[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsHnGk12M0Ue4ZPxCqvGeNuT-PgYqmF6Csq_ETg91qhg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":131,"fingerprints":188},"gp-user-login-with-email-id","Gp user Login With EMail-ID","1.0.1","Ganesh Paygude","https:\u002F\u002Fprofiles.wordpress.org\u002Fganeshpaygude\u002F","\u003Cp>Allow user to login with their Email ID OR Username.\u003C\u002Fp>\n\u003Cp>Major features in Gp user Login With EMail-ID include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setting option checkbox allow to Login with Email ID associated with the user account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","Allow user to login with their Email ID.",10,1565,0,"2020-12-28T10:21:00.000Z","5.6.17","4.9","",[19,20,21,22],"auth","authentication","email","email-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-user-login-with-email-id.1.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"ganeshpaygude",6,120,88,30,86,"2026-04-04T06:09:56.608Z",[37,53,72,90,112],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":51,"download_link":52,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"second-factor","Second Factor","1.0","apokalyptik","https:\u002F\u002Fprofiles.wordpress.org\u002Fapokalyptik\u002F","\u003Cp>This plugin prevents logged in users from doing anything on your wordpress.org blog until they have verified their second factor of authentication.  The process goes like this:\u003C\u002Fp>\n\u003Col>\n\u003Cli>A user logs into your blog.\n\u003Cul>\n\u003Cli>Behind the scenes a bunch of cryptographic stuff happens and a key is generated and attached to that user. The key is overwritten with a new one every single time they log in. This key is emailed to that user (via the email address the user is registered under.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>The user gets the email with the code.\u003C\u002Fli>\n\u003Cli>The user then enters the code at the page which is now presented to them when they are trying to access your blog\n\u003Cul>\n\u003Cli>Behind the scenes the token is checked for validity, and a cookie is added to the users session.  They are now allowed access to your blog.  If the key changes (the user logs out, or is required to log in again) the cookie that they may have been using will no longer be valid and they will be asked to enter the new one that they get via email.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Require secondary authentication for registered user access",1996,"2010-11-18T22:29:00.000Z","3.1.4","3.0.1",[50],"authentication-security-email-login-notification-factor","http:\u002F\u002Fwordpress.org\u002F#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecond-factor.1.0.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":13,"downloaded":61,"rating":13,"num_ratings":13,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":17,"download_link":71,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"emlg-tfa","EMLG TFA","1.1","wprj","https:\u002F\u002Fprofiles.wordpress.org\u002Fwprj\u002F","\u003Cp>When logging in, users will be required to enter a verification code that is sent to the email address associated with their WordPress account.\u003C\u002Fp>\n\u003Cp>The feature will not actually be active after the plugin installation, until one site administrator managed to successfully send a test email.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Cem>Login email template\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can edit the template used when sending the login email to match your site design. But the template must contain the \u003Ccode>%CODE%\u003C\u002Fcode> placeholder otherwise it will not be saved. This string will be replaced by the actual code when a user log into your site\u003C\u002Fp>\n","Two-factor authentication via out of band email",882,"2023-02-24T09:00:00.000Z","6.1.10","6.0","7.4",[67,68,22,69,70],"2-factor-authentication","2fa","email-two-factor-authentication","login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femlg-tfa.1.1.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":13,"num_ratings":13,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":88,"download_link":89,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"force-login-with-email","Force Login With Email","1.0.5","MarcosAlexandre","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcosalexandre\u002F","\u003Cp>Force Login With Email is a fork of the Email Login Auth plugin. It is a very simple WordPress plugin, which allows users to login with their account email address. Just install, activate it and try to re-login! You can also disable login with username for all users or for ‘admin’ only.\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>After installation, enable the plugin.\u003C\u002Fli>\n\u003Cli>Now you and your users will be able to login using their account e-mail address!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>This version of the \u003Cstrong>Force Login With Email\u003C\u002Fstrong> plugin was developed without any connection with the previous developer and we count on your help to improve the code and operation of this plugin.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>Compatible since version 4.0.x of WordPress.\u003Cbr \u002F>\nCompatible since version 3.0.x of WooCommerce.\u003C\u002Fp>\n\u003Ch3>Doubts?\u003C\u002Fh3>\n\u003Cp>You can ask questions by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email\u002Fissues\u002F\" rel=\"nofollow ugc\">forum on Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Creating a topic in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fforce-login-with-email\u002F\" rel=\"ugc\">WordPress help forum\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is a fork that implements internationalization and continues the excellent plugin developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmikk_cz\u002F\" rel=\"nofollow ugc\">Michal Stanke\u003C\u002Fa> in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-login-auth\u002F\" rel=\"ugc\">Email Login Auth\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Banner:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbr.freepik.com\u002Ffotos-vetores-gratis\u002Ffundo\u002F\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Icon:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbr.freepik.com\u002Ffotos-vetores-gratis\u002Fnegocio\u002F\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>You can contribute source code on our page at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email\u002Fissues\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Enable login in WordPress only with user e-mail address.",200,8775,"2020-07-13T23:52:00.000Z","5.4.19","4.0","5.6",[20,21,70,87],"username","https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-login-with-email.1.0.5.zip",{"slug":91,"name":92,"version":40,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":64,"requires_php":103,"tags":104,"homepage":109,"download_link":110,"security_score":111,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"mailsure","Mailsure","corytrevor","https:\u002F\u002Fprofiles.wordpress.org\u002Fcorytrevor\u002F","\u003Ch3>Test email sending, SPF, DKIM & DMARC\u003C\u002Fh3>\n\u003Cp>Mailsure provides a simple one-click email authentication test to check if WordPress is able to send properly authenticated emails.\u003C\u002Fp>\n\u003Cp>Also included:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send a test email to any address\u003C\u002Fli>\n\u003Cli>Mail server IP blacklist check via \u003Ca href=\"https:\u002F\u002Fmxtoolbox.com\u002F\" rel=\"nofollow ugc\">MXToolbox\u003C\u002Fa>. View their privacy policy \u003Ca href=\"https:\u002F\u002Fmxtoolbox.com\u002Fprivacypolicy.aspx\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin settings are in Tools -> Mailsure\u003C\u002Fp>\n","Test email sending, SPF, DKIM & DMARC",50,786,100,1,"2024-07-12T10:18:00.000Z","6.5.8","7.1",[105,106,21,107,108],"dkim","dmarc","email-authentication","test-email","https:\u002F\u002Fmailsure.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailsure.1.0.zip",92,{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":33,"downloaded":120,"rating":121,"num_ratings":100,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":65,"tags":125,"homepage":17,"download_link":130,"security_score":99,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"email-otp-login","Email OTP Login","1.0.0","Tushar Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fricheal\u002F","\u003Cp>Email OTP Login adds an additional layer of security to your WordPress site by requiring users to verify an OTP sent to their email after entering their username and password. This ensures that only users with access to the registered email can log in.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email OTP verification during \u003Cstrong>login\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>OTP expires in 5 minutes (configurable).\u003C\u002Fli>\n\u003Cli>OTP stored securely using WordPress password hashing.\u003C\u002Fli>\n\u003Cli>Works with the default WordPress login form.\u003C\u002Fli>\n\u003Cli>Uses WordPress built-in \u003Ccode>wp_mail()\u003C\u002Fcode> function (works with SMTP plugins).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin does \u003Cstrong>not modify WordPress core files\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 or later.\u003C\u002Fp>\n\u003Cp>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n","Adds OTP (One-Time Password) verification after login for enhanced security in WordPress. OTP is sent to the user's email.",403,60,"2025-08-29T18:30:00.000Z","6.8.5","6.3",[126,70,127,128,129],"email-verification","otp","security","two-factor-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-otp-login.1.0.0.zip",{"attackSurface":132,"codeSignals":165,"taintFlows":175,"riskAssessment":176,"analyzedAt":187},{"hooks":133,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":13,"unprotectedCount":13},[134,140,144,148,151,157],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","plugins_loaded","gpel_plugin_setup","index.php",11,{"type":135,"name":141,"callback":142,"file":138,"line":143},"admin_menu","gpel_plugin_create_menu",36,{"type":135,"name":145,"callback":146,"file":138,"line":147},"admin_init","gpel_register_plugin_settings",46,{"type":135,"name":149,"callback":150,"file":138,"line":32},"wp_authenticate","gpel_login_with_email_address",{"type":152,"name":153,"callback":154,"priority":155,"file":138,"line":156},"filter","gettext","gpel_username_label_change",20,91,{"type":135,"name":158,"callback":159,"file":138,"line":160},"login_head","gpel_login_function",101,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":174},[],{"prepared":13,"raw":13,"locations":168},[],{"escaped":13,"rawEcho":100,"locations":170},[171],{"file":138,"line":172,"context":173},68,"raw output",[],[],{"summary":177,"deductions":178},"The 'gp-user-login-with-email-id' plugin version 1.0.1 exhibits a generally positive security posture based on the provided static analysis.  The absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points significantly limits the external attack surface. Furthermore, the plugin utilizes prepared statements for all SQL queries and reports no critical or high severity taint flows, indicating good practices in handling sensitive data and database interactions. The lack of recorded vulnerabilities in its history is also a strong positive indicator.",[179,182,185],{"reason":180,"points":181},"Unescaped output found",4,{"reason":183,"points":184},"No nonce checks on entry points",5,{"reason":186,"points":184},"No capability checks on entry points","2026-03-17T00:52:22.946Z",{"wat":189,"direct":195},{"assetPaths":190,"generatorPatterns":192,"scriptPaths":193,"versionParams":194},[191],"\u002Fwp-content\u002Fplugins\u002Fgp-user-login-with-email-id\u002Fimages\u002Femail-icon.png",[],[],[],{"cssClasses":196,"htmlComments":199,"htmlAttributes":200,"restEndpoints":203,"jsGlobals":204,"shortcodeOutput":205},[197,198],"wrap","form-table",[],[201,202],"id='gpel_allow_email_login'","name='gpel_allow_email_login'",[],[],[]]