[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffXbAWqmWWjv7gVRWV_K24eYkOT4PWba3RtRmdkHp6Vk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":140,"fingerprints":177},"humansnotbots","HumansNotBots – Easy, Accessible Email Cloaker","3.2","zingming","https:\u002F\u002Fprofiles.wordpress.org\u002Fzingming\u002F","\u003Cp>This email cloaking method:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>is accessible for people browsing with screen readers (e.g., blind people); \u003C\u002Fli>\n\u003Cli>degrades gracefully for browsers without JavaScript; \u003C\u002Fli>\n\u003Cli>works just like a normal, clickable email address for browsers with JavaScript enabled; and\u003C\u002Fli>\n\u003Cli>requires no shortcodes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Email addresses in the form \u003Ccode>email AT address DOT com\u003C\u002Fcode> are converted to a clickable version, \u003Ca href=\"mailto:email@address.com\" rel=\"nofollow ugc\">email@address.com\u003C\u002Fa>, if JavaScript is enabled. If JavaScript is not enabled (such as for screen readers), then the email address in the form \u003Ccode>email AT address DOT com\u003C\u002Fcode> is still readable to humans.\u003C\u002Fp>\n","\"email AT address DOT com\" (without quotes) is converted to a clickable version of email@address.com if JavaScript is enabled.",200,8687,100,2,"2013-12-28T06:34:00.000Z","3.7.41","3.0.1","",[20,21,22,23,24],"email","email-munger","email-obfuscation","email-obfuscator","spam","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fhumansnotbots\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhumansnotbots.3.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},4,250,30,84,"2026-04-04T11:53:52.928Z",[39,59,79,95,118],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":11,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":18,"download_link":58,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"email-no-bot","Email No Bot – Prevent bots from detecting emails","0.0.3","Jose Mortellaro","https:\u002F\u002Fprofiles.wordpress.org\u002Fgiuse\u002F","\u003Cp>With Email No Bot humans will see the emails that you write using the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FShortcode\" rel=\"nofollow ugc\">shortcode\u003C\u002Fa> [hide_email email=”example@mail.com”], but robots will not.\u003C\u002Fp>\n\u003Cp>The user will not be able to copy the email in the clipboard. If you think this is a problem, this plugin is not for you.\u003C\u002Fp>\n\u003Cp>Looking at the screen you can see the email, but if you inspect elements, instead of the email you will see something strange, and not predictable. That’s what a bot will also see.\u003C\u002Fp>\n\u003Cp>The output is something very random for the bot, and even if the code of this plugin is open source, no bot will be able to decrypt the email.\u003C\u002Fp>\n\u003Cp>There are amazing plugins for contact forms, but sometimes what you really need is just an email that people can use to contact you.\u003Cbr \u002F>\nContact forms are so popular because a bot will not be able to get your email, but if you have a way to prevent bots from getting your email, you can simply add it to your page without the need of a contact form. Your page will be lighter and simple.\u003C\u002Fp>\n\u003Cp>Email No Bot has no settings page, it doesn’t write anything in the database, and it doesn’t load any asset on frontend, it just provides a shortcode, that’s it.\u003C\u002Fp>\n\u003Ch3>How to encrypt an email with Email No Bot\u003C\u002Fh3>\n\u003Cp>To encrypt an email use the shortcode \u003Cstrong>[hide_email email=”example@mail.com”]\u003C\u002Fstrong>.\u003Cbr \u002F>\nOf course, replace example@mail.com with the email that you want to display.\u003Cbr \u002F>\nYou can see an example and see how it works on the blog post \u003Ca href=\"https:\u002F\u002Fjosemortellaro.com\u002Fprevent-bots-from-getting-emails-from-your-website\u002F\" rel=\"nofollow ugc\">Prevent bots from getting emais from your website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Main features of Email No Bot\u003C\u002Fh3>\n\u003Cp>It obfuscate emails with 52 lines of code! The entire zip is less than 3 kB. No complicated settings, no database queries, no assets, nothing else than a shortcode. You will have no spam at zero cost in terms of performance. The weight of this plugin similar to the weight of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhello-dolly\u002F\" rel=\"ugc\">Hello Dolly\u003C\u002Fa>.\u003Cbr \u002F>\nYou can see here the \u003Ca href=\"https:\u002F\u002Fplugintests.com\u002Fplugins\u002Fwporg\u002Femail-no-bot\u002Flatest\" rel=\"nofollow ugc\">consumption of Email No Bot\u003C\u002Fa>. As you will see it’s not measurable.\u003C\u002Fp>\n\u003Ch3>Limitations of Email No Bot\u003C\u002Fh3>\n\u003Cp>The user will not be able to copy the email in the clipboard. But this is also what makes this plugin so powerful against spam bots.\u003C\u002Fp>\n\u003Ch3>Similar plugin to hide links\u003C\u002Fh3>\n\u003Cp>If you need something similar to hide links, you can try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-link\u002F\" rel=\"ugc\">Hide Link\u003C\u002Fa>\u003C\u002Fp>\n","Humans will see the email address on your page, but robots will not.",6485,1,"2025-12-05T09:20:00.000Z","6.9.4","4.6","7.4",[54,22,55,56,57],"email-encryption","no-bot","spam-email","spam-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-no-bot.0.0.3.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":28,"num_ratings":28,"last_updated":69,"tested_up_to":50,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":77,"download_link":78,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"protect-my-infos","Protect My Infos","1.3.8","Yuga Web","https:\u002F\u002Fprofiles.wordpress.org\u002Fyugaweb\u002F","\u003Cp>\u003Cstrong>Protect My Infos\u003C\u002Fstrong> is a WordPress plugin designed to protect sensitive information, such as phone numbers and email addresses, by obfuscating or hiding them on the frontend of your site.\u003C\u002Fp>\n\u003Cp>Emails and phone numbers are encoded and hidden from bots, while visitors can interact with placeholders to reveal the information.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Obfuscate sensitive information with placeholders, blur effects, or base64 encoding.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[protect_my_infos]\u003C\u002Fcode> shortcode for integration in posts or pages.\u003C\u002Fli>\n\u003Cli>Fully customizable settings for icons, colors, and reveal texts.\u003C\u002Fli>\n\u003Cli>Easy-to-use admin interface.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin integrates with the PayPal Donate API to facilitate donations via PayPal’s secure platform.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name\u003C\u002Fstrong>: PayPal Donate API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: To provide a “Donate” button for collecting user donations securely via PayPal.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>Donation amount\u003C\u002Fli>\n\u003Cli>Currency\u003C\u002Fli>\n\u003Cli>PayPal Merchant ID\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Data is sent to PayPal only when a user interacts with the “Donate” button.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Links\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fus\u002Fwebapps\u002Fmpp\u002Fua\u002Flegalhub-full\" rel=\"nofollow ugc\">PayPal Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fus\u002Fwebapps\u002Fmpp\u002Fua\u002Fprivacy-full\" rel=\"nofollow ugc\">PayPal Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: This plugin does not store or process sensitive personal information. All payment transactions are handled securely by PayPal’s platform.\u003C\u002Fp>\n","Protect sensitive information like emails and phone numbers from bots with advanced obfuscation techniques.",90,914,"2025-12-11T15:33:00.000Z","5.0","7.2",[73,22,74,75,76],"anti-spam","phone-number-protection","privacy","security","https:\u002F\u002Fwww.yugaweb.com\u002Fprotect-my-infos\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-my-infos.1.3.8.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":28,"downloaded":87,"rating":28,"num_ratings":28,"last_updated":88,"tested_up_to":50,"requires_at_least":89,"requires_php":52,"tags":90,"homepage":18,"download_link":94,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"whoknew-shield","WhoKnew Shield — Contact Obfuscation & Bot Protection","2.0.0","WhoKnew.io","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhoknewio\u002F","\u003Cp>\u003Cstrong>WordPress spam protection plugin\u003C\u002Fstrong> — Stop bots from harvesting your email addresses, phone numbers, and physical addresses.\u003C\u002Fp>\n\u003Ch3>Why stores and businesses need contact security:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Privacy Risk:\u003C\u002Fstrong> Scrapers harvest emails for spam databases\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Threat:\u003C\u002Fstrong> Phone scrapers collect numbers for robocalls, SMS spam, and phishing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fraud Prevention:\u003C\u002Fstrong> Address scrapers use your location for junk mail and identity theft\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Passive Exposure:\u003C\u002Fstrong> Contacts in posts, widgets, and footers are often left unprotected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bot Evolution:\u003C\u002Fstrong> Modern bots can parse basic HTML encoding\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Coverage:\u003C\u002Fstrong> Every unprotected contact is a potential harvest point\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WhoKnew Shield uses dual-layer protection to help keep your contact information private.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Free Features (Instant Setup)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Dual-layer obfuscation\u003C\u002Fstrong> — HTML entities + CSS reversal + JavaScript protection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email auto-detection\u003C\u002Fstrong> — Write naturally, automatic protection everywhere\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Click-to-reveal buttons\u003C\u002Fstrong> — One click for visitors; blocks automated scrapers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JavaScript-protected links\u003C\u002Fstrong> — Emails never appear in HTML source code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple contact types\u003C\u002Fstrong> — Protect emails, phone numbers, and physical addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcodes\u003C\u002Fstrong> — \u003Ccode>[whoknew_shield]\u003C\u002Fcode> for precise control when needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strictness controls\u003C\u002Fstrong> — 3 detection levels to balance protection vs false positives\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern admin UI\u003C\u002Fstrong> — Clean, intuitive dashboard\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No locked features\u003C\u002Fstrong> — Everything in free plugin is fully functional\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works with any theme\u003C\u002Fstrong> — Page builders, Gutenberg, Classic Editor, WooCommerce\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cache-compatible\u003C\u002Fstrong> — Works with WP Rocket, LiteSpeed, W3 Total Cache, SG Optimizer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features ($48\u002Fyear)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Phone protection & address protection\u003C\u002Fstrong> — Auto-detect ALL contact types automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Web Application Firewall (WAF)\u003C\u002Fstrong> — Scraper Trap™ honeypot defense catches bots in action\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WhoKnew Intelligence™ Network\u003C\u002Fstrong> — Community-powered blacklist with daily-updated threat intelligence from Shield Pro users worldwide\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bot blocker with automatic IP blocking\u003C\u002Fstrong> — Block caught scrapers site-wide (1hr to permanent)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics Dashboard\u003C\u002Fstrong> — Visual charts, geographic heat maps, threat intelligence\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Competitor shortcode support\u003C\u002Fstrong> — Supports Email Address Encoder, Neotrendy, Email Encoder Bundle, Antispambot shortcodes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced encryption\u003C\u002Fstrong> — Domain-specific rotating keys (changes every 15 minutes)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom obfuscation engine\u003C\u002Fstrong> — Create your own scraper protection patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Geographic tracking\u003C\u002Fstrong> — See where attacks originate with country-level data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom block pages\u003C\u002Fstrong> — Show your message to blocked bots\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email alerts\u003C\u002Fstrong> — Get notified when threats are detected\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP whitelist\u002Fblacklist\u003C\u002Fstrong> — Complete control over access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority support\u003C\u002Fstrong> — Direct access to our team\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>No coding. Works with any WordPress theme. Set it once, protect everything.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwhoknew.io\u002Fplugin\u002Fwhoknew-shield\u002F\" rel=\"nofollow ugc\">Upgrade to Pro \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwhoknew.io\u002Fwhoknew-shield\u002F\" rel=\"nofollow ugc\">View Features\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why Auto-Detection Matters\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Manual shortcode plugins require wrapping every contact individually:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to forget contacts in old posts, footer widgets, page builder sections\u003C\u002Fli>\n\u003Cli>Manually wrapping every contact in shortcodes is time-consuming and error-prone\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shield’s auto-detection ensures nothing slips through\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Write naturally. Shield finds and protects contacts automatically. No gaps. No missed emails.\u003C\u002Fp>\n\u003Ch3>Plugin Switching\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Switch from other email protection plugins with no broken pages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email Address Encoder\u003C\u002Fstrong> — \u003Ccode>[encode]\u003C\u002Fcode> shortcodes work immediately\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Obfuscation by Neotrendy\u003C\u002Fstrong> — \u003Ccode>[obfuscate_email]\u003C\u002Fcode> supported\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Encoder Bundle\u003C\u002Fstrong> — \u003Ccode>[eeb_protect_emails]\u003C\u002Fcode>, \u003Ccode>[eeb_mailto]\u003C\u002Fcode> compatible\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Antispambot\u003C\u002Fstrong> — All shortcodes work with stronger dual-layer protection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Just activate Shield Pro and deactivate the old plugin. All existing shortcodes continue working. No find-and-replace needed across your posts.\u003C\u002Fp>\n\u003Ch3>Web Application Firewall (WAF) — Pro Feature\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Active scraper defense beyond passive hiding:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Pro version includes WAF capabilities through Scraper Trap™ honeypots:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hidden honeypot traps\u003C\u002Fstrong> invisible to real users but attractive to bots\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic blocking\u003C\u002Fstrong> — Caught bots are banned site-wide\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Threat intelligence\u003C\u002Fstrong> — See attack patterns, geographic origins, bot signatures\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time analytics\u003C\u002Fstrong> — Visual charts showing when and where attacks happen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy protection\u003C\u002Fstrong> — Stop bots before they harvest any contact information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security monitoring\u003C\u002Fstrong> — Know exactly who tried to scrape your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This turns passive protection into active security. You’re not just hiding contacts — you’re catching and blocking malicious bots.\u003C\u002Fp>\n\u003Ch3>WhoKnew Intelligence™ — Community Blacklist Network (Pro)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Collaborative threat protection:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Shield Pro users can join the WhoKnew Intelligence™ network to share threat data and download a community-powered blacklist:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Daily-updated blocklist\u003C\u002Fstrong> — Block known scrapers before they reach your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anonymous contribution\u003C\u002Fstrong> — Optionally share caught IPs to help protect the community\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live threat intelligence\u003C\u002Fstrong> — Benefit from detections across Shield Pro sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pre-emptive blocking\u003C\u002Fstrong> — Stop bots that attacked other sites before they find yours\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Community-powered security\u003C\u002Fstrong> — The more sites that join, the stronger the protection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When you catch a bot with Scraper Trap™ honeypots, you can anonymously share that IP to protect other Shield users. In return, you get access to a constantly-updated blocklist of confirmed threats.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin displays links in the WordPress admin area that point to whoknew.io, the author’s website. These links are used to provide upgrade information, pricing, and documentation for the optional Pro add-on.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WhoKnew.io (Plugin Author Website)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>What it is: whoknew.io is the website of the plugin author (WhoKnew). It hosts the Pro upgrade page, documentation, and support resources for this plugin.\u003C\u002Fp>\n\u003Cp>What data is sent and when: The free plugin does not automatically transmit any data to whoknew.io or any other external server. The admin UI contains standard upgrade and documentation links; clicking those links takes you to the whoknew.io website in your browser, subject to normal browser behaviour. No data is collected, tracked, or sent without user action.\u003C\u002Fp>\n\u003Cp>Note on the optional Pro add-on: If you separately purchase and activate WhoKnew Shield Pro, that add-on may connect to whoknew.io for licence validation and to download the WhoKnew Intelligence™ community blocklist (an opt-in feature). Those connections are documented in the Pro add-on itself.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Terms of Service: https:\u002F\u002Fwhoknew.io\u002Fterms\u002F\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fwhoknew.io\u002Fprivacy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Third-Party Libraries\u003C\u002Fh3>\n\u003Cp>WhoKnew Shield Free does not use any third-party libraries or external services. All code is self-contained within the plugin. No CDN dependencies, no external API calls, no data transmission to third-party servers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Bundled Data: IANA Root Zone Database\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin bundles a static copy of the Internet Assigned Numbers Authority (IANA) Root Zone Database (\u003Ccode>data\u002Fiana-tlds.txt\u003C\u002Fcode>). This file is used exclusively for offline TLD validation when email detection is set to Strict mode — it is never loaded, transmitted, or used outside of that context.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Source:\u003C\u002Fstrong> https:\u002F\u002Fdata.iana.org\u002FTLD\u002Ftlds-alpha-by-domain.txt\u003C\u002Fli>\n\u003Cli>\u003Cstrong>License:\u003C\u002Fstrong> Public domain \u002F IANA (no restrictions on use)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Usage:\u003C\u002Fstrong> Bundled locally; no runtime HTTP request is made to IANA\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Updates:\u003C\u002Fstrong> The file is updated with each plugin release to reflect newly delegated TLDs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privacy by Design:\u003C\u002Fstrong>\u003Cbr \u002F>\n– All protection runs locally on your WordPress server\u003Cbr \u002F>\n– No external scripts loaded from CDNs\u003Cbr \u002F>\n– No tracking or analytics sent to external services\u003Cbr \u002F>\n– Complete data sovereignty — everything stays in your database\u003Cbr \u002F>\n– GDPR-friendly architecture with zero external dependencies\u003C\u002Fp>\n","Stop spam bots from harvesting emails, phones & addresses. Dual-layer protection with auto-detection.",198,"2026-03-04T09:15:00.000Z","5.8",[91,92,22,93,57],"bot-blocker","email-encoder","email-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhoknew-shield.2.0.0.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":50,"requires_at_least":108,"requires_php":52,"tags":109,"homepage":113,"download_link":114,"security_score":115,"vuln_count":116,"unpatched_count":28,"last_vuln_date":117,"fetched_at":30},"wp-mail-logging","WP Mail Logging","1.16.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>WP Mail Logging is the most popular plugin for logging emails sent from your WordPress site. Simply activate it and it will work immediately, no extra configuration is needed.\u003C\u002Fp>\n\u003Ch3>Are your WordPress emails not being sent or delivered?\u003C\u002Fh3>\n\u003Cp>Use this plugin to log all outgoing emails from your WordPress site. If there are any errors when sending the email from your site, our email logs will catch that error and display it to you.\u003C\u002Fp>\n\u003Cp>This will allow you to debug and fix your email sending issue.\u003C\u002Fp>\n\u003Ch3>Did a client not receive your email?\u003C\u002Fh3>\n\u003Cp>Our email logs allow you to resend any email that was sent from your site. No more lost emails!\u003C\u002Fp>\n\u003Ch3>Do you just want to keep a record of all emails sent from your site?\u003C\u002Fh3>\n\u003Cp>By default, WordPress and your web host do not log, store or keep track of emails sent from your website.\u003C\u002Fp>\n\u003Cp>This plugin will allow you to do just that. Our email logs will store every email that is sent from your WordPress site.\u003C\u002Fp>\n\u003Cp>You can search and view a particular email log, inspect its content or attachments, and even resend that email.\u003C\u002Fp>\n\u003Ch3>What email information is logged?\u003C\u002Fh3>\n\u003Cp>All emails sent from your WordPress site are logged. And here is the information that is stored:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email Subject\u003C\u002Fli>\n\u003Cli>Email Content (HTML or text)\u003C\u002Fli>\n\u003Cli>Email Attachments\u003C\u002Fli>\n\u003Cli>Email Headers (to, from, reply-to, cc, bcc, …)\u003C\u002Fli>\n\u003Cli>Error Message (in case there was an error while attempting to send the email)\u003C\u002Fli>\n\u003Cli>IP Address of originating server (can be enabled in the settings)\u003C\u002Fli>\n\u003Cli>Date and Time of the email\u003C\u002Fli>\n\u003Cli>Receiver (the TO email address)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why are my logged emails still not delivered to the inbox?\u003C\u002Fh3>\n\u003Cp>There are a lot of steps that emails have to make in order to be delivered to the recipient’s inbox.\u003C\u002Fp>\n\u003Cp>When your WordPress site sends an email, there’s no guarantee it will be delivered.\u003C\u002Fp>\n\u003Cp>This is what the email’s journey looks like:\u003C\u002Fp>\n\u003Col>\n\u003Cli>WordPress creates an email\u003C\u002Fli>\n\u003Cli>WordPress passes the email to your website host and that email gets logged by our plugin\u003C\u002Fli>\n\u003Cli>The host server takes the email and sends it (SMTP or Mail Transfer Agent)\u003C\u002Fli>\n\u003Cli>Recipient server receives or blocks the email\u003C\u002Fli>\n\u003Cli>If the email is accepted, the spam filter decides if it goes to the inbox or the spam folder\u003C\u002Fli>\n\u003Cli>Recipients see the email and might open it.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This plugin does not track delivery after step 2.\u003C\u002Fp>\n\u003Cp>If you have deliverability issues, we suggest installing the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>WP Mail SMTP fixes WordPress email deliverability problems, you can choose between 12 email providers (Gmail, Outlook, SendLayer, Mailgun, …) to resolve your email sending issue and it’s super easy to set up. WP Mail SMTP is trusted by more than 3 million websites.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The plugin was created and launched in 2014 by \u003Ca href=\"https:\u002F\u002Fno3x.de\u002F\" rel=\"nofollow ugc\">Christian Zöller\u003C\u002Fa>.\u003C\u002Fp>\n","Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.",300000,4360548,94,349,"2026-02-19T07:13:00.000Z","5.3",[110,20,111,112,24],"deliverability","email-log","smtp","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-logging\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mail-logging.1.16.0.zip",89,6,"2026-02-27 17:58:35",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":50,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":136,"download_link":137,"security_score":138,"vuln_count":48,"unpatched_count":28,"last_vuln_date":139,"fetched_at":30},"cryptx","CryptX","4.0.11","Ralf Weber","https:\u002F\u002Fprofiles.wordpress.org\u002Fd3395\u002F","\u003Cp>No more SPAM by spiders scanning your site for email addresses. With CryptX you can hide all your email addresses, with and without a mailto-link, by converting them using javascript or UNICODE.\u003C\u002Fp>\n\u003Cp>CryptX protects your email addresses from spambots while keeping them readable and functional for your visitors. The plugin automatically detects email addresses in your content and encrypts them using various methods including JavaScript encryption, Unicode conversion, and image replacement.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Email Detection\u003C\u002Fstrong> – Finds and encrypts email addresses in posts, pages, comments, and widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Encryption Methods\u003C\u002Fstrong> – JavaScript, Unicode, image replacement, and custom text options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Support\u003C\u002Fstrong> – Works with text widgets and other widget content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS Feed Control\u003C\u002Fstrong> – Option to disable encryption in RSS feeds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Support\u003C\u002Fstrong> – Exclude specific domains from encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Post Control\u003C\u002Fstrong> – Enable\u002Fdisable encryption on individual posts and pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Use \u003Ccode>[cryptx]email@example.com[\u002Fcryptx]\u003C\u002Fcode> for manual encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template Functions\u003C\u002Fstrong> – Developer-friendly functions for theme integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fweber-nrw.de\u002Fwordpress\u002Fcryptx\u002F\" title=\"Plugin Homepage\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003C\u002Fp>\n","No more SPAM by spiders scanning your site for email addresses!",10000,280578,88,19,"2025-12-18T08:01:00.000Z","6.7","8.3",[134,54,135,75,57],"antispam","mail","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcryptx\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcryptx.4.0.11.zip",99,"2025-12-04 20:35:36",{"attackSurface":141,"codeSignals":160,"taintFlows":170,"riskAssessment":171,"analyzedAt":176},{"hooks":142,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":28,"unprotectedCount":28},[143,148,152],{"type":144,"name":145,"callback":146,"file":147,"line":105},"action","wp_footer","add_to_footer","humansnotbots.php",{"type":144,"name":149,"callback":150,"file":147,"line":151},"admin_menu","menu",96,{"type":144,"name":153,"callback":154,"file":147,"line":155},"admin_init","register_settings",97,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":48,"bundledLibraries":169},[],{"prepared":28,"raw":28,"locations":163},[],{"escaped":28,"rawEcho":48,"locations":165},[166],{"file":147,"line":167,"context":168},17,"raw output",[],[],{"summary":172,"deductions":173},"The \"humansnotbots\" plugin v3.2 exhibits a very strong security posture based on the provided static analysis and vulnerability history.  The absence of any identified attack surface points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's potential entry points for malicious activity. Furthermore, the code signals indicate excellent security practices, with no dangerous functions, all SQL queries using prepared statements, and no external HTTP requests.  The presence of a capability check, though only one is noted, suggests some level of authorization is considered. The vulnerability history is entirely clean, with no recorded CVEs of any severity, which is a highly positive indicator of the plugin's stability and security development.  The lack of taint analysis findings further reinforces this strong security profile.\n\nHowever, a single area of concern arises from the output escaping analysis. With one total output and 0% properly escaped, this represents a significant risk. Unescaped output can lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website's pages, potentially compromising user sessions or defacing the site. While the rest of the analysis is overwhelmingly positive, this single oversight requires attention.  In conclusion, \"humansnotbots\" v3.2 is a highly secure plugin with an impressive track record and a well-defined, limited attack surface. The only notable weakness is the lack of proper output escaping, which, while a serious concern, is isolated to one identified output.",[174],{"reason":175,"points":116},"Unescaped output found","2026-03-16T20:25:54.544Z",{"wat":178,"direct":184},{"assetPaths":179,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[180],"\u002Fwp-content\u002Fplugins\u002Fhumansnotbots\u002Fhumansnotbots.js",[],[180],[],{"cssClasses":185,"htmlComments":186,"htmlAttributes":188,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":192},[],[187],"\u003C!--\nHumansNotBots(",[],[],[191],"HumansNotBots",[]]