[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyXZWf9ofjl-V8cP4UcWnbcp8eaJ9pYXTu6J5HSexEsM":3,"$fhK5ozBRz4m3DdEhE-5XFTLDbd05oH2Xm6XSB2R6ateg":246,"$fXEDTPsjIemIw9zF9EOKKd3-PhCezfVxWlrG7Jp-XWlo":250},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":14,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":37,"analysis":134,"fingerprints":221},"grumpy-ai-gate","Grumpy AI Gate","1.0.1","Lars Koudal","https:\u002F\u002Fprofiles.wordpress.org\u002Flkoudal\u002F","\u003Cp>\u003Cstrong>Grumpy AI Gate\u003C\u002Fstrong> helps you stay in control as AI features spread across WordPress. It \u003Cstrong>observes and intercepts\u003C\u002Fstrong> outbound HTTP \u003Cstrong>that other code on your site already initiates\u003C\u002Fstrong> (plugins, themes, or core)—so you can see \u003Cstrong>which plugin\u003C\u002Fstrong> was involved, \u003Cstrong>how much\u003C\u002Fstrong> activity you are seeing (including helpful estimates), and \u003Cstrong>optionally stop\u003C\u002Fstrong> unwanted \u003Cstrong>WordPress AI Client\u003C\u002Fstrong> traffic for specific plugins. \u003Cstrong>This plugin does not\u003C\u002Fstrong> call external AI APIs for its own dashboard, analytics, or licensing. Nothing is sent to us or to a third-party analytics service.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why use it\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visibility\u003C\u002Fstrong> — Dashboard summaries, a per-plugin usage table, and a request log so surprises become visible early.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Spend awareness\u003C\u002Fstrong> — When other software calls paid APIs, usage adds up. Logging helps you notice patterns before invoices or quotas become a problem.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safer sharing\u003C\u002Fstrong> — Knowing what leaves your server makes it easier to decide what belongs in prompts and what does not.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optional blocking\u003C\u002Fstrong> — For paths that use WordPress’s AI Client, you can block generations from selected plugins under \u003Cstrong>Grumpy AI Gate \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings\u003C\u002Fstrong> (save to apply).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>How it works\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>When the \u003Cstrong>WordPress AI Client\u003C\u002Fstrong> is available, the plugin records those requests from core lifecycle hooks (other code still drives the actual generation).\u003C\u002Fli>\n\u003Cli>For \u003Cstrong>HTTP fallback\u003C\u002Fstrong>, Grumpy AI Gate \u003Cstrong>hooks WordPress’s HTTP API\u003C\u002Fstrong> (for example \u003Ccode>pre_http_request\u003C\u002Fcode>) to \u003Cstrong>inspect requests that are already in flight\u003C\u002Fstrong>. If a URL matches \u003Cstrong>built-in recognition rules\u003C\u002Fstrong> for major AI providers, a log row can be stored. \u003Cstrong>Grumpy AI Gate does not open those connections for its own purposes\u003C\u002Fstrong>—it only filters and classifies traffic \u003Cstrong>initiated elsewhere\u003C\u002Fstrong> on the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>HTTP fallback does not block\u003C\u002Fstrong> outbound API calls in the current release—it is there so you still get visibility when plugins talk to providers \u003Cstrong>directly over HTTP\u003C\u002Fstrong> instead of (or in addition to) AI Client flows.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Compatibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin requires \u003Cstrong>WordPress 7.0+\u003C\u002Fstrong> (matches \u003Cstrong>Requires at least\u003C\u002Fstrong> in the plugin header). On WordPress \u003Cstrong>7.x\u003C\u002Fstrong>, it works with \u003Cstrong>core AI Client\u003C\u002Fstrong> functionality where available. Release testing included \u003Cstrong>WordPress 7.0 Beta 5\u003C\u002Fstrong>. \u003Cstrong>HTTP fallback\u003C\u002Fstrong> remains important on every supported version—it records calls to \u003Cstrong>recognized provider endpoints\u003C\u002Fstrong> that \u003Cstrong>other plugins\u003C\u002Fstrong> make \u003Cstrong>directly over HTTP\u003C\u002Fstrong>, which is still common alongside (or instead of) AI Client–based flows.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Everything is stored \u003Cstrong>locally in your WordPress database\u003C\u002Fstrong>. There is no cloud account, no telemetry, and no third-party analytics from this plugin.\u003C\u002Fp>\n\u003Cp>For technical details on logging, double-counting avoidance, and blocking limits, see the \u003Cstrong>FAQ\u003C\u002Fstrong> below.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> rely on third-party AI APIs, remote analytics, or any external service \u003Cstrong>for its own features\u003C\u002Fstrong>. All logging and settings stay on your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Provider names and URL patterns\u003C\u002Fstrong> included with the plugin are \u003Cstrong>local matching rules\u003C\u002Fstrong> only. They let Grumpy AI Gate \u003Cstrong>filter and classify\u003C\u002Fstrong> outbound HTTP requests that \u003Cstrong>plugins, themes, or WordPress core\u003C\u002Fstrong> may already be sending. They are \u003Cstrong>not\u003C\u002Fstrong> a list of servers this plugin calls to power the admin UI or to “phone home.”\u003C\u002Fp>\n\u003Cp>Your site may still contact third-party AI providers when \u003Cstrong>you or other software\u003C\u002Fstrong> use AI features—that traffic is separate from this plugin’s own network use (which does not include calling those providers for monitoring).\u003C\u002Fp>\n","Intercept and log AI-related HTTP from plugins\u002Fthemes; optional AI Client blocking. All data stays on your server.",0,91,"2026-04-08T00:43:00.000Z","7.0","7.4",[17,18,19,20,21],"admin","ai","monitoring","privacy","security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgrumpy-ai-gate\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrumpy-ai-gate.1.0.1.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"lkoudal",4,20590,96,932,76,"2026-05-19T21:15:05.845Z",[38,59,76,96,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":11,"num_ratings":11,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"update-notifier","Update Notifier","1.4.1","Jon Cave","https:\u002F\u002Fprofiles.wordpress.org\u002Fduck_\u002F","\u003Cp>If you don’t check your admin panel on your WordPress install very often (maybe because you prefer to use remote publishing) or you want to make sure\u003Cbr \u002F>\nthat your clients’ WordPress installations are updated, then this is the plugin for you. You don’t have to login to your admin panel regularly,\u003Cbr \u002F>\nsuscribe to an RSS feed, or do anything apart from installing this plugin to be notified when an update to WordPress is released.\u003C\u002Fp>\n\u003Cp>All you have to do is install Update Notifier and forget it until you receive an email telling you to update.\u003C\u002Fp>\n\u003Cp>To change Update Notifier’s options, go to Update Notifier under the main Settings menu. From there you can add a secondary email address\u003Cbr \u002F>\nwhich will also receive update notifications and you can activate update notifications for themes and plugins.\u003C\u002Fp>\n","Sends email notifications if a new version of WordPress available. Notifications about updates for plugins and themes can also be sent.",700,18185,"2010-09-20T12:13:00.000Z","3.0.5","3.0","",[17,53,54,21,55],"email","notification","upgrade","http:\u002F\u002Flionsgoroar.co.uk\u002Fwordpress\u002Fupdate-notifier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupdate-notifier.1.4.1.zip",85,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":24,"num_ratings":31,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":51,"tags":72,"homepage":74,"download_link":75,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"logout-clear-cookies","Logout Clear Cookies","0.2","Joel","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoelhardi\u002F","\u003Cp>This is an extremely simple plugin (one line of code!) that deletes all domain cookies whenever a user logs out of your WordPress site, and then redirects the user to the site homepage.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why?\u003C\u002Fstrong> Because by default, WordPress sets a number of cookies that it doesn’t remove on its own when you log out.\u003C\u002Fp>\n\u003Cp>There are security and privacy benefits, because if there are vulnerabilities in WordPress or in your browser, or if someone has access to your computer or device, they may be able to access these cookies. (That goes for you or for anyone who logs into your site to add a post or comment.)\u003C\u002Fp>\n\u003Cp>Likewise, when a user logs out of your site using a public or shared computer, there won’t be any domain cookies left behind.\u003C\u002Fp>\n\u003Cp>The plugin also gives you back the “regular user view” of your site, because after you log out you can browse your site as an anonymous user, without having to manually clear cookies in your browser. (There are many plugins that will display different content or show cached or uncached versions of pages if they see that WordPress cookies have been set.)\u003C\u002Fp>\n","Clears all domain cookies on logout. Because leaving a trail of cookies is bad.",500,9057,"2023-11-08T14:46:00.000Z","6.4.8","3.7",[17,73,20,21],"cookie","https:\u002F\u002Flyncd.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogout-clear-cookies.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":51,"tags":91,"homepage":94,"download_link":95,"security_score":58,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"wp-pgp-encrypted-emails","WP PGP Encrypted Emails","0.8.0","Meitar","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeitar\u002F","\u003Cp>WP PGP Encrypted Emails can automatically sign and encrypt any email that WordPress sends to your site’s admin email address or your users’s email addresses. You give it a copy of the recipient’s OpenPGP public key and\u002For their S\u002FMIME certificate, and it does the rest. You can even automatically generate an OpenPGP signing keypair for your site to use.\u003C\u002Fp>\n\u003Cp>Encrypting outgoing emails protects your user’s privacy by ensuring that emails intended for them can be read only by them, and them alone. Moreover, signing those emails helps your users verify that email they receive purporting to be from your site was \u003Cem>actually\u003C\u002Fem> sent by your server, and not some imposter. If you’re a plugin or theme developer, you can encrypt and\u002For sign \u003Cem>arbitrary data\u003C\u002Fem> using this plugin’s OpenPGP and S\u002FMIME APIs, which are both built with familiar, standard WordPress filter hooks. This enables you to develop highly secure communication and publishing tools fully integrated with your WordPress install. See the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002F#readme\" rel=\"nofollow ugc\">\u003Ccode>README.markdown\u003C\u002Fcode>\u003C\u002Fa> file for details on cryptographic implementation and API usage.\u003C\u002Fp>\n\u003Cp>\u003Cem>Donations for this and my other free software plugins make up a chunk of my income. If you continue to enjoy this plugin, please consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>. 🙂 Thank you for your support!\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Plugin features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Processes \u003Cem>all\u003C\u002Fem> email your site generates, automatically and transparently.\u003C\u002Fli>\n\u003Cli>Configure outbound signing: sign email sent to \u003Cem>all\u003C\u002Fem> recipients, or just savvy ones.\u003C\u002Fli>\n\u003Cli>Per-user encryption keys and certificates; user manages their own OpenPGP keys and S\u002FMIME certificates.\u003C\u002Fli>\n\u003Cli>Compatible with thousands (yes, thousands) of third-party contact form plugins.\u003C\u002Fli>\n\u003Cli>Full interoperability with all standards-compliant OpenPGP and S\u002FMIME implementations.\u003C\u002Fli>\n\u003Cli>Options to enforce further privacy best practices (e.g., removing \u003Ccode>Subject\u003C\u002Fcode> lines).\u003C\u002Fli>\n\u003Cli>Fully multisite compatible, out of the box. No additional configuration for large networks!\u003C\u002Fli>\n\u003Cli>No binaries to install or configure; everything you need is in the plugin itself.\u003C\u002Fli>\n\u003Cli>Bells and whistles included! For instance, visitors can encrypt comments on posts so only the author can read them.\u003C\u002Fli>\n\u003Cli>Built-in, customizable integration with popular third-party plugins, such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Always \u003Cstrong>FREE\u003C\u002Fstrong>. Replaces paid email encryption “upgrades,” and gets rid of yearly subscription fees. (\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">Donations\u003C\u002Fa> appreciated!)\u003C\u002Fli>\n\u003Cli>And \u003Cem>more\u003C\u002Fem>, of course. 😉\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin works transparently for \u003Cem>all email\u003C\u002Fem> your site generates, and will also sign and encrypt outgoing email generated by other plugins (such as contact form plugins) or the built-in WordPress notification emails. All you have to do is add one or more OpenPGP keys or an S\u002FMIME certificate to the Email Encryption screen (WordPress Admin Dashboard → Settings → Email Encryption). Each user can opt to also remove envelope information such as email subject lines, which encryption schemes cannot protect. With this plugin, there’s no longer any need to pay for the “pro” version of your favorite contact form plugin to get the benefit of email privacy.\u003C\u002Fp>\n\u003Cp>Each of your site’s users can supply their own, personal OpenPGP public key and\u002For X.509 S\u002FMIME certificate for their own email address to have WordPress automatically encrypt any email destined for them. (They merely need to update their user profile.) They can choose which encryption method to use. Once set up, all future emails WordPress sends to that user will be encrypted using the standards-based OpenPGP or S\u002FMIME technologies.\u003C\u002Fp>\n\u003Cp>The OpenPGP-encrypted emails can be decrypted by any OpenPGP-compatible mail client, such as \u003Ca href=\"https:\u002F\u002Fgpgtools.org\u002F\" rel=\"nofollow ugc\">MacGPG\u003C\u002Fa> (macOS), \u003Ca href=\"https:\u002F\u002Fwww.gpg4win.org\u002F\" rel=\"nofollow ugc\">GPG4Win\u003C\u002Fa> (Windows), \u003Ca href=\"https:\u002F\u002Fwww.enigmail.net\u002F\" rel=\"nofollow ugc\">Enigmail\u003C\u002Fa> (cross-platform), \u003Ca href=\"https:\u002F\u002Fopenkeychain.org\u002F\" rel=\"nofollow ugc\">OpenKeychain\u003C\u002Fa> (Android), or \u003Ca href=\"https:\u002F\u002Fipgmail.com\u002F\" rel=\"nofollow ugc\">iPGMail\u003C\u002Fa> (iPhone\u002FiOS). For more information on reading encrypted emails, generating keys, and other uses for OpenPGP-compatible encryption, consult any (or all!) of the following guides:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fssd.eff.org\u002Fen\u002Fmodule\u002Fintroduction-public-key-cryptography-and-pgp\" rel=\"nofollow ugc\">The Electronic Frontier Foundation’s Surveillance Self-Defense guide to PGP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhelp.riseup.net\u002Fen\u002Fgpg-best-practices\" rel=\"nofollow ugc\">RiseUp.net’s OpenPGP best practices guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.openpgp.org\u002F\" rel=\"nofollow ugc\">OpenPGP.org\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The S\u002FMIME-encrypted emails can be decrypted by any S\u002FMIME-compatible mail client. These include \u003Ca href=\"http:\u002F\u002Fsiber-sonic.com\u002Fmac\u002FMailSMIME\u002F\" rel=\"nofollow ugc\">Apple’s Mail on macOS\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fsupport.apple.com\u002Fen-au\u002FHT202345\" rel=\"nofollow ugc\">iOS for iPhone and iPad\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fsupport.office.com\u002Fen-us\u002Farticle\u002FEncrypt-messages-by-using-S-MIME-in-Outlook-Web-App-2E57E4BD-4CC2-4531-9A39-426E7C873E26\" rel=\"nofollow ugc\">Microsoft Outlook\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.claws-mail.org\u002Ffaq\u002Findex.php\u002FS\u002FMIME_howto\" rel=\"nofollow ugc\">Claws Mail for GNU\u002FLinux\u003C\u002Fa>, and more.\u003C\u002Fp>\n\u003Cp>For developers, WP PGP Encrypted Emails provides \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002Fblob\u002Fdevelop\u002FREADME.markdown#openpgp-api\" rel=\"nofollow ugc\">an easy to use API to both OpenPGP\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails\u002Fblob\u002Fdevelop\u002FREADME.markdown#smime-api\" rel=\"nofollow ugc\">S\u002FMIME\u003C\u002Fa> encryption, decryption, and integrity validation operations through the familiar \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\" rel=\"nofollow ugc\">WordPress plugin API\u003C\u002Fa> so you can use this plugin’s simple filter hooks to build custom OpenPGP- or S\u002FMIME-based encryption functionality into your own plugins and themes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Disclaimer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security is a process, not a product. Using WP PGP Encrypted Emails does not guarantee that your site’s outgoing messages are invulnerable to every attacker, in every possible scenario, at all times. No single security measure, in isolation, can do that.\u003C\u002Fp>\n\u003Cp>Do not rely solely on this plugin for the security or privacy of your webserver. See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-pgp-encrypted-emails\u002Ffaq\u002F\" rel=\"ugc\">Frequently Asked Questions\u003C\u002Fa> for more security advice and for more information about the rationale for this plugin.\u003Cbr \u002F>\nIf you like this plugin, \u003Cstrong>please consider \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WP%20PGP%20Encrypted%20Emails&item_number=wp-pgp-encrypted-emails&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa> for your use of the plugin\u003C\u002Fstrong> or, better yet, contributing directly to \u003Ca href=\"http:\u002F\u002FCyberbusking.org\u002F\" rel=\"nofollow ugc\">my Cyberbusking fund\u003C\u002Fa>. Your support is appreciated!\u003C\u002Fp>\n\u003Ch4>Themeing\u003C\u002Fh4>\n\u003Cp>Theme authors can use the following code snippets to integrate a WordPress theme with this plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>To link to a site’s OpenPGP signing public key: \u003Ccode>\u003C?php print admin_url( 'admin-ajax.php?action=download_pgp_signing_public_key' ); ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin hooks\u003C\u002Fh4>\n\u003Cp>This plugin offers additional functionality intended for other plugin developers or theme authors to make use of. This functionality is documented here.\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Ch4>`wp_user_encryption_method`\u003C\u002Fh4>\n\u003Cp>Gets the user’s preferred encryption method (either \u003Ccode>pgp\u003C\u002Fcode> or \u003Ccode>smime\u003C\u002Fcode>), if they have provided both an OpenPGP public key and an S\u002FMIME certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`wp_openpgp_user_key`\u003C\u002Fh4>\n\u003Cp>Gets the user’s saved OpenPGP public key from their WordPress profile data, immediately usable in other \u003Ccode>openpgp_*\u003C\u002Fcode> filters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`openpgp_enarmor`\u003C\u002Fh4>\n\u003Cp>Gets an ASCII-armored representation of an OpenPGP data structure (like a key, or an encrypted message).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to be armored.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$marker\u003C\u002Fcode> – The marker of the block (the text that follows \u003Ccode>-----BEGIN\u003C\u002Fcode>). Defaults to \u003Ccode>MESSAGE\u003C\u002Fcode>, but you should set this to a more appropriate value. If you are armoring a PGP public key, for instance, set this to \u003Ccode>PGP PUBLIC KEY BLOCK\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string[]\u003C\u002Fcode> \u003Ccode>$headers\u003C\u002Fcode> – An array of strings to apply as headers to the ASCII-armored block, usually used to insert comments or identify the OpenPGP client used. Defaults to \u003Ccode>array()\u003C\u002Fcode> (no headers).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: ASCII-armor a binary public key.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$ascii_key = apply_filters('openpgp_enarmor', $public_key, 'PGP PUBLIC KEY BLOCK');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_key`\u003C\u002Fh4>\n\u003Cp>Gets a binary OpenPGP public key for use in later PGP operations from an ASCII-armored representation of that key.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$key\u003C\u002Fcode> – The ASCII-armored PGP public key block.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Get a key saved as an ASCII string in the WordPress database option \u003Ccode>my_plugin_pgp_public_key\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$key = apply_filters('openpgp_key', get_option('my_plugin_pgp_public_key'));\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign`\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.gnupg.org\u002Fgph\u002Fen\u002Fmanual\u002Fx135.html#AEN152\" rel=\"nofollow ugc\">Clearsigns\u003C\u002Fa> a message using a given private key.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The message data to sign.\u003C\u002Fli>\n\u003Cli>\u003Ccode>OpenPGP_SecretKeyPacket\u003C\u002Fcode> \u003Ccode>$signing_key\u003C\u002Fcode> – The signing key to use, obtained by passing the ASCII-armored private key through the \u003Ccode>openpgp_key\u003C\u002Fcode> filter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Sign a short string.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$message = 'This is a message to sign.';\n$signing_key = apply_filters('openpgp_key', $ascii_key);\n$signed_message = apply_filters('openpgp_sign', $message, $signing_key);\n\u002F\u002F $signed_message is now a clearsigned message\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_encrypt`\u003C\u002Fh4>\n\u003Cp>Encrypts data to one or more PGP public keys or passphrases.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – Data to encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>array|string\u003C\u002Fcode> \u003Ccode>$keys\u003C\u002Fcode> – Passphrases or keys to use to encrypt the data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Encrypt the content of a blog post.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002F First, get the PGP public key(s) of the recipient(s)\n$ascii_key = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n[...snipped for length...]\n-----END PGP PUBLIC KEY BLOCK-----';\n$encryption_key = apply_filters('openpgp_key', $ascii_key);\n$encrypted_post = apply_filters('openpgp_encrypt', $post->post_content, $encryption_key);\n\u002F\u002F Now you can safely send or display $encrypted_post anywhere you like and only\n\u002F\u002F those who control the corresponding private key(s) can decrypt it.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign`\u003C\u002Fh4>\n\u003Cp>Signs a message (arbitrary data) with the given private key.\u003C\u002Fp>\n\u003Cp>Note that if your plugin uses the built-in WordPress core \u003Ccode>wp_mail()\u003C\u002Fcode> function and this plugin is active, your plugin’s outgoing emails are already automatically signed so you do not need to do anything. This filter is intended for use by plugin developers who want to create custom, trusted communiques between WordPress and some other system.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to sign.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>OpenPGP_SecretKeyPacket\u003C\u002Fcode> \u003Ccode>$privatekey\u003C\u002Fcode> – The private key used for signing the message. The default is to use the private key automatically generated during plugin activation. The automatically generated keypair is intended to be a low-trust, single-purpose keypair for your website itself, so you probably do not need or want to use this argument yourself.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: Send a signed, encrypted JSON payload to a remote, insecure server.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$comment_data = get_comment(2); \u002F\u002F get a WP_Comment object with comment ID 2\n\u002F\u002F Create JSON payload\n$json = array('success' => true, 'action' => 'new_comment', 'data' => $comment_data);\n$url = 'http:\u002F\u002Finsecure.example.com\u002F';\n$response = wp_safe_remote_post($url, array(\n));\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>`openpgp_sign_and_encrypt`\u003C\u002Fh4>\n\u003Cp>A convenience filter that applies \u003Ccode>openpgp_sign\u003C\u002Fcode> and then \u003Ccode>openpgp_encrypt\u003C\u002Fcode> to the result.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$data\u003C\u002Fcode> – The data to sign and encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$signing_key\u003C\u002Fcode> – The signing key to use.\u003C\u002Fli>\n\u003Cli>\u003Ccode>array|string\u003C\u002Fcode> \u003Ccode>$recipient_keys_and_passphrases\u003C\u002Fcode> – Public key(s) of the recipient(s), or passphrases to encrypt to.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`wp_openpgp_user_key`\u003C\u002Fh4>\n\u003Cp>Gets the user’s saved S\u002FMIME public certificate from their WordPress profile data, immediately usable in other \u003Ccode>smime_*\u003C\u002Fcode> filters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Optional arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>WP_User\u003C\u002Fcode> \u003Ccode>$user\u003C\u002Fcode> – The WordPress user object. Defaults to the current user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_certificate`\u003C\u002Fh4>\n\u003Cp>Gets a PHP resource handle to an X.509 Certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>mixed\u003C\u002Fcode> \u003Ccode>$cert\u003C\u002Fcode> – The certificate, either as a string to a file, or raw PEM-encoded certificate data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_certificate_pem_encode`\u003C\u002Fh4>\n\u003Cp>Encodes (“exports”) a given X.509 certificate as PEM format.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>resource\u003C\u002Fcode> \u003Ccode>$cert\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>`smime_encrypt`\u003C\u002Fh4>\n\u003Cp>Encrypts a message as an S\u002FMIME email given a public certificate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Required arguments:\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>$message\u003C\u002Fcode> – The message contents to encrypt.\u003C\u002Fli>\n\u003Cli>\u003Ccode>string|string[]\u003C\u002Fcode> \u003Ccode>$headers\u003C\u002Fcode> – The message headers for the encrypted part.\u003C\u002Fli>\n\u003Cli>\u003Ccode>resource|array\u003C\u002Fcode> \u003Ccode>$certificates\u003C\u002Fcode> – The recipient’s certificate, or an array of recipient certificates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This filter returns an array with two keys, \u003Ccode>headers\u003C\u002Fcode> and \u003Ccode>message\u003C\u002Fcode>, wherein the message is encrypted.\u003C\u002Fp>\n\u003Cp>Example: send an encrypted email via \u003Ccode>wp_mail()\u003C\u002Fcode>. (You do not need to do this if the recipient is registered as your site’s user, because this plugin does that automatically. Only do this if you need to send S\u002FMIME encrypted email to an address not stored in WordPress’s own database.)\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$cert = apply_filters( 'smime_certificate', get_option( 'my_plugin_smime_certificate' ) );\n$body = 'This is a test email message body.';\n$head = array(\n    'From' => get_option( 'admin_email' ),\n);\n$smime_data = apply_filters( 'smime_encrypt', $body, $head, $cert );\nif ( $smime_data ) {\n    wp_mail(\n        'recipient@example.com',\n        'Test message.',\n        $smime_data['message'], \u002F\u002F message is sent encrypted\n        $smime_data['headers']\n    );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Signs and encrypts emails using PGP\u002FGPG keys or X.509 certificates. Provides OpenPGP and S\u002FMIME functions via WordPress plugin API.",400,26121,92,16,"2021-05-25T19:04:00.000Z","5.7.15","4.4",[53,92,93,20,21],"encryption","pgp","https:\u002F\u002Fgithub.com\u002Ffabacab\u002Fwp-pgp-encrypted-emails","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-pgp-encrypted-emails.0.8.0.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":24,"downloaded":104,"rating":24,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":15,"tags":109,"homepage":113,"download_link":114,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"fail2wp","Fail2WP","1.2.6","joho68","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoho68\u002F","\u003Cp>This WordPress plugin provides security functionality and integration with fail2ban.\u003C\u002Fp>\n\u003Cp>It does not require fail2ban to function.\u003C\u002Fp>\n\u003Cp>Basic security functionality includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disabling login with username (require e-mail address)\u003C\u002Fli>\n\u003Cli>Allow\u002FDeny login from IP address, hostname (including wildcard support)\u003C\u002Fli>\n\u003Cli>Preventing user enumeration (?author=nnn)\u003C\u002Fli>\n\u003Cli>Less detailed error messages on login failures\u003C\u002Fli>\n\u003Cli>Minimum username length\u003C\u002Fli>\n\u003Cli>Blocking specific usernames from being used to register new users\u003C\u002Fli>\n\u003Cli>Requiring e-mail address matching for new user registrations\u003C\u002Fli>\n\u003Cli>Warning about new user role setting\u003C\u002Fli>\n\u003Cli>Blocking of portions or all of WordPress REST API\u003C\u002Fli>\n\u003Cli>Disabling of RSS and Atom feeds\u003C\u002Fli>\n\u003Cli>Removal of “Generator” information from HTML and feeds\u003C\u002Fli>\n\u003Cli>Detection of Cloudflare IP addresses for logging of actual IP addresses\u003C\u002Fli>\n\u003Cli>Blocking\u002FAllowing logins from IP addresses, IP ranges, and\u002For hostnames\u003C\u002Fli>\n\u003Cli>Partially or fully disable XMLRPC access\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin also plays nicely with Fail2ban, which is an advanced way of blocking IP addresses dynamically upon suspicious behavior.\u003C\u002Fp>\n\u003Cp>Other notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin \u003Cstrong>may\u003C\u002Fstrong> work with earlier versions of WordPress\u003C\u002Fli>\n\u003Cli>This plugin has been tested with \u003Cstrong>WordPress 5.5+ and 6.x\u003C\u002Fstrong> at the time of this writing\u003C\u002Fli>\n\u003Cli>This plugin has been tested with \u003Cstrong>PHP 7.4, 8.1, 8.2, and 8.3\u003C\u002Fstrong> at the time of this writing\u003C\u002Fli>\n\u003Cli>Local syntax\u002Fruntime compatibility checks have also been run on \u003Cstrong>PHP 8.4\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>This plugin optionally makes use of \u003Ccode>mb_\u003C\u002Fcode> PHP functions\u003C\u002Fli>\n\u003Cli>This plugin may create entries in your PHP error log (if active)\u003C\u002Fli>\n\u003Cli>This plugin contains no Javascript\u003C\u002Fli>\n\u003Cli>This plugin contains no tracking code and does not store any information about users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The Fail2WP Plugin was written by Joaquim Homrighausen while converting caffeine into code.\u003C\u002Fp>\n\u003Cp>Fail2WP is sponsored by \u003Ca href=\"https:\u002F\u002Fwebbplatsen.se\" rel=\"nofollow ugc\">WebbPlatsen i Sverige AB\u003C\u002Fa>, Sweden.\u003C\u002Fp>\n\u003Cp>Copyright 2020-2026 Joaquim Homrighausen; all rights reserved.\u003C\u002Fp>\n\u003Cp>Commercial support and customizations for this plugin is available from WebbPlatsen i Sverige AB in Sweden.\u003C\u002Fp>\n\u003Cp>If you find this plugin useful, the author is happy to receive a donation, good review, or just a kind word.\u003C\u002Fp>\n\u003Cp>If there is something you feel to be missing from this plugin, or if you have found a problem with the code or a feature, please do not hesitate to reach out to support@webbplatsen.se.\u003C\u002Fp>\n\u003Cp>This plugin can also be downloaded from \u003Ca href=\"https:\u002F\u002Fcode.webbplatsen.net\u002Fwordpress\u002Ffail2wp\u002F\" rel=\"nofollow ugc\">code.webbplatsen.net\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjoho1968\u002Ffail2wp\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>More detailed documentation is available at \u003Ca href=\"https:\u002F\u002Fcode.webbplatsen.net\u002Fdocumentation\u002Ffail2wp\u002F\" rel=\"nofollow ugc\">code.webbplatsen.net\u002Fdocumentation\u002Ffail2wp\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Kudos to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftholu\" rel=\"nofollow ugc\">Thomas Lutz\u003C\u002Fa>.\u003C\u002Fp>\n","Security plugin for WordPress with support for fail2ban. Tested with WordPress 5.5+ and PHP 7.4-8.4",3575,2,"2026-03-16T09:34:00.000Z","6.9.4","5.4.0",[17,110,111,112,21],"authentication","fail2ban","firewall","https:\u002F\u002Fcode.webbplatsen.net\u002Fwordpress\u002Ffail2wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffail2wp.1.2.6.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":11,"num_ratings":11,"last_updated":125,"tested_up_to":107,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":132,"download_link":133,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"protect-my-infos","Protect My Infos","1.3.8","Yuga Web","https:\u002F\u002Fprofiles.wordpress.org\u002Fyugaweb\u002F","\u003Cp>\u003Cstrong>Protect My Infos\u003C\u002Fstrong> is a WordPress plugin designed to protect sensitive information, such as phone numbers and email addresses, by obfuscating or hiding them on the frontend of your site.\u003C\u002Fp>\n\u003Cp>Emails and phone numbers are encoded and hidden from bots, while visitors can interact with placeholders to reveal the information.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Obfuscate sensitive information with placeholders, blur effects, or base64 encoding.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[protect_my_infos]\u003C\u002Fcode> shortcode for integration in posts or pages.\u003C\u002Fli>\n\u003Cli>Fully customizable settings for icons, colors, and reveal texts.\u003C\u002Fli>\n\u003Cli>Easy-to-use admin interface.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with the PayPal Donate API to facilitate donations via PayPal’s secure platform.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name\u003C\u002Fstrong>: PayPal Donate API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: To provide a “Donate” button for collecting user donations securely via PayPal.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Donation amount\u003C\u002Fli>\n\u003Cli>Currency\u003C\u002Fli>\n\u003Cli>PayPal Merchant ID\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Data is sent to PayPal only when a user interacts with the “Donate” button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Links\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fus\u002Fwebapps\u002Fmpp\u002Fua\u002Flegalhub-full\" rel=\"nofollow ugc\">PayPal Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fus\u002Fwebapps\u002Fmpp\u002Fua\u002Fprivacy-full\" rel=\"nofollow ugc\">PayPal Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: This plugin does not store or process sensitive personal information. All payment transactions are handled securely by PayPal’s platform.\u003C\u002Fp>\n","Protect sensitive information like emails and phone numbers from bots with advanced obfuscation techniques.",80,980,"2025-12-11T15:33:00.000Z","5.0","7.2",[129,130,131,20,21],"anti-spam","email-obfuscation","phone-number-protection","https:\u002F\u002Fwww.yugaweb.com\u002Fprotect-my-infos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-my-infos.1.3.8.zip",{"attackSurface":135,"codeSignals":197,"taintFlows":216,"riskAssessment":217,"analyzedAt":220},{"hooks":136,"ajaxHandlers":187,"restRoutes":194,"shortcodes":195,"cronEvents":196,"entryPointCount":173,"unprotectedCount":11},[137,143,147,151,155,159,164,170,175,180,184],{"type":138,"name":139,"callback":140,"priority":11,"file":141,"line":142},"action","admin_init","maybe_save_settings_early","includes\u002Fadmin\u002Fclass-admin-menu.php",27,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_menu","register_menu",29,{"type":138,"name":148,"callback":149,"file":141,"line":150},"admin_enqueue_scripts","enqueue_assets",30,{"type":138,"name":152,"callback":153,"file":141,"line":154},"admin_post_gaig_clear_requests_only","handle_clear_requests_only",31,{"type":138,"name":156,"callback":157,"file":141,"line":158},"admin_post_gaig_clear_requests_and_stats","handle_clear_requests_and_stats",32,{"type":138,"name":148,"callback":160,"priority":161,"file":162,"line":163},"enqueue_scripts",10,"includes\u002Fadmin\u002Fclass-request-log-screen.php",26,{"type":165,"name":166,"callback":167,"priority":161,"file":168,"line":169},"filter","wp_ai_client_prevent_prompt","filter_prevent_prompt","includes\u002Fclass-ai-client-monitor.php",46,{"type":138,"name":171,"callback":172,"priority":173,"file":168,"line":174},"init","register_event_listeners",1,47,{"type":138,"name":176,"callback":177,"priority":178,"file":179,"line":163},"plugins_loaded","on_plugins_loaded",5,"includes\u002Fclass-bootstrap.php",{"type":165,"name":181,"callback":182,"priority":161,"file":183,"line":150},"pre_http_request","on_pre_http_request","includes\u002Fclass-http-fallback-monitor.php",{"type":138,"name":185,"callback":186,"priority":161,"file":183,"line":154},"http_api_debug","on_http_api_debug",[188],{"action":189,"nopriv":190,"callback":191,"hasNonce":192,"hasCapCheck":192,"file":162,"line":193},"gaig_request_log",false,"ajax_fetch_page",true,25,[],[],[],{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":202,"fileOperations":11,"externalRequests":11,"nonceChecks":178,"capabilityChecks":173,"bundledLibraries":215},[],{"prepared":200,"raw":11,"locations":201},38,[],{"escaped":203,"rawEcho":31,"locations":204},124,[205,209,211,213],{"file":206,"line":207,"context":208},"includes\u002Fadmin\u002Fclass-settings-screen.php",87,"raw output",{"file":206,"line":210,"context":208},90,{"file":206,"line":212,"context":208},121,{"file":206,"line":214,"context":208},131,[],[],{"summary":218,"deductions":219},"The grumpy-ai-gate v1.0.1 plugin demonstrates a strong security posture based on the provided static analysis. The code adheres to several key security best practices, including the exclusive use of prepared statements for all SQL queries, a high percentage of properly escaped output, and the inclusion of nonce and capability checks. The absence of file operations and external HTTP requests further minimizes the potential attack surface. Crucially, the plugin exhibits no critical or high-severity taint flows, suggesting a lack of direct vulnerabilities related to data sanitization and manipulation. The vulnerability history also indicates a clean record, with no known CVEs, which is a positive sign of the plugin's security maintenance.",[],"2026-04-16T13:42:28.698Z",{"wat":222,"direct":231},{"assetPaths":223,"generatorPatterns":226,"scriptPaths":227,"versionParams":228},[224,225],"\u002Fwp-content\u002Fplugins\u002Fgrumpy-ai-gate\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fgrumpy-ai-gate\u002Fassets\u002Fjs\u002Frequest-log.js",[],[225],[229,230],"grumpy-ai-gate\u002Fassets\u002Fcss\u002Fadmin.css?ver=","grumpy-ai-gate\u002Fassets\u002Fjs\u002Frequest-log.js?ver=",{"cssClasses":232,"htmlComments":237,"htmlAttributes":238,"restEndpoints":242,"jsGlobals":243,"shortcodeOutput":245},[233,234,235,236],"gaig-dashboard","gaig-request-log","gaig-settings","gaig-request-log-container",[],[239,240,241],"data-gaig-ajax-url","data-gaig-nonce","data-gaig-current-page",[],[244],"gaig_request_log_vars",[],{"error":192,"url":247,"statusCode":248,"statusMessage":249,"message":249},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgrumpy-ai-gate\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":173,"versions":251},[252],{"version":6,"download_url":23,"svn_tag_url":253,"released_at":25,"has_diff":190,"diff_files_changed":254,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":255,"is_current":192},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgrumpy-ai-gate\u002Ftags\u002F1.0.1\u002F",[],[]]