[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fre366jjnW7DhxwAFis0ATB1zKpjb8ArXythYLU9ZvlQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":139,"fingerprints":201},"global-threat-activity-level-widget","Global threat activity level Widget","1.1.6","pcrisk","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcrisk\u002F","\u003Cp>Display real-time global cyber threats activity directly on your WordPress site. This plugin shows the current worldwide threat level, the latest emerging malware threats, and guides on how to remove them—helping your visitors stay alert when cyber risks are high.\u003C\u002Fp>\n\u003Cp>Ideal for computer repair shops and IT professionals who want to demonstrate up-to-date security awareness and add value for their customers.\u003Cbr \u002F>\nThe plugin automatically pulls and updates data using feeds from \u003Ca href=\"https:\u002F\u002Fwww.pcrisk.com\u002F\" rel=\"nofollow ugc\">PCrisk.com\u003C\u002Fa>, ensuring fresh and accurate threat information at all times.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supports both the classic Widget system and the block editor.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works as a classic WordPress widget AND as a Gutenberg block.\u003C\u002Fli>\n\u003Cli>Customisable title.\u003C\u002Fli>\n\u003Cli>Customisable number of latest threats displayed (maximum 10 items).\u003C\u002Fli>\n\u003Cli>Option to hide the latest threats list entirely.\u003C\u002Fli>\n\u003Cli>Shows last-update date. Status is usually updated every 12 hours.\u003C\u002Fli>\n\u003Cli>Compatible with PHP 7.3 and above.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress 5.8 and above.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays global virus and spyware activity level and latest spyware threats with guidelines how to remove them.",10,4197,0,"2026-02-23T11:41:00.000Z","6.9.4","5.8","7.3",[19,20,21,22,23],"activity","cyber-security","malware","threat","virus","https:\u002F\u002Fwww.pcrisk.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fglobal-threat-activity-level-widget.1.1.6.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,94,"2026-04-05T01:25:05.162Z",[36,54,76,99,114],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":46,"tags":49,"homepage":46,"download_link":52,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":53},"virus-activity","Virus Activity","1.2.2","virusactivity","https:\u002F\u002Fprofiles.wordpress.org\u002Fvirusactivity\u002F","\u003Cp>This widget shows global virus and malware activity level with latest malware threats. It is useful to let your visitors know how active viruses are because, if this level is high, visitors will know that they need to keep attention on their system security. This plugin is perfect for computer repair shops, computer technicians and similar service providers who what to show their customers global computer virus activity.\u003Cbr \u002F>\nThe plugin uses RSS feeds from \u003Ca href=\"https:\u002F\u002Fvirusactivity.com\u002F\" rel=\"nofollow ugc\">Virus Activity information center\u003C\u002Fa> to show and update threat level data and the list of latest threats. You can configure how many cyber threats you want to display in widget configuration.\u003C\u002Fp>\n\u003Ch4>Features list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multi-language (25+ languages supported)\u003C\u002Fli>\n\u003Cli>Displays activity level and last update date\u003C\u002Fli>\n\u003Cli>Customizable widget title\u003C\u002Fli>\n\u003Cli>Customizable number of the latest threats. Up to 10 items\u003C\u002Fli>\n\u003Cli>Daily updated\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Cp>Virus Activity is a multi-language plugin.\u003Cbr \u002F>\nA list of currently supported languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bulgarian\u003C\u002Fli>\n\u003Cli>Chinese\u003C\u002Fli>\n\u003Cli>Croatian\u003C\u002Fli>\n\u003Cli>Czech\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Estonian\u003C\u002Fli>\n\u003Cli>Finnish\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Greek\u003C\u002Fli>\n\u003Cli>Hindi\u003C\u002Fli>\n\u003Cli>Hungarian\u003C\u002Fli>\n\u003Cli>Indonesian\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Japanese\u003C\u002Fli>\n\u003Cli>Lithuanian\u003C\u002Fli>\n\u003Cli>Latvian\u003C\u002Fli>\n\u003Cli>Norwegian\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Portuguese\u003C\u002Fli>\n\u003Cli>Romanian\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003Cli>Turkish\u003C\u002Fli>\n\u003C\u002Ful>\n","This widget displays global virus activity level with the latest Internet security threats.",20,6048,"","4.8.28","3.7",[21,50,51,23,37],"spyware","threats","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvirus-activity.1.2.2.zip","2026-03-15T10:48:56.248Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":15,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":26,"vuln_count":31,"unpatched_count":13,"last_vuln_date":75,"fetched_at":28},"ninjafirewall","NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall","4.8.4","nintechnet","https:\u002F\u002Fprofiles.wordpress.org\u002Fnintechnet\u002F","\u003Ch4>A true Web Application Firewall\u003C\u002Fh4>\n\u003Cp>NinjaFirewall (WP Edition) is a true Web Application Firewall. Although it can be installed and configured just like a plugin, it is a stand-alone firewall that stands in front of WordPress.\u003C\u002Fp>\n\u003Cp>It allows any blog administrator to benefit from very advanced and powerful security features that usually aren’t available at the WordPress level, but only in security applications such as the Apache \u003Ca href=\"http:\u002F\u002Fwww.modsecurity.org\u002F\" title=\"\" rel=\"nofollow ugc\">ModSecurity\u003C\u002Fa> module or the PHP \u003Ca href=\"http:\u002F\u002Fsuhosin.org\u002F\" title=\"\" rel=\"nofollow ugc\">Suhosin\u003C\u002Fa> extension.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>NinjaFirewall requires at least PHP 7.1, MySQLi extension and is only compatible with Unix-like OS (Linux, BSD). It is \u003Cstrong>not compatible with Microsoft Windows\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>NinjaFirewall can hook, scan, sanitise or reject any HTTP\u002FHTTPS request sent to a PHP script before it reaches WordPress or any of its plugins. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren’t part of the WordPress package. Even encoded PHP scripts, hackers shell scripts and backdoors will be filtered by NinjaFirewall.\u003C\u002Fp>\n\u003Ch4>Powerful filtering engine\u003C\u002Fh4>\n\u003Cp>NinjaFirewall includes the most powerful filtering engine available in a WordPress plugin. Its most important feature is its ability to normalize and transform data from incoming HTTP requests which allows it to detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as to support and decode a large set of encodings. See our blog for a full description: \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fintroduction-to-ninjafirewall-filtering-engine\u002F\" title=\"\" rel=\"nofollow ugc\">An introduction to NinjaFirewall filtering engine\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Fastest and most efficient brute-force attack protection for WordPress\u003C\u002Fh4>\n\u003Cp>By processing incoming HTTP requests before your blog and any of its plugins, NinjaFirewall is the only plugin for WordPress able to protect it against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.\u003C\u002Fp>\n\u003Cp>See our benchmarks and stress-tests: \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fwordpress-brute-force-attack-detection-plugins-comparison-2015\u002F\" title=\"\" rel=\"nofollow ugc\">Brute-force attack detection plugins comparison\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The protection applies to the \u003Ccode>wp-login.php\u003C\u002Fcode> script but can be extended to the \u003Ccode>xmlrpc.php\u003C\u002Fcode> one. The incident can also be written to the server \u003Ccode>AUTH\u003C\u002Fcode> log, which can be useful to the system administrator for monitoring purposes or banning IPs at the server level (e.g., Fail2ban).\u003C\u002Fp>\n\u003Ch4>Real-time detection\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>File Guard\u003C\u002Fstrong> real-time detection is a totally unique feature provided by NinjaFirewall: it can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this. If a hacker uploaded a shell script to your site (or injected a backdoor into an already existing file) and tried to directly access that file using his browser or a script, NinjaFirewall would hook the HTTP request and immediately detect that the file was recently modified or created. It would send you an alert with all details (script name, IP, request, date and time).\u003C\u002Fp>\n\u003Ch4>File integrity monitoring\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>File Check\u003C\u002Fstrong> lets you perform file integrity monitoring by scanning your website hourly, twicedaily or daily. Any modification made to a file will be detected: file content, file permissions, file ownership, timestamp as well as file creation and deletion.\u003C\u002Fp>\n\u003Ch4>Watch your website traffic in real time\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Live Log\u003C\u002Fstrong> lets you watch your website traffic in real time. It displays connections in a format similar to the one used by the \u003Ccode>tail -f\u003C\u002Fcode> Unix command. Because it communicates directly with the firewall, i.e., without loading WordPress, \u003Cstrong>Live Log\u003C\u002Fstrong> is fast, lightweight and it will not affect your server load, even if you set its refresh rate to the lowest value.\u003C\u002Fp>\n\u003Ch4>Event Notifications\u003C\u002Fh4>\n\u003Cp>NinjaFirewall can alert you by email on specific events triggered within your blog. Some of those alerts are enabled by default and it is highly recommended to keep them enabled. It is not unusual for a hacker, after breaking into your WordPress admin console, to install or just to upload a backdoored plugin or theme in order to take full control of your website. NinjaFirewall can also \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-wp-edition-adds-php-backtrace-to-email-notifications\u002F\" title=\"NinjaFirewall adds PHP backtrace to email notifications\" rel=\"nofollow ugc\">attach a PHP backtrace\u003C\u002Fa> to important notifications.\u003C\u002Fp>\n\u003Cp>Monitored events:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Administrator login.\u003C\u002Fli>\n\u003Cli>Modification of any administrator account in the database.\u003C\u002Fli>\n\u003Cli>Plugins upload, installation, (de)activation, update, deletion.\u003C\u002Fli>\n\u003Cli>Themes upload, installation, activation, deletion.\u003C\u002Fli>\n\u003Cli>WordPress update.\u003C\u002Fli>\n\u003Cli>Pending security update in your plugins and themes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Stay protected against the latest WordPress security vulnerabilities\u003C\u002Fh4>\n\u003Cp>To get the most efficient protection, NinjaFirewall can automatically update its security rules daily, twice daily or even hourly. Each time a new vulnerability is found in WordPress or one of its plugins\u002Fthemes, a new set of security rules will be made available to protect your blog immediately.\u003C\u002Fp>\n\u003Ch4>Strong Privacy\u003C\u002Fh4>\n\u003Cp>Unlike a Cloud Web Application Firewall, or Cloud WAF, NinjaFirewall works and filters the traffic on your own server and infrastructure. That means that your sensitive data (contact form messages, customers credit card number, login credentials etc) remains on your server and is not routed through a third-party company’s servers, which could pose unnecessary risks (e.g., decryption of your HTTPS traffic in order to inspect it, employees accessing your data or logs in plain text, theft of private information, man-in-the-middle attack etc).\u003C\u002Fp>\n\u003Cp>Your website can run NinjaFirewall and be \u003Cstrong>compliant with the General Data Protection Regulation (GDPR)\u003C\u002Fstrong>. \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-general-data-protection-regulation-compliance\u002F\" title=\"GDPR Compliance\" rel=\"nofollow ugc\">See our blog for more details\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>IPv6 compatibility\u003C\u002Fh4>\n\u003Cp>IPv6 compatibility is a mandatory feature for a security plugin: if it supports only IPv4, hackers can easily bypass the plugin by using an IPv6. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both public and private addresses.\u003C\u002Fp>\n\u003Ch4>Multi-site support\u003C\u002Fh4>\n\u003Cp>NinjaFirewall is multi-site compatible. It will protect all sites from your network and its configuration interface will be accessible only to the Super Admin from the network main site.\u003C\u002Fp>\n\u003Ch4>Possibility to prepend your own PHP code to the firewall\u003C\u002Fh4>\n\u003Cp>You can prepend your own PHP code to the firewall with the help of an \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-wp-edition-the-htninja-configuration-file\u002F\" rel=\"nofollow ugc\">optional distributed configuration file\u003C\u002Fa>. It will be processed before WordPress and all its plugins are loaded. This is a very powerful feature, and there is almost no limit to what you can do: add your own security rules, manipulate HTTP requests, variables etc.\u003C\u002Fp>\n\u003Ch4>Low Footprint Firewall\u003C\u002Fh4>\n\u003Cp>NinjaFirewall is very fast, optimised, compact, and requires very low system resource.\u003Cbr \u002F>\nSee for yourself: download and install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcode-profiler\u002F\" title=\"\" rel=\"ugc\">Code Profiler\u003C\u002Fa> plugin and compare NinjaFirewall’s performance with other security plugins.\u003C\u002Fp>\n\u003Ch4>Non-Intrusive User Interface\u003C\u002Fh4>\n\u003Cp>NinjaFirewall looks and feels like a built-in WordPress feature. It does not contain intrusive banners, warnings or flashy colors. It uses the WordPress simple and clean interface and is also smartphone-friendly.\u003C\u002Fp>\n\u003Ch4>Contextual Help\u003C\u002Fh4>\n\u003Cp>Each NinjaFirewall menu page has a contextual help screen with useful information about how to use and configure it.\u003Cbr \u002F>\nIf you need help, click on the \u003Cem>Help\u003C\u002Fem> menu tab located in the upper right corner of each page in your admin panel.\u003C\u002Fp>\n\u003Ch4>Need more security ?\u003C\u002Fh4>\n\u003Cp>Check out our new supercharged edition: \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F\" title=\"NinjaFirewall WP+ Edition\" rel=\"nofollow ugc\">NinjaFirewall WP+ Edition\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unix shared memory use for inter-process communication and blazing fast performances.\u003C\u002Fli>\n\u003Cli>IP-based Access Control.\u003C\u002Fli>\n\u003Cli>Role-based Access Control.\u003C\u002Fli>\n\u003Cli>Country-based Access Control via geolocation.\u003C\u002Fli>\n\u003Cli>URL-based Access Control.\u003C\u002Fli>\n\u003Cli>Bot-based Access Control.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fcentralized-logging-with-ninjafirewall\u002F\" title=\"Centralized Logging\" rel=\"nofollow ugc\">Centralized Logging\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Antispam for comment and user regisration forms.\u003C\u002Fli>\n\u003Cli>Rate limiting option to block aggressive bots, crawlers, web scrapers and HTTP attacks.\u003C\u002Fli>\n\u003Cli>Response body filter to scan the output of the HTML page right before it is sent to your visitors browser.\u003C\u002Fli>\n\u003Cli>Better File uploads management.\u003C\u002Fli>\n\u003Cli>Better logs management.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fsyslog-logging-with-ninjafirewall\u002F\" title=\"Syslog logging\" rel=\"nofollow ugc\">Syslog logging\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F\" title=\"\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa> about the WP+ Edition unique features. \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F?comparison\" title=\"\" rel=\"nofollow ugc\">Compare\u003C\u002Fa> the WP and WP+ Editions.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.9+\u003C\u002Fli>\n\u003Cli>Admin\u002FSuperadmin with \u003Ccode>manage_options\u003C\u002Fcode> + \u003Ccode>unfiltered_html capabilities\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>PHP 7.1+\u003C\u002Fli>\n\u003Cli>MySQL or MariaDB with MySQLi extension\u003C\u002Fli>\n\u003Cli>Apache \u002F Nginx \u002F LiteSpeed \u002F Openlitespeed compatible\u003C\u002Fli>\n\u003Cli>Unix-like operating systems only (Linux, BSD etc). NinjaFirewall is \u003Cstrong>NOT\u003C\u002Fstrong> compatible with Microsoft Windows.\u003C\u002Fli>\n\u003C\u002Ful>\n","A true Web Application Firewall to protect and secure WordPress.",100000,3089632,98,217,"2026-03-12T09:53:00.000Z","4.9","7.1",[70,21,71,72,23],"firewall","protection","security","https:\u002F\u002Fnintechnet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fninjafirewall.4.8.4.zip","2021-05-30 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":15,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":31,"unpatched_count":13,"last_vuln_date":98,"fetched_at":28},"antivirus","AntiVirus","1.6.1","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>\u003Cem>AntiVirus\u003C\u002Fem> is an easy-to-use, safe tool to harden your WordPress site against exploits, malware and spam injections.\u003Cbr \u002F>\nYou can configure \u003Cem>AntiVirus\u003C\u002Fem> to perform an automated daily scan of your theme files. If the plugin detects any suspicious code injections, it will send out a notification to a previously configured e-mail address.\u003C\u002Fp>\n\u003Cp>In case your WordPress site has been hacked, \u003Cem>AntiVirus\u003C\u002Fem> will help you to become aware of the problem very quickly in order for you to take immediate action.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Scan for suspicious code in the theme files (daily scan with email notifications and manual scan) with an option to mark detected cases as false positive\u003C\u002Fli>\n\u003Cli>Checksum verification for WordPress Core files\u003C\u002Fli>\n\u003Cli>Optional: Google Safe Browsing for malware and phishing monitoring.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A complete documentation is available on the \u003Ca href=\"https:\u002F\u002Fantivirus.pluginkollektiv.org\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">AntiVirus website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantivirus\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fantivirus\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantivirus\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fantivirus\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Security plugin to protect your blog or website against exploits and spam injections.",30000,1314565,84,22,"2025-12-21T16:53:00.000Z","5.0","7.4",[77,21,92,93,94],"safe-browsing","scanner","vulnerability","https:\u002F\u002Fantivirus.pluginkollektiv.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantivirus.1.6.1.zip",99,"2013-06-02 00:00:00",{"slug":100,"name":101,"version":102,"author":58,"author_profile":59,"description":103,"short_description":104,"active_installs":84,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":15,"requires_at_least":109,"requires_php":68,"tags":110,"homepage":111,"download_link":112,"security_score":64,"vuln_count":31,"unpatched_count":13,"last_vuln_date":113,"fetched_at":28},"ninjascanner","NinjaScanner – Virus & Malware scan","3.2.8","\u003Ch4>A lightweight, fast and powerful virus scanner for WordPress.\u003C\u002Fh4>\n\u003Cp>NinjaScanner is a lightweight, fast and powerful virus scanner for WordPress which includes many features to help you scan your blog for malware and virus.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>File integrity checker.\u003C\u002Fli>\n\u003Cli>File comparison viewer.\u003C\u002Fli>\n\u003Cli>Exclusion filters.\u003C\u002Fli>\n\u003Cli>File snapshot.\u003C\u002Fli>\n\u003Cli>Database snapshot.\u003C\u002Fli>\n\u003Cli>Anti-malware\u002FAntivirus.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fnin.link\u002Fnssandbox\u002F\" title=\"NinjaScanner sandbox\" rel=\"nofollow ugc\">Sandbox for quarantined files\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Ignored files list.\u003C\u002Fli>\n\u003Cli>Google’s Safe Browsing Lookup API.\u003C\u002Fli>\n\u003Cli>Background scans.\u003C\u002Fli>\n\u003Cli>Scheduled scans (Premium).\u003C\u002Fli>\n\u003Cli>WP-CLI integration (Premium).\u003C\u002Fli>\n\u003Cli>Debugging log.\u003C\u002Fli>\n\u003Cli>Email report.\u003C\u002Fli>\n\u003Cli>Integration with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninjafirewall\u002F\" title=\"Download NinjaFirewall\" rel=\"ugc\">NinjaFirewall (WP and WP+ Edition)\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Multi-site support.\u003C\u002Fli>\n\u003Cli>Contextual help.\u003C\u002Fli>\n\u003Cli>And many more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>File Integrity Checker\u003C\u002Fh4>\n\u003Cp>The File Integrity Checker will compare your WordPress core files as well as your plugin and theme files to their original package. Its File Comparison Viewer will show you the differences between any modified file and the original. You can also \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjascanner-powerful-antivirus-scanner-for-wordpress\u002F#integrity\" title=\"\" rel=\"nofollow ugc\">add your Premium themes and plugins\u003C\u002Fa> to the File Integrity Checker. Infected or corrupted files can be easily restored with one click.\u003C\u002Fp>\n\u003Ch4>File Snapshot\u003C\u002Fh4>\n\u003Cp>The File Snapshot will show you which files were changed, added or deleted since the previous scan.\u003C\u002Fp>\n\u003Ch4>Database Snapshot\u003C\u002Fh4>\n\u003Cp>NinjaScanner will compare all published posts and pages in the database with the previous scan and will report if any of them were changed, added or deleted.\u003C\u002Fp>\n\u003Ch4>Anti-Malware Signatures\u003C\u002Fh4>\n\u003Cp>You can scan your blog for potential malware and virus using the built-in signatures. The scanning engine is compatible with \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frfxn\u002Flinux-malware-detect\" title=\"\" rel=\"nofollow ugc\">Linux Malware Detect LMD\u003C\u002Fa> (whose anti-malware signatures are included) and with some \u003Ca href=\"https:\u002F\u002Fwww.clamav.net\u002F\" title=\"\" rel=\"nofollow ugc\">ClamAV\u003C\u002Fa> signatures as well. You can even \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjascanner-powerful-antivirus-scanner-for-wordpress\u002F#signatures\" title=\"\" rel=\"nofollow ugc\">write your own anti-malware signatures\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>NinjaFirewall Integration\u003C\u002Fh4>\n\u003Cp>If you are running our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninjafirewall\u002F\" title=\"Download NinjaFirewall\" rel=\"ugc\">NinjaFirewall (WP or WP+ Edition)\u003C\u002Fa> web application firewall plugin, you can use this option to integrate NinjaScanner into its menu.\u003C\u002Fp>\n\u003Ch4>Fast and Lightweight Scanner\u003C\u002Fh4>\n\u003Cp>NinjaScanner has strictly no impact on your database. It only uses it to store its configuration (less than 1Kb). It saves the scan data, report, logs etc on disk only, makes use of caching to save bandwidth and server resources. It also includes a Garbage Collector that will clean up its cache on a regular basis.\u003C\u002Fp>\n\u003Ch4>Background Scans\u003C\u002Fh4>\n\u003Cp>Another great NinjaScanner feature is that it runs in the background: start a scan, let it run and keep working on your blog as usual. You can even log out of the WordPress dashboard while a scanning process is running! You don’t have to wait patiently until the scan has finished. Additionally, a scan report can be sent to one or more email addresses.\u003C\u002Fp>\n\u003Ch4>Sandbox for quarantined files\u003C\u002Fh4>\n\u003Cp>When moving a file to the quarantine folder, NinjaScanner can use a testing environment (a.k.a. sandbox) to make sure that this action does not crash your blog with a fatal error. If it does, it will warn you and will not quarantine the file. It is possible (but not recommended) to disable the sandbox.\u003C\u002Fp>\n\u003Ch4>Advanced Settings\u003C\u002Fh4>\n\u003Cp>NinjaScanner offers many advanced settings to finely tune it, such as exclusion filters, selection of the algorithm to use, a debugging log etc.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>Your website can run NinjaScanner and be 100% compliant with the \u003Cstrong>General Data Protection Regulation (GDPR)\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cp>We, the authors, do not collect, share or sell personal information. We don’t track or profile you. Our software does not collect any private data from you or your visitors.\u003C\u002Fp>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjascanner\u002F\" title=\"NinjaScanner Premium Edition\" rel=\"nofollow ugc\">NinjaScanner Premium Edition\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Scheduled Scans\u003C\u002Fstrong>: Don’t leave your blog at risk. With the scheduled scan option, NinjaScanner will run automatically hourly, twice daily or daily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration\u003C\u002Fstrong>: Do you own several blogs and prefer to manage them from the command line? NinjaScanner can nicely integrate with WP-CLI, using the \u003Ccode>ninjascanner\u003C\u002Fcode> command. You can use it to start or stop a scanning process, view its status, its report or log from your favourite terminal, without having to log in to the WordPress Admin Dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated Help Desk with Priority Support\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight, fast and powerful virus scanner for WordPress.",921392,86,33,"2025-11-29T09:53:00.000Z","4.7.0",[21,71,93,72,23],"https:\u002F\u002Fnintechnet.com\u002Fninjascanner\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fninjascanner.3.2.8.zip","2025-07-30 00:00:00",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":15,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":135,"download_link":136,"security_score":64,"vuln_count":137,"unpatched_count":13,"last_vuln_date":138,"fetched_at":28},"quttera-web-malware-scanner","Quttera ThreatSign – Web Malware Scanner for WordPress","4.0.0.3","quttera","https:\u002F\u002Fprofiles.wordpress.org\u002Fquttera\u002F","\u003Cp>Quttera ThreatSign protects your WordPress website with multi-layered security:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malware Detection:\u003C\u002Fstrong> Powered by Quttera’s AI-driven heuristic engine, the scanner detects malicious PHP, obfuscated JavaScript, hidden iframes, redirects, spam, SEO malware, and credit-card skimmers targeting checkout pages. The plugin performs on-demand scans directly from your WordPress admin and checks your domain against more than 40 global security authorities, including Google, McAfee, Norton, and Yandex. Detection capabilities are continuously enhanced using insights from Quttera’s worldwide threat intelligence network.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Brute Force Protection:\u003C\u002Fstrong> Prevents unauthorized login attempts with IP locking, configurable rate limiting, and environment-aware protection policies. Supports both shared hosting (aggressive locking) and dedicated servers (progressive delays). Includes emergency bypass mechanism for critical situations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Bot Protection:\u003C\u002Fstrong> Layered defense against automated attacks using multi-stage risk evaluation, token-bucket rate limiting, and legitimate bot recognition (Googlebot, Bingbot, etc.). Protects REST API, XML-RPC, and WooCommerce endpoints with endpoint-specific risk scoring.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Admin User Monitoring:\u003C\u002Fstrong> Real-time detection and alerting for unauthorized admin additions, removals, and role changes with database audit trail and snapshots.\u003C\u002Fp>\n\u003Cp>For complete protection—including automated malware removal, scheduled scanning, WAF, and 24\u002F7 monitoring—you can upgrade to a ThreatSign Website Security plan.\u003C\u002Fp>\n\u003Ch4>Malware Detection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One-click on-demand scans from WP admin\u003C\u002Fli>\n\u003Cli>0-day (unknown threat) detection via heuristic & behavioral analysis\u003C\u002Fli>\n\u003Cli>Detection of malicious PHP (backdoors, shells, injections)\u003C\u002Fli>\n\u003Cli>Detection of obfuscated or polymorphic JavaScript\u003C\u002Fli>\n\u003Cli>Identification of malicious iframes, redirects & hidden links\u003C\u002Fli>\n\u003Cli>Detection of spam & SEO malware\u003C\u002Fli>\n\u003Cli>Checkout skimmer detection\u003C\u002Fli>\n\u003Cli>Inspection of WordPress core file integrity\u003C\u002Fli>\n\u003Cli>Detection of alien or unauthorized files in core directories\u003C\u002Fli>\n\u003Cli>External links and outbound reference analysis\u003C\u002Fli>\n\u003Cli>Blacklist checks across 40+ security authorities\u003C\u002Fli>\n\u003Cli>Cloud-based scanning to reduce server resource load\u003C\u002Fli>\n\u003Cli>Detailed investigation reports with severity levels\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Brute Force Protection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>IP-based locking with configurable thresholds\u003C\u002Fli>\n\u003Cli>Multi-stage failure detection with soft and hard locks\u003C\u002Fli>\n\u003Cli>Environment-aware policies for shared hosting and dedicated servers\u003C\u002Fli>\n\u003Cli>IP whitelist\u002Fblacklist with CIDR notation support\u003C\u002Fli>\n\u003Cli>Emergency bypass mechanism via constant or filter\u003C\u002Fli>\n\u003Cli>User account lockout alerts via email\u003C\u002Fli>\n\u003Cli>Combo-lock (IP + username) detection\u003C\u002Fli>\n\u003Cli>Rate limiting with progressive delays\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bot Protection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multi-stage risk evaluation with heuristic analysis\u003C\u002Fli>\n\u003Cli>Token-bucket rate limiting across multiple lanes (global, REST, XML-RPC, checkout, cart)\u003C\u002Fli>\n\u003Cli>Legitimate bot recognition (Googlebot, Bingbot with elevated rate limits)\u003C\u002Fli>\n\u003Cli>REST API enumeration and authentication protection\u003C\u002Fli>\n\u003Cli>WooCommerce endpoint protection (checkout & cart)\u003C\u002Fli>\n\u003Cli>Configurable operation modes (Observe, Balanced, Aggressive)\u003C\u002Fli>\n\u003Cli>Risk-based challenge mechanisms and exponential backoff\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin User Monitoring Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Real-time detection of admin user additions and removals\u003C\u002Fli>\n\u003Cli>Admin role change tracking\u003C\u002Fli>\n\u003Cli>Database snapshot comparison for audit trail\u003C\u002Fli>\n\u003Cli>WP-Cron scheduled checks (1-minute intervals)\u003C\u002Fli>\n\u003Cli>Immediate detection via WordPress hooks\u003C\u002Fli>\n\u003Cli>Email alerts for unauthorized changes\u003C\u002Fli>\n\u003Cli>Comprehensive alarm system integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you need malware removal assistance, contact us at support@quttera.com or sign up for any\u003Cbr \u002F>\nof our ThreatSign annual plans, which include cleanup & blacklist removal:\u003Cbr \u002F>\nhttps:\u002F\u002Fquttera.com\u002Fanti-malware-website-monitoring-signup\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fquttera.com\" rel=\"nofollow ugc\">Quttera\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin’s other home\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fquttera.com\u002Fwordpress_malware_scanner\" rel=\"nofollow ugc\">WordPress Malware Scanner\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress multi-level security scanner detecting malware, 0-day threats, brute-force attacks, bot attacks, and unauthorized admin changes.",10000,4426011,78,47,"2026-03-12T00:02:00.000Z","3.3.2","7.2",[130,131,132,133,134],"card-skimmer","malware-removal","malware-scanner","threat-detection","wordpress-security","http:\u002F\u002Fquttera.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquttera-web-malware-scanner.4.0.0.3.zip",3,"2025-08-14 00:00:00",{"attackSurface":140,"codeSignals":165,"taintFlows":187,"riskAssessment":188,"analyzedAt":200},{"hooks":141,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":13,"unprotectedCount":13},[142,148,153,157,159,160],{"type":143,"name":144,"callback":145,"file":146,"line":147},"filter","wp_feed_cache_transient_lifetime","spywarethreatswidget_disable_simplepie_cache","spywarethreatswidget.php",80,{"type":149,"name":150,"callback":151,"file":146,"line":152},"action","widgets_init","spywarethreatswidget_register_widget",384,{"type":149,"name":154,"callback":155,"file":146,"line":156},"init","spywarethreatswidget_register_block",450,{"type":143,"name":144,"callback":145,"file":158,"line":147},"trunk\\spywarethreatswidget.php",{"type":149,"name":150,"callback":151,"file":158,"line":152},{"type":149,"name":154,"callback":155,"file":158,"line":156},[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":186},[],{"prepared":13,"raw":13,"locations":168},[],{"escaped":170,"rawEcho":171,"locations":172},52,8,[173,176,178,180,182,183,184,185],{"file":146,"line":174,"context":175},366,"raw output",{"file":146,"line":177,"context":175},367,{"file":146,"line":179,"context":175},370,{"file":146,"line":181,"context":175},372,{"file":158,"line":174,"context":175},{"file":158,"line":177,"context":175},{"file":158,"line":179,"context":175},{"file":158,"line":181,"context":175},[],[],{"summary":189,"deductions":190},"The plugin \"global-threat-activity-level-widget\" v1.1.6 demonstrates a generally strong security posture based on the provided static analysis. The complete absence of identified entry points, dangerous functions, raw SQL queries, file operations, and external HTTP requests is highly commendable. Furthermore, the high percentage of properly escaped output suggests a good understanding of secure coding practices to prevent cross-site scripting vulnerabilities. The lack of any recorded vulnerabilities in its history is also a positive indicator of its development quality and ongoing maintenance.\n\nHowever, there are a few areas that warrant attention. The complete absence of nonce checks and capability checks across all code signals is a significant concern. While the current attack surface is zero, any future introduction of features without these fundamental security checks could expose the plugin to a wide range of attacks, particularly if new AJAX handlers, REST API routes, or shortcodes are added. The lack of taint analysis data also makes it impossible to assess the security of any potential data flows within the plugin, leaving a blind spot in the analysis.\n\nIn conclusion, the plugin is currently in a very secure state with excellent coding practices observed in the analyzed code. The lack of historical vulnerabilities further bolsters this confidence. The primary weakness lies in the absence of foundational security mechanisms like nonce and capability checks, which, if unaddressed, could become a major security risk with any future development. The current lack of observable risks is a strength, but the potential for future issues due to missing security checks is a notable weakness.",[191,193,195,197],{"reason":192,"points":171},"No nonce checks implemented",{"reason":194,"points":171},"No capability checks implemented",{"reason":196,"points":137},"Limited output escaping (13% unescaped)",{"reason":198,"points":199},"No taint analysis data available",2,"2026-03-17T00:21:52.006Z",{"wat":202,"direct":208},{"assetPaths":203,"generatorPatterns":205,"scriptPaths":206,"versionParams":207},[204],"\u002Fwp-content\u002Fplugins\u002Fglobal-threat-activity-level-widget\u002Fspywarethreatswidget.php",[],[],[],{"cssClasses":209,"htmlComments":210,"htmlAttributes":211,"restEndpoints":212,"jsGlobals":213,"shortcodeOutput":214},[],[],[],[],[],[]]