoders\u002F","\u003Cp>Say goodbye to forgotten passwords. Enable a secure, passwordless login experience for your WordPress site using email, SMS, or QR code magic links.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Magic Link\u003C\u002Fstrong> makes traditional passwords a thing of the past. Instead of logging in with a username and password, users can log in simply by clicking a secure link sent to their email or phone. It’s quick, safe, and incredibly user-friendly.\u003C\u002Fp>\n\u003Cp>Perfect for membership sites, WooCommerce stores, community forums, or any site that wants to simplify user authentication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Core Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>👉 \u003Cstrong>Passwordless Login\u003C\u002Fstrong>\u003Cbr \u002F>\n  No more password resets or weak password risks.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Email Magic Links\u003C\u002Fstrong>\u003Cbr \u002F>\n  A unique, expirable login link is emailed to users.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Force Magic Link Login\u003C\u002Fstrong>\u003Cbr \u002F>\n  Option to set Magic Link the default login method.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Auto-login Links\u003C\u002Fstrong>\u003Cbr \u002F>\n  Automatically log in users via links in notification emails for quicker actions.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>User-Friendly UX\u003C\u002Fstrong>\u003Cbr \u002F>\n  Especially helpful for non-technical users or mobile-first visitors.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Redirect After Login\u003C\u002Fstrong>\u003Cbr \u002F>\n  Send users to a specific page after they log in.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Create Magic Link for any user\u003C\u002Fstrong>\u003Cbr \u002F>\n  Admin can create Magic Link for any user.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>List All Magic Links\u003C\u002Fstrong>\u003Cbr \u002F>\n  Admin can view all generated Magic Links.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Bulk Delete Magic Links\u003C\u002Fstrong>\u003Cbr \u002F>\n  Select multiple Magic Links and delete in bulk.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Shortcode Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  Add magic link login forms anywhere on your site with \u003Ccode>[magic-link]\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Customizable Expiry\u003C\u002Fstrong>\u003Cbr \u002F>\n  Set how long magic links remain valid (minutes, hours, days).\u003C\u002Fp>\n\u003Cp>👉\u003Cstrong>CLI Ready\u003C\u002Fstrong>\u003Cbr \u002F>\n  Control plugin settings and features via WP-CLI.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Fully Configurable [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Export\u002Fimport\u002Freset settings with ease.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>GDPR Compliant\u003C\u002Fstrong>\u003Cbr \u002F>\n  No personal data is stored beyond what WordPress already collects.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>🔐 Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>👉 \u003Cstrong>Login URL Redirection\u003C\u002Fstrong>\u003Cbr \u002F>\n  Redirect users to specific pages after login\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Role based redirection\u003C\u002Fstrong>\u003Cbr \u002F>\n  Redirect users to specific pages after login\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Login Attempt Limits\u003C\u002Fstrong>\u003Cbr \u002F>\n  Set limits on magic link generation\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Custom Email Templates\u003C\u002Fstrong>\u003Cbr \u002F>\n  Customize email design and content.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Improved Security\u003C\u002Fstrong>\u003Cbr \u002F>\n  Avoid brute-force attacks and phishing risks related to password use.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>IP Control\u003C\u002Fstrong>\u003Cbr \u002F>\n  Enhance the security by restricting users to login from the same IP address that requested the link.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Login Request Throttling\u003C\u002Fstrong>\u003Cbr \u002F>\n  Limit login URL generation for the given time span.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Brute Force Protection\u003C\u002Fstrong>\u003Cbr \u002F>\n  Limit rate of login attempts and block IP temporarily.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Domain Restriction\u003C\u002Fstrong>\u003Cbr \u002F>\n  Restrict email domains that can use the magic link login feature.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Bulk Actions: Expire, Used Links\u003C\u002Fstrong>\u003Cbr \u002F>\n  Mark Magic Links as \u003Ccode>Expired\u003C\u002Fcode>, \u003Ccode>Used\u003C\u002Fcode> in bulk.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Support \u003Ccode>{magic-link}\u003C\u002Fcode> merge tag\u003C\u002Fstrong>\u003Cbr \u002F>\n  One can use \u003Ccode>{magic-link}\u003C\u002Fcode> merge tag in outgoing emails to auto generate Magic Link for the recipient. Useful for quick checkout, quick access to courses and other usecases where login is required.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>SMS Magic Links [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Send login links via SMS text messages.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>QR Code Login [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Generate QR codes for easy mobile login.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Device Restrictions [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Limit logins to specific devices\u002Fbrowsers.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Role-Based Access [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Control which user roles can use magic links.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Analytics & Reporting [Coming Soon]\u003C\u002Fstrong>\u003Cbr \u002F>\n  Track magic link usage and patterns.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Priority Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  Get expert help when you need it.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Integrations\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>👉 \u003Cstrong>WooCommerce Integration\u003C\u002Fstrong>\u003Cbr \u002F>\n  Seamless checkout experience for returning customers.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>A user enters their email address on the login screen.\u003C\u002Fli>\n\u003Cli>A one-time, time-sensitive login link is emailed to them.\u003C\u002Fli>\n\u003Cli>They click the link and are instantly logged into your site — no password needed!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Does Magic Link speak your language? If not, \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fmagic-link\u002F\" rel=\"nofollow ugc\">translate “Magic Link” into your language\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>DO YOU HAVE ANY QUESTIONS\u002F FEEDBACK\u002F FEATURE REQUEST\u002F BUG REPORT❓\u003C\u002Fh3>\n\u003Cp>Feel free to create a ticket \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmagic-link\u002F\" rel=\"ugc\">here\u003C\u002Fa>. We love to communicate with you and reply to all your queries.\u003C\u002Fp>\n\u003Ch3>Spread The Word ❤️\u003C\u002Fh3>\n\u003Cp>If you like Magic Link, please leave us a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmagic-link\u002Freviews\u002F#new-post\" rel=\"ugc\">⭐⭐⭐⭐⭐\u003C\u002Fa> review and also spread the word about it via Facebook and Twitter. That helps fellow website owners assess Social Linkz easily and benefit from it!\u003C\u002Fp>\n\u003Ch3>What’s Next\u003C\u002Fh3>\n\u003Cp>If you like this plugin then consider checking out our other solutions:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Furl-shortify\u002F\" rel=\"ugc\">URL Shortify\u003C\u002Fa> – Simple, Powerful, and Easy URL Shortener Plugin For WordPress.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>URL Shortify helps you beautify, manage, and share any URL on or off of your WordPress website. Create links that look how you want using your domain name! It’s a Simple, Easy & Elegant self hosted alternative to Bitly, TinyURL, Cuttly, Pretty Links, URL Shortener By My Theme Shop, Rebrandly, BL.Link, Short.io, and many other SaaS URL Shortener services.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fupdate-urls\u002F\" rel=\"ugc\">Update URLs\u003C\u002Fa> – Quick and Easy way to search old links and replace them with new links in WordPress.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>If you move your WordPress website to a new domain name, you will find that internal links to pages and references to images are not updated. Instead, these links and references will point to your old domain name. Update URLs fixes that problem by helping you change old urls and links in your website.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogify\u002F\" rel=\"ugc\">Logify\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Logify is a comprehensive logging and monitoring plugin for WordPress that helps you keep track of various activities and events on your website. It provides detailed logs of user actions, system events, and errors, allowing you to monitor and troubleshoot your site effectively.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsocial-linkz\u002F\" rel=\"ugc\">Social Linkz\u003C\u002Fa> – Lightweight and fast social media sharing plugin\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Futilitify\u002F\" rel=\"ugc\">Utilitify\u003C\u002Fa> – Supercharge Your WordPress Site With Power Pack WordPress Utilities\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>It’s a simple & neat plugin which helps you to customize your WordPress setup in a very elegant way.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Secure one click passwordless login",10,"6.9.4","6.7","5.6",[125,107,126,19,127],"email-login","magic-login","passwordless-login","https:\u002F\u002Fkaizencoders.com\u002Fmagic-link","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmagic-link.1.2.3.zip","2026-03-15T10:48:56.248Z",{"attackSurface":132,"codeSignals":185,"taintFlows":194,"riskAssessment":195,"analyzedAt":198},{"hooks":133,"ajaxHandlers":181,"restRoutes":182,"shortcodes":183,"cronEvents":184,"entryPointCount":11,"unprotectedCount":11},[134,140,145,149,153,157,161,165,169,173,177],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","plugins_loaded","closure","gatelink-client.php",48,{"type":135,"name":141,"callback":142,"file":143,"line":144},"init","init_hooks","includes\\class-plugin.php",31,{"type":135,"name":146,"callback":147,"file":143,"line":148},"rest_api_init","register_routes",32,{"type":135,"name":150,"callback":151,"file":143,"line":152},"admin_menu","register_menu",33,{"type":135,"name":154,"callback":155,"file":143,"line":156},"admin_enqueue_scripts","enqueue_assets",34,{"type":135,"name":158,"callback":159,"file":143,"line":160},"admin_post_gatelink_client_allow","handle_allow",35,{"type":135,"name":162,"callback":163,"file":143,"line":164},"admin_post_gatelink_client_block","handle_block",36,{"type":135,"name":166,"callback":167,"file":143,"line":168},"admin_post_gatelink_client_delete","handle_delete",37,{"type":135,"name":170,"callback":171,"file":143,"line":172},"template_redirect","handle_sso_login_request",38,{"type":135,"name":174,"callback":175,"file":143,"line":176},"parse_request","handle_sso_login_parse_request",40,{"type":178,"name":179,"callback":137,"file":143,"line":180},"filter","query_vars",56,[],[],[],[],{"dangerousFunctions":186,"sqlUsage":187,"outputEscaping":189,"fileOperations":11,"externalRequests":11,"nonceChecks":31,"capabilityChecks":192,"bundledLibraries":193},[],{"prepared":11,"raw":11,"locations":188},[],{"escaped":190,"rawEcho":11,"locations":191},42,[],4,[],[],{"summary":196,"deductions":197},"The \"gatelink-client\" v1.8.3 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code adheres to good security practices by demonstrating 100% proper output escaping and exclusively using prepared statements for SQL queries.  The presence of nonce and capability checks, although limited in number, indicates an awareness of authentication and authorization mechanisms.\n\nNo critical or high severity taint flows were found, and the plugin has no recorded vulnerability history, suggesting it has been developed with security in mind and has not suffered from known exploits. This lack of historical vulnerabilities and a minimal attack surface are positive indicators. However, it's important to note that the analysis of 0 taint flows means there's no explicit evidence of vulnerabilities being *checked for* via taint analysis, only that none were *found*. The limited number of nonce and capability checks could potentially be a concern if the plugin were to introduce more complex functionalities in the future that interact with WordPress core or other plugins.\n\nIn conclusion, \"gatelink-client\" v1.8.3 appears to be a secure plugin with robust coding practices. The most significant strength is its effectively zero attack surface and clean code. The primary area for consideration is the potential for undiscovered vulnerabilities due to the absence of taint flow analysis results and the limited application of security checks, though the current data provides no direct evidence of this. The absence of any historical vulnerabilities is a strong positive signal.",[],"2026-03-17T06:46:24.113Z",{"wat":200,"direct":209},{"assetPaths":201,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[202,203],"\u002Fwp-content\u002Fplugins\u002Fgatelink-client\u002Fassets\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fgatelink-client\u002Fassets\u002Fadmin.js",[],[203],[207,208],"gatelink-client\u002Fassets\u002Fadmin.css?ver=","gatelink-client\u002Fassets\u002Fadmin.js?ver=",{"cssClasses":210,"htmlComments":220,"htmlAttributes":221,"restEndpoints":223,"jsGlobals":225,"shortcodeOutput":227},[4,211,212,213,214,215,216,217,218,219],"gatelink-copy-input","gatelink-copy-button","gatelink-connection-info-table","gatelink-fetch-managers","gatelink-manual-add","gatelink-state","gatelink-state-active","gatelink-state-pending","gatelink-state-blocked",[],[222],"data-copy-text",[224],"\u002Fwp-json\u002Fgatelink\u002Fv1\u002Ftrust-manager",[226],"gatelink_client_vars",[]]