[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwRDZ7V17C6mpfvb4zLPQv3wkWTQ0w4rwoM0VEPEgDU8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":143,"fingerprints":239},"geek-mail-whitelist","Geek Mail Whitelist","1.0.0","gongwan33","https:\u002F\u002Fprofiles.wordpress.org\u002Fgongwan33\u002F","\u003Cul>\n\u003Cli>Allow certain kinds of users to register to your WordPress site by adding whitelist rules. \u003C\u002Fli>\n\u003Cli>Super simple to use. The whole plugin just has one simple settings page.\u003C\u002Fli>\n\u003Cli>Support regular expression rules.\u003C\u002Fli>\n\u003Cli>Completely free.\u003C\u002Fli>\n\u003C\u002Ful>\n","Allow users with certain emails to register to your WordPress site by adding whitelist rules.",0,1595,"","5.1.0","3.9",[17,18,19,20],"email","email-whitelist","registration","spam","https:\u002F\u002Fgeekblog.mybluemix.net\u002Farchives\u002F731","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgeek-mail-whitelist.zip",100,null,"2026-03-15T14:44:11.924Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},3,10,95,30,91,"2026-04-04T05:58:41.012Z",[35,60,84,103,123],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":59},"customer-email-verification-for-woocommerce","Customer Email Verification for WooCommerce","2.6.9","Zorem","https:\u002F\u002Fprofiles.wordpress.org\u002Fzorem\u002F","\u003Cp>Secure WooCommerce registrations with OTP-based email verification, reducing spam and ensuring only valid email addresses are used.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>🔑 OTP-Based Email Verification:\u003C\u002Fstrong> Customers must verify their email with an OTP before completing registration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📩 Email Verification Popup:\u003C\u002Fstrong> The verification popup appears instantly after entering an email address and clicking the verify button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>❌ No Account Creation Without Verification:\u003C\u002Fstrong> Users cannot create an account unless they verify their email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🎨 Customizable Verification Popup:\u003C\u002Fstrong> Modify the popup’s design and messages to match your brand.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>✉️ Customizable Verification Email:\u003C\u002Fstrong> Customize the OTP email template, subject, and message.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔄 Resend OTP Option:\u003C\u002Fstrong> Customers can resend the OTP if they didn’t receive the initial email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🛠 Admin Verification Control:\u003C\u002Fstrong> View and manage email verification statuses from the WordPress admin panel.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔓 Role-Based Verification Skipping:\u003C\u002Fstrong> Skip email verification for selected user roles. Redirect users to any page after successful email verification.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>Customer Email Verification for WooCommerce is built to integrate smoothly with plugins that follow WooCommerce’s standard registration and checkout templates. It also works with various social media login plugins, providing flexibility and convenience for users.\u003C\u002Fp>\n\u003Cp>The following plugins have been tested and confirmed to be fully compatible:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Checkout WC\u003C\u002Fli>\n\u003Cli>WooCommerce Social Login\u003C\u002Fli>\n\u003Cli>Nextend Social Login and Register\u003C\u002Fli>\n\u003Cli>WooCommerce Memberships\u003C\u002Fli>\n\u003Cli>WooCommerce Checkout & Funnel Builder by CartFlows\u003C\u002Fli>\n\u003Cli>Affiliate For WooCommerce\u003C\u002Fli>\n\u003Cli>Smart Manager\u003C\u002Fli>\n\u003Cli>Cashier\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For a complete list of compatible plugins and more details, please visit our \u003Ca href=\"https:\u002F\u002Fdocs.zorem.com\u002Fdocs\u002Fcustomer-email-verification-pro\u002Fcompatibility\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>We also offer a Pro version!\u003C\u002Fh3>\n\u003Ch3>Customer Email Verification PRO\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>📦 OTP Verification for Checkout:\u003C\u002Fstrong> Enforce email verification for guest users before completing a purchase.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🛍️ Enable Checkout Verification:\u003C\u002Fstrong> Choose to verify emails on the cart page or only for free orders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔢 OTP Length Customization:\u003C\u002Fstrong> Select between 4-digit or 6-digit OTP codes for verification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>⏳ OTP Expiration Control:\u003C\u002Fstrong> Set expiration time for OTPs (e.g., 72 hours) to enhance security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔄 Verification Email Resend Limit:\u003C\u002Fstrong> Restrict the number of OTP resend attempts to prevent abuse.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔐 Login Authentication Options:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Notify users when they log in from a new device or browser.\u003C\u002Fli>\n\u003Cli>Require OTP verification for logins from an unrecognized device, location, or after a set period.\u003C\u002Fli>\n\u003Cli>Define specific conditions for unrecognized logins, such as logging in from a new device or a location not used before.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🛠 Advanced Customization:\u003C\u002Fstrong> More control over email templates and verification popups.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fcustomer-email-verification\u002F\" rel=\"nofollow ugc\">Get CEV PRO >\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Other Plugins by zorem\u003C\u002Fh3>\n\u003Cp>Optimize your WooCommerce store with our plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002Fproduct\u002Fwoocommerce-advanced-shipment-tracking\u002F\" rel=\"nofollow ugc\">Advanced Shipment Tracking Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-local-pickup-pro\u002F\" rel=\"nofollow ugc\">Zorem Local Pickup Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fsms-for-woocommerce\u002F\" rel=\"nofollow ugc\">SMS for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fcountry-based-restriction-for-woocommerce\u002F\" rel=\"nofollow ugc\">Country Based Restriction for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fsales-by-country-for-woocommerce\u002F\" rel=\"nofollow ugc\">Sales By Country for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fzorem-returns\u002F\" rel=\"nofollow ugc\">Zorem Returns\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Femail-reports-for-woocommerce\u002F\" rel=\"nofollow ugc\">Email Reports for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzorem.com\u002Fplugins\u002Fview-as-customer-for-woocommerce\u002F\" rel=\"nofollow ugc\">View as Customer for WooCommerce\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Explore more at \u003Ca href=\"https:\u002F\u002Fwww.zorem.com\u002F\" rel=\"nofollow ugc\">zorem.com\u003C\u002Fa>\u003C\u002Fp>\n","Secure WooCommerce registrations with OTP-based email verification, reducing spam and ensuring only valid email addresses are used.",2000,62784,88,19,"2026-02-17T05:37:00.000Z","6.9.4","5.3","7.2",[52,53,54,55,56],"customer-verification","email-address-verification","registration-verification","woocommerce","woocommerce-signup-spam","https:\u002F\u002Fwww.zorem.com\u002Fproducts\u002Fcustomer-email-verification-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomer-email-verification-for-woocommerce.2.6.9.zip","2026-03-15T15:16:48.613Z",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":23,"num_ratings":28,"last_updated":70,"tested_up_to":48,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":11,"last_vuln_date":83,"fetched_at":59},"reoon-email-verifier","Reoon Email Verifier","2.1.1","Reoon Technology","https:\u002F\u002Fprofiles.wordpress.org\u002Freoon\u002F","\u003Cp>Reoon Email Verifier offers a robust solution for verifying email addresses in real-time, protecting your site from spam registrations and enhancing email campaign effectiveness. With over 99% accuracy, our verification service integrates seamlessly with popular WordPress forms, offering broad compatibility and exceptional reliability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Check email address during the form submission.\u003Cbr \u002F>\n– Can detect valid, invalid, temporary, catch-all, inbox-full, spamtrap addresses.\u003Cbr \u002F>\n– Quick mode verification checks an email within 0.5 seconds.\u003Cbr \u002F>\n– Dynamic detection of disposable and temporary email addresses.\u003Cbr \u002F>\n– Supports most of the free email providers and business\u002Fprofessional emails.\u003Cbr \u002F>\n– Live API for instant verification during user registration (within 0.5 seconds).\u003Cbr \u002F>\n– Verification mode and custom filters can be selected.\u003Cbr \u002F>\n– GDPR compliant, ensuring user data protection and privacy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supported WordPress Forms:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Formidable Form\u003Cbr \u002F>\n– Gravity Form\u003Cbr \u002F>\n– Default WordPress Registration Form\u003Cbr \u002F>\n– WooCommerce Checkout Form\u003Cbr \u002F>\n– Contact Form 7\u003Cbr \u002F>\n– Ninja Forms\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Elementor Forms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Forminator Forms\u003Cbr \u002F>\n– HappyForms\u003Cbr \u002F>\n– Mail Mint Form\u003Cbr \u002F>\n– Contact Form by BestWebSoft\u003Cbr \u002F>\n– WordPress Comment Form\u003Cbr \u002F>\n– SureCart\u003Cbr \u002F>\n– WS Form\u003Cbr \u002F>\n– JetForm Builder\u003Cbr \u002F>\n– MetForm\u003Cbr \u002F>\n– BuddyForms\u003Cbr \u002F>\n– EverestForms\u003Cbr \u002F>\n– Bitforms\u003C\u002Fp>\n\u003Cp>To learn about the list of features and detailed benefits, please visit \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.reoon.com\u002Femail-verifier\u002F\" rel=\"nofollow ugc\">Reoon Email Verifier\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Third-Party Service Usage\u003C\u002Fh3>\n\u003Cp>This plugin integrates with the Reoon Email Verifier service to provide real-time email verification functionality. Through API calls to Reoon Technology’s servers, it verifies email addresses and retrieves account information, using the following endpoints:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Verify email addresses: https:\u002F\u002Femailverifier.reoon.com\u002Fapi\u002Fv1\u002Fverify?email=[email]&mode=[mode]&key=[your_api_key]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>By installing and activating this plugin, you consent to the transmission of email addresses to these URLs for the purpose of verification.\u003C\u002Fp>\n\u003Cp>Data Privacy and Security Commitment: We prioritize your privacy and the security of your data. All submitted email addresses are automatically deleted from our servers after 15 days, ensuring that your data is not stored indefinitely. Furthermore, we do not sell or use the submitted emails for marketing purposes. This practice is part of our commitment to maintaining your trust and complying with data protection regulations.\u003C\u002Fp>\n\u003Cp>The use of the Reoon Email Verifier service is subject to Reoon’s Terms of Service and Privacy Policy, available at:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Terms of Service: https:\u002F\u002Fwww.reoon.com\u002Fterms-and-conditions\u002F\nPrivacy Policy: https:\u002F\u002Fwww.reoon.com\u002Fprivacy-policy\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>We encourage you to review these documents to understand how Reoon Technology handles and protects your data. It is crucial to ensure that the use of this plugin complies with your website’s privacy policy and any applicable legal obligations concerning data protection and privacy.\u003C\u002Fp>\n","Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.",600,6021,"2026-01-18T16:36:00.000Z","4.7","7.4",[74,75,76,77,78],"block-spam-registration","email-validator","email-verifier","form-email-validation","temporary-email-blocker","https:\u002F\u002Fwww.reoon.com\u002Femail-verifier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freoon-email-verifier.2.1.1.zip",99,1,"2025-10-09 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":23,"num_ratings":28,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":50,"tags":97,"homepage":101,"download_link":102,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":59},"email-and-domain-blocker","Email and Domain Blocker for WooCommerce","1.1","Kaleem Abbasi","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaleemabbasi\u002F","\u003Cp>Tired of fake signups and spam accounts in your WooCommerce store?\u003Cbr \u002F>\n\u003Cstrong>Email and Domain Blocker for WooCommerce\u003C\u002Fstrong> lets you block unwanted emails or domains from registering — keeping your store clean and your customers real.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Block specific email addresses (e.g. \u003Ccode>baduser@gmail.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Block entire domains (e.g. \u003Ccode>@spam.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Wildcard support (e.g. \u003Ccode>*@gmail.com\u003C\u002Fcode>, \u003Ccode>*@*.ru\u003C\u002Fcode>)\u003Cbr \u002F>\n* Test Email Checker (instantly check if an email is allowed or blocked)\u003Cbr \u002F>\n* Optional logging of blocked attempts\u003Cbr \u002F>\n* Logs tab to view, clear, and download blocked attempts as CSV\u003Cbr \u002F>\n* Simple admin UI with usage examples\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use cases:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Stop spam signups with disposable or free mail services\u003Cbr \u002F>\n* Block competitors or fraud-prone domains\u003Cbr \u002F>\n* Restrict registrations to company emails only\u003C\u002Fp>\n","Block emails or domains from WooCommerce signups. Supports wildcards, logging, CSV export, and test email checker.",300,2068,"2025-09-03T21:51:00.000Z","6.6.5","5.8",[98,99,19,100,55],"domain-blocker","email-blocker","spam-prevention","https:\u002F\u002Fkaleemabbasi.com\u002Femail-and-domain-blocker-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-and-domain-blocker.1.1.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":23,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":13,"tags":117,"homepage":120,"download_link":121,"security_score":122,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":59},"dm-confirm-email","DM Confirm Email","1.4","Michael","https:\u002F\u002Fprofiles.wordpress.org\u002Fdonmhico\u002F","\u003Cp>Having so many spam registrations? Tired of getting fake users with fake emails? Good news! DM Confirm Email will solve your problems.\u003Cbr \u002F>\nDM Confirm Email will send a confirmation email and the only time it will actually “create” the account for the user if the email address is confirmed.\u003C\u002Fp>\n\u003Cp>Also allows you to send a welcome message to newly confirmed and created users which is great to give your new users initial instructions or other information that can be helpful to new users.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdonmhi.co\u002Fprojects\u002Fdm-confirm-email\" rel=\"nofollow ugc\">DM Confirm Email\u003C\u002Fa> integrates seamlessly with wordpress registration system and uses all native registration hooks which allows all your current customization and plugins to the registration work.\u003C\u002Fp>\n\u003Ch4>Additional Resources\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdonmhi.co\u002Fprojects\u002Fdm-confirm-email\u002F#demo\" rel=\"nofollow ugc\">See DM Confirm Email in action\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdm-confirm-email\" rel=\"ugc\">Review the plugin and let me know what you think!\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdm-confirm-email\" rel=\"ugc\">Have a question? Or found a bug?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdonmhi.co\u002Fprojects\u002Fdm-confirm-email\" rel=\"nofollow ugc\">For suggestions and ideas for future release. Comment here\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fdonmhico\" rel=\"nofollow ugc\">Follow me @donMhico\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Reduce unwanted and spam registration.\u003C\u002Fli>\n\u003Cli>Verifies and confirms email addresses of user registrations.\u003C\u002Fli>\n\u003Cli>Customize the confirmation email that will be sent.\u003C\u002Fli>\n\u003Cli>Allows html email content.\u003C\u002Fli>\n\u003Cli>Resend confirmation email feature\u003C\u002Fli>\n\u003Cli>Define the number of days before the confirmation keys will be expired.\u003C\u002Fli>\n\u003Cli>Customize all warning and successful messages in the wordpress side.\u003C\u002Fli>\n\u003Cli>Ability to send welcome message to new users.\u003C\u002Fli>\n\u003Cli>Prevents waste of resources and web space by only creating user account to confirmed emails.\u003C\u002Fli>\n\u003Cli>Uses all the native registration hooks for more advanced customization.\u003C\u002Fli>\n\u003Cli>Seamless integration\u003C\u002Fli>\n\u003Cli>NEW! Ability to edit the email message containing the password of the new account that will be sent to the user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Future\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display all pending registrations that need confirmation on the Dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect your wordpress site with spam registration. DM Confirm Email requires new users to confirm their email addresses.",21838,82,7,"2014-03-11T14:27:00.000Z","3.7.41","3.6",[118,17,19,119,20],"confirm","security","http:\u002F\u002Fdonmhi.co\u002Fprojects\u002Fdm-confirm-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdm-confirm-email.1.4.zip",85,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":23,"num_ratings":133,"last_updated":134,"tested_up_to":95,"requires_at_least":135,"requires_php":50,"tags":136,"homepage":140,"download_link":141,"security_score":142,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":59},"validator-pizza","MailCheck.ai","1.3.0","tompec","https:\u002F\u002Fprofiles.wordpress.org\u002Ftompec\u002F","\u003Cp>\u003Cstrong>MailCheck.ai is now UserCheck.com\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fusercheck\u002F\" rel=\"ugc\">new version\u003C\u002Fa> of this plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MailCheck.ai is a powerful WordPress plugin that prevents disposable or throwaway email addresses from registering or commenting on your site. This helps to protect your site from spam and maintain the quality of your user base.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically checks email addresses against a constantly updated database of disposable email domains\u003C\u002Fli>\n\u003Cli>Works out of the box with no configuration required\u003C\u002Fli>\n\u003Cli>No API key needed\u003C\u002Fli>\n\u003Cli>Caches results for improved performance\u003C\u002Fli>\n\u003Cli>Seamlessly integrates with WordPress registration and comment forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin uses the API provided by \u003Ca href=\"https:\u002F\u002Fwww.mailcheck.ai\" rel=\"nofollow ugc\">MailCheck.ai\u003C\u002Fa>, which is constantly updated to include the latest disposable email domains. This ensures your site stays protected against new disposable email providers.\u003C\u002Fp>\n\u003Cp>MailCheck.ai is free to use and starts working immediately after installation. No registration or configuration is required.\u003C\u002Fp>\n","Prevent disposable email addresses from registering or commenting on your site with MailCheck.ai.",60,4935,4,"2024-08-27T03:13:00.000Z","5.2",[137,138,119,100,139],"disposable-email","email-validation","user-registration","https:\u002F\u002Fwww.mailcheck.ai","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvalidator-pizza.1.3.0.zip",92,{"attackSurface":144,"codeSignals":161,"taintFlows":176,"riskAssessment":233,"analyzedAt":238},{"hooks":145,"ajaxHandlers":146,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":160,"unprotectedCount":11},[],[147,154],{"action":148,"nopriv":149,"callback":150,"hasNonce":151,"hasCapCheck":149,"file":152,"line":153},"gmw_enable",false,"ajaxEnableRule",true,"backend\\actions.php",6,{"action":155,"nopriv":149,"callback":156,"hasNonce":151,"hasCapCheck":149,"file":152,"line":113},"gmw_del","ajaxDelRule",[],[],[],2,{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":11,"externalRequests":11,"nonceChecks":133,"capabilityChecks":11,"bundledLibraries":175},[],{"prepared":113,"raw":11,"locations":164},[],{"escaped":166,"rawEcho":28,"locations":167},22,[168,171,173],{"file":152,"line":169,"context":170},136,"raw output",{"file":152,"line":172,"context":170},151,{"file":152,"line":174,"context":170},165,[],[177,203,213],{"entryPoint":178,"graph":179,"unsanitizedCount":11,"severity":202},"addRule (backend\\actions.php:46)",{"nodes":180,"edges":199},[181,186,192,194],{"id":182,"type":183,"label":184,"file":152,"line":185},"n0","source","$_POST",71,{"id":187,"type":188,"label":189,"file":152,"line":190,"wp_function":191},"n1","sink","get_row() [SQLi]",89,"get_row",{"id":193,"type":183,"label":184,"file":152,"line":185},"n2",{"id":195,"type":188,"label":196,"file":152,"line":197,"wp_function":198},"n3","query() [SQLi]",94,"query",[200,201],{"from":182,"to":187,"sanitized":151},{"from":193,"to":195,"sanitized":151},"low",{"entryPoint":204,"graph":205,"unsanitizedCount":11,"severity":202},"delRule (backend\\actions.php:142)",{"nodes":206,"edges":211},[207,209],{"id":182,"type":183,"label":184,"file":152,"line":208},148,{"id":187,"type":188,"label":196,"file":152,"line":210,"wp_function":198},163,[212],{"from":182,"to":187,"sanitized":151},{"entryPoint":214,"graph":215,"unsanitizedCount":11,"severity":202},"\u003Cactions> (backend\\actions.php:0)",{"nodes":216,"edges":229},[217,218,219,221,222,224],{"id":182,"type":183,"label":184,"file":152,"line":185},{"id":187,"type":188,"label":189,"file":152,"line":190,"wp_function":191},{"id":193,"type":183,"label":220,"file":152,"line":185},"$_POST (x2)",{"id":195,"type":188,"label":196,"file":152,"line":197,"wp_function":198},{"id":223,"type":183,"label":184,"file":152,"line":185},"n4",{"id":225,"type":188,"label":226,"file":152,"line":227,"wp_function":228},"n5","get_results() [SQLi]",118,"get_results",[230,231,232],{"from":182,"to":187,"sanitized":151},{"from":193,"to":195,"sanitized":151},{"from":223,"to":225,"sanitized":151},{"summary":234,"deductions":235},"The geek-mail-whitelist v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded CVEs, coupled with the fact that all SQL queries utilize prepared statements and a high percentage of outputs are properly escaped, indicates good development practices.  Furthermore, the limited attack surface of only two AJAX handlers, both of which are noted as unprotected, is a positive sign, though the lack of explicit authorization checks on these handlers is a point of concern that could be exploited by an attacker if they can trigger these AJAX actions. The taint analysis also found no critical or high severity vulnerabilities, suggesting that the plugin is not susceptible to common injection attacks through the analyzed code flows.\n\nDespite the overall positive findings, the two unprotected AJAX handlers represent a potential risk. While the total attack surface is small, an attacker could potentially exploit these entry points if they can be triggered without proper authentication or authorization. The lack of capability checks on these handlers, while not explicitly flagged as a deduction in this analysis (as the provided data focuses on specific vulnerabilities), is a critical security practice that is missing. The vulnerability history being completely clear is a significant strength, implying a well-maintained and secure codebase over time. In conclusion, the plugin is strong in its handling of data and its vulnerability history, but the unprotected AJAX endpoints warrant attention to ensure proper access control.",[236],{"reason":237,"points":29},"Unprotected AJAX handlers","2026-03-17T06:07:25.670Z",{"wat":240,"direct":253},{"assetPaths":241,"generatorPatterns":246,"scriptPaths":247,"versionParams":248},[242,243,244,245],"\u002Fwp-content\u002Fplugins\u002Fgeek-mail-whitelist\u002Fcss\u002Fgmw-admin-style.css","\u002Fwp-content\u002Fplugins\u002Fgeek-mail-whitelist\u002Fcss\u002Fgmw-frontend-style.css","\u002Fwp-content\u002Fplugins\u002Fgeek-mail-whitelist\u002Fjs\u002Fgmw-admin-script.js","\u002Fwp-content\u002Fplugins\u002Fgeek-mail-whitelist\u002Fjs\u002Fgmw-frontend-script.js",[],[244,245],[249,250,251,252],"geek-mail-whitelist\u002Fcss\u002Fgmw-admin-style.css?ver=","geek-mail-whitelist\u002Fcss\u002Fgmw-frontend-style.css?ver=","geek-mail-whitelist\u002Fjs\u002Fgmw-admin-script.js?ver=","geek-mail-whitelist\u002Fjs\u002Fgmw-frontend-script.js?ver=",{"cssClasses":254,"htmlComments":257,"htmlAttributes":260,"restEndpoints":262,"jsGlobals":264,"shortcodeOutput":267},[255,256],"gmw-admin-wrapper","gmw-frontend-form",[258,259],"\u003C!-- Geek Mail Whitelist plugin -->","\u003C!-- GMW Admin notices -->",[261],"data-gmw-ajax-url",[263],"\u002Fwp-json\u002Fgeek-mail-whitelist\u002Fv1\u002Fsettings",[265,266],"GMW_Admin_Scripts","GMW_Frontend_Scripts",[268],"[gmw_whitelist_form]"]