[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy8fujkwserwotpX0S_uDDC-XefDYqUEz3ikvW1rK4M8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":145,"fingerprints":212},"hide-wp-admin-login","Hide WP Admin Login","1.0.0","AppAspect Technologies Pvt. Ltd.","https:\u002F\u002Fprofiles.wordpress.org\u002Fappaspect\u002F","\u003Cp>This plugin \u003Cem>Hide WP Admin Login\u003C\u002Fem> allows to change the default WordPress Admin URL from wp-login.php and wp-admin to anything you want. All original links turn the default theme to “404 Not Found” page without rename or change files in core, nor does it add rewrite rules. Secure your website in just minutes with the \u003Cem>Hide WP Admin Login\u003C\u002Fem> plugin. Protect your WordPress site against hacker bots and spammers. Deactivating this plugin brings your site back exactly to the state it was before.\u003C\u002Fp>\n","Change WordPress wp-login.php URL to anything you want.",600,3118,0,"2023-12-18T09:22:00.000Z","6.4.8","5.6","7.1",[19,20,4,21],"change-login-url","custom-login-url","wordpress-login-url","https:\u002F\u002Fappaspectshop.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-wp-admin-login.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"appaspect",2,30,84,"2026-04-04T01:06:01.387Z",[35,61,80,105,126],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":26},"wps-hide-login","WPS Hide Login","1.9.18","Remy Perona","https:\u002F\u002Fprofiles.wordpress.org\u002Ftabrisrp\u002F","\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> is a very light plugin that lets you easily and safely change the url of the login form page to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.\u003C\u002Fp>\n\u003Cp>This plugin is kindly proposed by \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> the specialized WordPress web host.\u003C\u002Fp>\n\u003Cp>Discover also our other free extensions:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"ugc\">WPS Limit Login\u003C\u002Fa> to block brute force attacks.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"ugc\">WPS Bidouille\u003C\u002Fa> to optimize your WordPress and get more info.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"ugc\">WPS Cleaner\u003C\u002Fa> to clean your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin is only maintained, which means we do not guarantee free support. Consider reporting a problem and be patient.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> est un plugin très léger qui vous permet de changer facilement et en toute sécurité l’url de la page de formulaire de connexion. Il ne renomme pas littéralement ou ne modifie pas les fichiers dans le noyau, ni n’ajoute des règles de réécriture. Il intercepte simplement les demandes de pages et fonctionne sur n’importe quel site WordPress. Le répertoire wp-admin et la page wp-login.php deviennent inaccessibles, vous devez donc ajouter un signet ou vous souvenir de l’URL. Désactiver ce plugin ramène votre site exactement à l’état dans lequel il était auparavant.\u003C\u002Fp>\n\u003Cp>Ce plugin vous est gentiment proposé par \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> l’hébergeur spécialisé WordPress.\u003C\u002Fp>\n\u003Cp>Plus d’infos sur son utilisation : \u003Ca href=\"https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Découvrez également nos autres extensions gratuites :\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"nofollow ugc\">WPS Limit Login\u003C\u002Fa> pour bloquer les attaques par force brute.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"nofollow ugc\">WPS Bidouille\u003C\u002Fa> pour optimiser votre WordPress et faire le plein d’infos.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"nofollow ugc\">WPS Cleaner\u003C\u002Fa> pour nettoyer votre site WordPress.\u003C\u002Fp>\n\u003Cp>Ce plugin est seulement maintenu, ce qui signifie que nous ne garantissons pas un support gratuit. Envisagez de signaler un problème et soyez patient.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>Requires WordPress 4.1 or higher. All login related things such as the registration form, lost password form, login widget and expired sessions just keep working.\u003C\u002Fp>\n\u003Cp>It’s also compatible with any plugin that hooks in the login form, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Obviously it doesn’t work with plugins or themes that \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Works with multisite, with subdomains and subfolders. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.\u003C\u002Fp>\n\u003Cp>If you’re using a \u003Cstrong>page caching plugin\u003C\u002Fstrong> other than WP Rocket, you should add the slug of the new login url to the list of pages not to cache. WP Rocket is already fully compatible with the plugin.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>Nécessite WordPress 4.1 ou supérieur. Toutes les choses liées à la connexion telles que le formulaire d’inscription, le formulaire de mot de passe perdu, le widget de connexion et les sessions expirées continuent de fonctionner.\u003C\u002Fp>\n\u003Cp>Il est également compatible avec tout plugin qui se connecte au formulaire de connexion, notamment:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Évidemment, cela ne fonctionne pas avec les plugins ou les thèmes \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Fonctionne en multisite, avec sous-domaines ou sous dossiers. L’activer pour un réseau vous permet de définir une valeur par défaut pour l’ensemble du réseau. Les sites individuels peuvent toujours renommer leur page de connexion pour autre chose.\u003C\u002Fp>\n\u003Cp>Si vous utilisez un \u003Cstrong>plugin de mise en cache de pages\u003C\u002Fstrong> autre que WP Rocket, vous devez ajouter le slug de la nouvelle URL de connexion à la liste des pages à ne pas mettre en cache. WP Rocket est déjà entièrement compatible avec le plugin.\u003C\u002Fp>\n","Change wp-login.php to anything you want.",2000000,30498017,96,2101,"2026-01-12T08:47:00.000Z","6.9.4","4.1","7.0",[20,52,53,54,55],"login","rename","wp-login","wp-login-php","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwps-hide-login.1.9.18.zip",95,10,"2024-06-24 00:00:00",{"slug":62,"name":63,"version":6,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":48,"requires_at_least":73,"requires_php":56,"tags":74,"homepage":77,"download_link":78,"security_score":79,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"rename-wp-admin-login","Rename wp-admin login","Nuno Sarmento","https:\u002F\u002Fprofiles.wordpress.org\u002Fnunosarmento\u002F","\u003Cp>\u003Cem>Rename wp-admin login\u003C\u002Fem> is a plugin that allows us to rename wp-admin login URL to anything you want. It does not change WordPress core files, the plugin simply intercepts page requests and works on any WordPress website. After you activate this plugin the wp-admin URL and wp-login.php will become unavailable, so you should bookmark or remember the url. Disable this plugin brings your site back exactly to the state it was before.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Like this plugin?\u003C\u002Fstrong> Please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Frename-wp-admin-login\u002Freviews\u002F?filter=5\" rel=\"ugc\">Rate It\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fnunosarmento\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Have a problem?\u003C\u002Fstrong> Please write a message in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Frename-wp-admin-login\u002F\" rel=\"ugc\">WordPress Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>How to use the plugin\u003C\u002Fh3>\n\u003Cp>Go under Settings and then click on “Permalinks” and change your URL under “Rename wp-admin login”.\u003C\u002Fp>\n\u003Cp>Step 1: Add new login URL\u003C\u002Fp>\n\u003Cp>Step 2: Add redirect URL\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin was forked\u002Fadapted\u002Ffixed\u002Fupdated from this plugin https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frename-wp-login\u002F – @ellatrix thank you for starting the base of my plugin.\u003C\u002Fp>\n","Rename wp-admin login* is a plugin that allows us to rename wp-admin login URL to anything you want",7000,17102,86,6,"2025-12-02T13:00:00.000Z","5.0",[75,20,52,62,76],"change-wp-login","wp-admin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frename-wp-admin-login\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frename-wp-admin-login.1.0.0.zip",100,{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":70,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":100,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":13,"last_vuln_date":104,"fetched_at":26},"login-page-styler","Login Page Styler – Custom WordPress Login Page Customizer & Security","7.1.2","Zia Imtiaz","https:\u002F\u002Fprofiles.wordpress.org\u002Fzia-imtiaz\u002F","\u003Cp>\u003Cstrong>Login Page Styler\u003C\u002Fstrong> is a powerful WordPress plugin that allows you to completely customize and secure your WordPress login page.\u003C\u002Fp>\n\u003Cp>Create a professional branded login experience while improving login security and protecting your website from unauthorized access.\u003C\u002Fp>\n\u003Cp>Whether you want to change your login logo, background, login URL, or add reCAPTCHA protection, Login Page Styler makes it simple with an easy-to-use interface.\u003C\u002Fp>\n\u003Cp>Perfect for website owners, developers, agencies, and businesses that want a professional login page without coding.\u003C\u002Fp>\n\u003Cp>🔥 \u003Cstrong>Login Page Customization Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>• Custom WordPress login page design\u003Cbr \u002F>\n• Upload your own login logo\u003Cbr \u002F>\n• Custom login backgrounds (images, videos, gradients)\u003Cbr \u002F>\n• Pre-designed login page templates\u003Cbr \u002F>\n• Custom CSS and JavaScript support\u003Cbr \u002F>\n• Google Fonts support\u003Cbr \u002F>\n• Fully responsive login page design\u003C\u002Fp>\n\u003Cp>🔐 \u003Cstrong>Login Security Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>• Custom WordPress login URL\u003Cbr \u002F>\n• Google reCAPTCHA protection\u003Cbr \u002F>\n• Limit login attempts\u003Cbr \u002F>\n• IP address blocking\u003Cbr \u002F>\n• Region blocking\u003Cbr \u002F>\n• Login activity logs\u003Cbr \u002F>\n• Brute force attack protection\u003C\u002Fp>\n\u003Cp>📊 \u003Cstrong>Login Monitoring\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Track login activity with detailed logs including:\u003C\u002Fp>\n\u003Cp>• User login time\u003Cbr \u002F>\n• User roles\u003Cbr \u002F>\n• IP address\u003Cbr \u002F>\n• Location data\u003Cbr \u002F>\n• Failed login attempts\u003C\u002Fp>\n\u003Cp>This helps administrators monitor suspicious login behavior.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Performance & Ease of Use\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>• Lightweight plugin\u003Cbr \u002F>\n• No coding required\u003Cbr \u002F>\n• Fast loading login pages\u003Cbr \u002F>\n• Beginner-friendly settings panel\u003Cbr \u002F>\n• Compatible with most WordPress themes\u003C\u002Fp>\n\u003Cp>🚀 \u003Cstrong>Why Use Login Page Styler\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A default WordPress login page looks generic and provides limited security options.\u003C\u002Fp>\n\u003Cp>Login Page Styler helps you:\u003C\u002Fp>\n\u003Cp>• Build trust with branded login pages\u003Cbr \u002F>\n• Improve website security\u003Cbr \u002F>\n• Prevent brute-force attacks\u003Cbr \u002F>\n• Monitor login activity\u003Cbr \u002F>\n• Customize login design easily\u003C\u002Fp>\n\u003Ch3>Upgrade to Pro\u003C\u002Fh3>\n\u003Cp>Upgrade to \u003Cstrong>Login Page Styler Pro\u003C\u002Fstrong> to unlock advanced features:\u003C\u002Fp>\n\u003Cp>• Premium login templates\u003Cbr \u002F>\n• Social login integration\u003Cbr \u002F>\n• Two-factor authentication\u003Cbr \u002F>\n• Advanced login security\u003Cbr \u002F>\n• Priority support\u003C\u002Fp>\n\u003Cp>👉 https:\u002F\u002Fpluginnestwp.website\u002F\u003C\u002Fp>\n","Customize and secure your WordPress login page with logo, backgrounds, templates, custom login URL, reCAPTCHA protection, and login activity logs — no &hellip;",3000,237870,174,"2026-03-08T15:20:00.000Z","6.7.5","4.0","5.3",[96,20,97,98,99],"custom-login-page","login-logo","login-page-customizer","wordpress-login-page","https:\u002F\u002Fpluginnestwp.website\u002Fcustom-login-page-styler\u002F\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-page-styler.7.1.2.zip",97,3,"2025-01-30 00:00:00",{"slug":20,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":56,"tags":119,"homepage":121,"download_link":122,"security_score":123,"vuln_count":124,"unpatched_count":13,"last_vuln_date":125,"fetched_at":26},"Custom Login URL","1.0.3","Greg Winiarski","https:\u002F\u002Fprofiles.wordpress.org\u002Fgwin\u002F","\u003Cp>Custom Login URL (CLU) is a lightweight plugin that allows to customize default WP login, registration and password\u003Cbr \u002F>\nreminder URLs without modifying any files, simple and swift.\u003C\u002Fp>\n\u003Cp>Why would anyone would want to use this plugin? Well, after developing some sites it turned\u003Cbr \u002F>\nout that site owners do not want to reveal to customers that they are using WordPress, hence the plugin that will mask\u003Cbr \u002F>\noriginal URLs.\u003C\u002Fp>\n\u003Cp>What the plugin can do:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>change \u002Fwp-login.php to for example \u002Fuser\u002Flogin\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=register to for example \u002Fuser\u002Fregister\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=lostpassword to for example \u002Fuser\u002Fremind\u002F\u003C\u002Fli>\n\u003Cli>change \u002Fwp-login.php?action=logout to for example \u002Fuser\u002Flogout\u002F\u003C\u002Fli>\n\u003Cli>you can define your own custom paths for each URL above\u003C\u002Fli>\n\u003Cli>set successfull login and logout redirect URLs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In order to make the plugin work you need to have Permalinks enabled in WP Settings.\u003C\u002Fp>\n","Whitelabel your site by hiding wp-login.php in the login and registration URLs",1000,49777,76,18,"2025-09-15T13:23:00.000Z","6.8.5","6.0",[20,120],"custom-registration-url","https:\u002F\u002Fsimpliko.pl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-login-url.1.0.3.zip",99,1,"2025-09-22 00:00:00",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":79,"num_ratings":136,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":56,"tags":140,"homepage":143,"download_link":144,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"rename-wp-loginphp-to-anything-you-want","Rename wp-login.php to anything you want","2.0.1","travispluse","https:\u002F\u002Fprofiles.wordpress.org\u002Ftravispluse\u002F","\u003Cp>This plugin changes the way you login into your website.\u003C\u002Fp>\n\u003Cp>–loginsecurity includes–\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blocks IP after maximum retries allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Extended Lockout after maximum lockouts allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Email notification to admin after max lockouts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blacklist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Whitelist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Check logs of failed attempts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Create IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Delete IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Licensed under GNU GPL version 3\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Safe & Secure\u003Cbr \u002F>\u003C\u002Fp>\n","This plugin changes the way you login into your website.",500,8851,5,"2016-08-13T06:36:00.000Z","4.5.33","3.0",[141,20,52,142,55],"custom","login-custom","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frename-wp-loginphp-to-anything-you-want\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frename-wp-loginphp-to-anything-you-want.2.0.1.zip",{"attackSurface":146,"codeSignals":190,"taintFlows":202,"riskAssessment":203,"analyzedAt":211},{"hooks":147,"ajaxHandlers":186,"restRoutes":187,"shortcodes":188,"cronEvents":189,"entryPointCount":13,"unprotectedCount":13},[148,154,158,161,164,168,171,177,181],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","admin_menu","hide_wp_admin_login_menu_page","admin\\admin.php",12,{"type":149,"name":155,"callback":156,"file":152,"line":157},"admin_init","hwal_template_redirect",27,{"type":149,"name":155,"callback":159,"file":152,"line":160},"hwal_admin_init",37,{"type":149,"name":162,"callback":163,"file":152,"line":102},"admin_notices","hwal_admin_notices",{"type":149,"name":155,"callback":165,"file":166,"line":167},"hide_wp_admin_login_disable_plugin","hide-wp-admin-login.php",54,{"type":149,"name":162,"callback":169,"file":166,"line":170},"hide_wp_admin_login_show_error",55,{"type":149,"name":172,"callback":173,"priority":174,"file":175,"line":176},"plugins_loaded","hwal_plugins_loaded",9999,"inc\\functions.php",72,{"type":149,"name":178,"callback":179,"file":175,"line":180},"wp_loaded","hwal_wp_loaded",109,{"type":182,"name":183,"callback":184,"priority":59,"file":175,"line":185},"filter","site_url","hwal_site_url",185,[],[],[],[],{"dangerousFunctions":191,"sqlUsage":192,"outputEscaping":198,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":124,"bundledLibraries":201},[],{"prepared":13,"raw":124,"locations":193},[194],{"file":195,"line":196,"context":197},"uninstall.php",21,"$wpdb->query() with variable interpolation",{"escaped":199,"rawEcho":13,"locations":200},4,[],[],[],{"summary":204,"deductions":205},"The 'hide-wp-admin-login' v1.0.0 plugin presents a generally good security posture with no recorded vulnerabilities or critical code signals. The static analysis shows a remarkably small attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the code signals indicate proper output escaping for all identified outputs and a capability check is in place, which are positive security practices.\n\nHowever, there are a few areas that warrant attention. The single SQL query is not using prepared statements, which can be a risk if the query involves user-supplied data, although the absence of taint flows suggests this might be a static query. The complete lack of nonce checks, even with a small attack surface, could be a concern in scenarios where the plugin's functionality might be triggered externally. The vulnerability history being entirely clear is a strong positive indicator, suggesting the developer has a good track record or the plugin has not been a significant target.\n\nIn conclusion, the plugin is in a relatively secure state due to its minimal attack surface and good output escaping. The main points of concern are the non-prepared SQL query and the absence of nonce checks, which, while not currently exploited according to the data, represent potential weaknesses that could be addressed. The lack of any historical vulnerabilities is a significant strength.",[206,209],{"reason":207,"points":208},"SQL query not using prepared statements",7,{"reason":210,"points":136},"Missing nonce checks","2026-03-16T19:32:04.226Z",{"wat":213,"direct":220},{"assetPaths":214,"generatorPatterns":217,"scriptPaths":218,"versionParams":219},[215,216],"\u002Fwp-content\u002Fplugins\u002Fhide-wp-admin-login\u002Fadmin\u002Fadmin.php","\u002Fwp-content\u002Fplugins\u002Fhide-wp-admin-login\u002Finc\u002Ffunctions.php",[],[],[],{"cssClasses":221,"htmlComments":222,"htmlAttributes":223,"restEndpoints":224,"jsGlobals":225,"shortcodeOutput":226},[],[],[],[],[],[]]