[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fC7tl5f3BBR6ZMO6fSec1B7B3BPfCCSBzfy5ZjHfowew":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":140,"fingerprints":216},"insecure-content-warning","Insecure Content Warning","1.2.2","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Insecure Content Warning helps content creators with secure (HTTPS) websites avoid insecure-content warnings in the browser by flagging any elements in the content editor (such as images, videos, and embeds) that are being delivered or sourced from an insecure (HTTP) web address. All insecure elements are flagged before the content is published, and can be fixed manually or simply by clicking “fix it.”\u003C\u002Fp>\n\u003Cp>Compatible with the “classic” editor as well as the block editor (aka Gutenberg).\u003C\u002Fp>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Requires PHP 7.4+.\u003C\u002Fli>\n\u003Cli>Requires a secure \u002F SSL (HTTPS) website, front and back end.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>This plugin requires no configuration. Simply activate and the plugin will prevent posts with insecure elements from being published, as well as provide a banner with information on the offending assets.\u003C\u002Fp>\n\u003Ch3>Optional WP-CLI Commands\u003C\u002Fh3>\n\u003Cp>These are not required for normal usage of the plugin, but are available as a utility for more advanced usage.\u003C\u002Fp>\n\u003Ch4>wp icw fix\u003C\u002Fh4>\n\u003Cp>Used to fix insecure elements in existing content. Can target specific posts or bulk batches.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp icw fix [\u003Cid>] [--include] [--all] [--post_type] [--limit] [--offset] [--dry-run]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Example:\u003Cbr \u002F>\n     \u003Ccode>$ wp icw fix --all --post_type=page\u003Cbr \u002F>\n Checking post content...\u003Cbr \u002F>\n Total posts checked for insecure URL(s): 10\u003Cbr \u002F>\n +-------------------------------------+\u003Cbr \u002F>\n | URL(s) fixed summary                |\u003Cbr \u002F>\n +-------------------------------------+\u003Cbr \u002F>\n | 0\u002F0 URL(s) fixed in post 98         |\u003Cbr \u002F>\n | 0\u002F0 URL(s) fixed in post 96         |\u003Cbr \u002F>\n | 0\u002F0 URL(s) fixed in post 76         |\u003Cbr \u002F>\n | ...........................         |\u003Cbr \u002F>\n | 0\u002F0 URL(s) fixed in post 6          |\u003Cbr \u002F>\n | 0\u002F0 URL(s) fixed in post 1          |\u003Cbr \u002F>\n +-------------------------------------+\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Run \u003Ccode>wp help icw fix\u003C\u002Fcode> for more information on the command args.\u003C\u002Fp>\n","Prevent editors from adding insecure content in the editor.",10,5179,0,"2025-04-24T18:54:00.000Z","6.8.5","6.6","7.4",[19,20,21,22,23],"https","publishers","publishing","secure-content","ssl","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Finsecure-content-warning\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsecure-content-warning.1.2.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},23,1384530,98,546,78,"2026-04-04T00:37:43.091Z",[38,60,79,98,119],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":58,"download_link":59,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"https-redirection","Easy HTTPS Redirection (SSL)","2.0.0","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Ch4>Only use this plugin if you have installed SSL certificate on your site and HTTPS is working correctly\u003C\u002Fh4>\n\u003Cp>Once you’ve installed an SSL certificate on your site, it’s important to ensure that your webpages are accessed via their secure HTTPS URLs.\u003C\u002Fp>\n\u003Cp>To improve SEO and user security, you want search engines and visitors to always use the HTTPS version of your pages. This plugin makes that easy by automatically redirecting users to the HTTPS version whenever they try to access the non-HTTPS (HTTP) version of a page.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cp>Let’s say you want to ensure the following page is always accessed over HTTPS:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If a visitor tries to access:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will automatically redirect them to the secure version:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This ensures that visitors always access the HTTPS version of your pages or site.\u003C\u002Fp>\n\u003Cp>You can choose to automatically redirect your entire domain to HTTPS, or selectively apply HTTPS redirection to specific pages.\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoyJgRFCM6u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLtyBraB64v8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Force Load Static Files Using HTTPS\u003C\u002Fh3>\n\u003Cp>If you started using SSL from day 1 of your site then all your static files are already embedded using HTTPS URL. You have no issue there.\u003C\u002Fp>\n\u003Cp>However, if you have an existing website where you have a lot of static files that are embedded in your posts and pages using NON-HTTPS URL then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors.\u003C\u002Fp>\n\u003Cp>This plugin has an option that will allow you to force load those static files using HTTPS URL dynamically.\u003C\u002Fp>\n\u003Cp>This will help you make the webpage fully compatible with SSL.\u003C\u002Fp>\n\u003Ch3>SSL Certificate Expiry Notification\u003C\u002Fh3>\n\u003Cp>This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.\u003C\u002Fp>\n\u003Cp>You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.\u003C\u002Fp>\n\u003Cp>This feature is especially useful for site owners who may not frequently check their SSL status, or for those managing multiple websites. By receiving timely alerts, you can renew your SSL certificate in advance and prevent potential downtime or security warnings.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically redirect all HTTP traffic to HTTPS\u003C\u002Fli>\n\u003Cli>Option to force HTTPS on the entire site\u003C\u002Fli>\n\u003Cli>Option to selectively apply HTTPS redirection to specific pages\u003C\u002Fli>\n\u003Cli>Helps search engines index the secure versions of your pages\u003C\u002Fli>\n\u003Cli>Improves site security and user trust\u003C\u002Fli>\n\u003Cli>Force load static files (images, js, css etc) using a HTTPS URL\u003C\u002Fli>\n\u003Cli>SSL certificate expiry notification – Option to send SSL expiry notifications to a specific email address\u003C\u002Fli>\n\u003Cli>Easily see which SSL certificates on your site are approaching their expiry date.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View more details on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin\" rel=\"nofollow ugc\">HTTPS Redirection plugin\u003C\u002Fa> page.\u003C\u002Fp>\n","The plugin allows an automatic redirection to the \"HTTPS\" version\u002FURL of the site. Make your site SSL compatible easily.",100000,1169853,84,71,"2025-12-02T03:12:00.000Z","6.9.4","6.5","",[55,19,56,57,23],"force-ssl","insecure-content","redirection","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-redirection.2.0.0.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":46,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":51,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":77,"download_link":78,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ssl-insecure-content-fixer","SSL Insecure Content Fixer","2.7.2","webaware","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebaware\u002F","\u003Cp>Clean up your WordPress website’s HTTPS insecure content and mixed content warnings. Installing the SSL Insecure Content Fixer plugin will solve most insecure content warnings with little or no effort. The remainder can be diagnosed with a few simple tools.\u003C\u002Fp>\n\u003Cp>When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.\u003C\u002Fp>\n\u003Cp>WordPress Multisite gets a network settings page. This can be used to set default settings for all sites within a network, so that network administrators only need to specify settings on sites that have requirements differing from the network defaults.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fssl.webaware.net.au\u002F\" rel=\"nofollow ugc\">SSL Insecure Content Fixer website\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Many thanks to the generous efforts of our translators:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bulgarian (bg_BG) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fbg\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Bulgarian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chinese simplified (zh_CN) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fzh-cn\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Chinese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_CA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-ca\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (Canadian) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_GB) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-gb\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (British) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_ZA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-za\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (South African) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fnl\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Dutch translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (de_DE) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fde\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the German translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>French (fr_FR) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Ffr\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the French translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (it_IT) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fit\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Italian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese (ja) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fja\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Japanese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fru\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Russian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fes\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Spanish translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to help out by translating this plugin, please \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">sign up for an account and dig in\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>SSL Insecure Content Fixer does not collect any personally identifying information, and does not set any cookies.\u003C\u002Fp>\n","Clean up WordPress website HTTPS insecure content",2650141,96,221,"2025-12-14T04:38:00.000Z","4.0","5.3",[19,56,75,76,23],"mixed-content","partially-encrypted","https:\u002F\u002Fssl.webaware.net.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-insecure-content-fixer.2.7.2.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":53,"tags":94,"homepage":95,"download_link":96,"security_score":97,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"http-https-remover","SSL Mixed Content Fix","3.2.8","Steve85b","https:\u002F\u002Fprofiles.wordpress.org\u002Fsteve85b\u002F","\u003Cp>\u003Cstrong>Try it out on your free dummy site: Click here => \u003Ca href=\"https:\u002F\u002Ftastewp.com\u002Fplugins\u002Fhttp-https-remover\" rel=\"nofollow ugc\">https:\u002F\u002Ftastewp.com\u002Fplugins\u002Fhttp-https-remover\u003C\u002Fa>.\u003C\u002Fstrong>\u003Cbr \u002F>\n(this trick works for all plugins in the WP repo – just replace “wordpress” with “tastewp” in the URL)\u003C\u002Fp>\n\u003Cp>UPDATE: This plugin will be maintained again! It changed ownership and we’re currently collecting ideas how to further improve it. If you have any cool ideas, please let us know in Support Forum. Thank you!\u003C\u002Fp>\n\u003Cp>Major updated in the latest release (3.0):\u003Cbr \u002F>\n– Plugin has a proper settings page now\u003Cbr \u002F>\n– Many bugs fixed\u003Cbr \u002F>\n– Code optimized, causing performance to increase a lot\u003C\u002Fp>\n\u003Cp>Main features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works in Front- and Backend\u003C\u002Fli>\n\u003Cli>Makes every Plugin compatible with https\u003C\u002Fli>\n\u003Cli>Compatible with WPBakery & Disqus\u003C\u002Fli>\n\u003Cli>Fixes Google Fonts issues\u003C\u002Fli>\n\u003Cli>Makes your website faster\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What does this Plugin do?\u003C\u002Fh4>\n\u003Cp>With protocol relative url’s you simply leave off the http: or https: part of the resource path. The browser will automatically load the resource using the same protocol that the page was loaded with.\u003C\u002Fp>\n\u003Cp>For example, an absolute url may look like\u003C\u002Fp>\n\u003Cpre>\u003Ccode>src=\"http:\u002F\u002Fdomain.com\u002Fscript.js\"\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you were to load this from a https page the script will not be loaded – as non-https resources are not loaded from https pages (for security reasons).\u003C\u002Fp>\n\u003Cp>The protocol relative url would look like\u003C\u002Fp>\n\u003Cpre>\u003Ccode>src=\"\u002F\u002Fdomain.com\u002Fscript.js\"\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>and would load if the web page was http or https.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Tipp:\u003C\u002Fstrong> Check your Settings -> General page and make sure your WordPress Address and Site Address are starting with “https”.\u003Cbr \u002F>\nAdd the following two lines in your wp-config.php above the line that​ says “Stop Editing Here”:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('FORCE_SSL', true);\ndefine('FORCE_SSL_ADMIN',true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>What is Mixed Content?\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Mixed content\u003C\u002Fstrong> occurs when initial HTML is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are loaded over an insecure HTTP connection. This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS. Modern browsers display warnings about this type of content to indicate to the user that this page contains insecure resources.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Example\u003C\u002Fh4>\n\u003Cp>Without Plugin:\u003Cbr \u002F>\n    src=”http:\u002F\u002Fdomain.com\u002Fscript01.js”\u003Cbr \u002F>\n    src=”https:\u002F\u002Fdomain.com\u002Fscript02.js”\u003Cbr \u002F>\n    src=”\u002F\u002Fdomain.com\u002Fscript03.js”\u003C\u002Fp>\n\u003Cp>With Plugin:\u003Cbr \u002F>\n    src=”\u002F\u002Fdomain.com\u002Fscript01.js”\u003Cbr \u002F>\n    src=”\u002F\u002Fdomain.com\u002Fscript02.js”\u003Cbr \u002F>\n    src=”\u002F\u002Fdomain.com\u002Fscript03.js”\u003C\u002Fp>\n\u003Ch4>If using Cache Plugins\u003C\u002Fh4>\n\u003Cp>If the plugin isn’t working like expected please purge\u002Fclear cache for the changes to take effect!\u003C\u002Fp>\n","A fix for mixed content! This Plugin creates protocol relative urls by removing http + https from links. Works in Front- and Backend!",9000,323765,82,34,"2024-07-17T01:21:00.000Z","6.6.5","4.6",[55,19,56,75,23],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhttp-https-Removal\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttp-https-remover.3.2.8.zip",92,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":51,"requires_at_least":93,"requires_php":111,"tags":112,"homepage":114,"download_link":115,"security_score":116,"vuln_count":117,"unpatched_count":13,"last_vuln_date":118,"fetched_at":28},"wp-force-ssl","WP Force SSL & HTTPS SSL Redirect","1.68","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F?ref=wporg\" rel=\"nofollow ugc\">WP Force SSL\u003C\u002Fa> helps you redirect insecure HTTP traffic to secure HTTPS and fix SSL errors \u003Cstrong>without touching any code\u003C\u002Fstrong>. Activate Force SSL and everything will be set and SSL enabled. The entire site will move to HTTPS using your SSL certificate. It works with any SSL certificate. It can be free SSL certificate from Let’s Encrypt or a paid SSL certificate.\u003C\u002Fp>\n\u003Cp>How to add SSL & enable SSL? Most hosting companies support the free SSL certificate from Let’s Encrypt, so login to your hosting panel and add SSL certificate. You’ll see a button labeled “Add SSL Certificate” or “Add Let’s Encrypt Certificate” and after that it’s 1 click to have the SSL enabled on your site with WP Force SSL. If that doesn’t work get \u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F\" rel=\"nofollow ugc\">WP Force SSL PRO\u003C\u002Fa> and it’ll generate free SSL certificate for your site. And will regenerate SSL certificate every 90 days.\u003C\u002Fp>\n\u003Cp>Access WP Force SSL settings via the main Settings menu -> WP Force SSL.\u003C\u002Fp>\n\u003Ch4>SSL Tests available in the plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>is site on localhost?\u003C\u002Fli>\n\u003Cli>check SSL certificate\u003C\u002Fli>\n\u003Cli>check SSL certificate expiry date\u003C\u002Fli>\n\u003Cli>is latest version of Force SSL used?\u003C\u002Fli>\n\u003Cli>are known incompatible SSL plugins active?\u003C\u002Fli>\n\u003Cli>is WP address URL set for SSL?\u003C\u002Fli>\n\u003Cli>is WP home URL set for SSL?\u003C\u002Fli>\n\u003Cli>is SSL monitoring enabled (pro feature)\u003C\u002Fli>\n\u003Cli>is HTTPS redirection working?\u003C\u002Fli>\n\u003Cli>is file redirection working (pro feature)\u003C\u002Fli>\n\u003Cli>is HSTS enabled?\u003C\u002Fli>\n\u003Cli>check mixed-content issue (pro feature)\u003C\u002Fli>\n\u003Cli>is htaccess available & writable?\u003C\u002Fli>\n\u003Cli>is 404 redirection enabled (pro feature)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>redirect HTTP to HTTPS\u003C\u002Fli>\n\u003Cli>fix mixed-content (pro)\u003C\u002Fli>\n\u003Cli>enable HSTS\u003C\u002Fli>\n\u003Cli>force secure cookies (pro)\u003C\u002Fli>\n\u003Cli>cross-site scripting protection (pro)\u003C\u002Fli>\n\u003Cli>expect CT header\u003C\u002Fli>\n\u003Cli>X-Frame options\u003C\u002Fli>\n\u003Cli>show WP Force SSL menu in admin bar\u003C\u002Fli>\n\u003Cli>show WP Force SSL widget in admin dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SSL certificate testing tool\u003C\u002Fh4>\n\u003Cp>WP Force SSL comes with an SSL certificate testing tool. It tests if the SSL certificate is valid, properly installed & up-to date.\u003C\u002Fp>\n\u003Ch4>Need support?\u003C\u002Fh4>\n\u003Cp>We’re here for you! Things get frustrating when they don’t work so make sure you \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-force-ssl\u002F\" rel=\"ugc\">open a support topic\u003C\u002Fa> in the official Force SSL forum. We answer all questions within a few hours!\u003C\u002Fp>\n\u003Ch4>External Assets\u003C\u002Fh4>\n\u003Cp>A big thank you to \u003Ca href=\"https:\u002F\u002Fsweetalert2.github.io\u002F\" rel=\"nofollow ugc\">SweetAlert2\u003C\u002Fa> authors which we use to make alerts nicer. And to \u003Ca href=\"https:\u002F\u002Fdepositphotos.com\u002F248496280\u002Fstock-illustration-online-payment-protection-system-concept.html\" rel=\"nofollow ugc\">DepositPhotos\u003C\u002Fa> for the lovely header image.\u003C\u002Fp>\n","Enable SSL & HTTPS redirect with 1 click! Add SSL certificate & WP Force SSL to redirect site from HTTP to HTTPS & fix SSL errors.",90000,1746375,94,179,"2025-12-03T20:17:00.000Z","5.2",[55,19,75,23,113],"ssl-certificate","https:\u002F\u002Fwpforcessl.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-force-ssl.1.68.zip",99,1,"2024-06-07 00:00:00",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":33,"num_ratings":129,"last_updated":130,"tested_up_to":51,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":137,"download_link":138,"security_score":33,"vuln_count":117,"unpatched_count":13,"last_vuln_date":139,"fetched_at":28},"wp-letsencrypt-ssl","WP Encryption – One Click Free SSL Certificate & SSL \u002F HTTPS Redirect, Security & SSL Scan","7.8.5.11","WP Encryption SSL","https:\u002F\u002Fprofiles.wordpress.org\u002Fgowebsmarty\u002F","\u003Cp>HTTPS Secure your WordPress site with SSL certificate provided by \u003Ca href=\"https:\u002F\u002Fletsencrypt.com\" rel=\"nofollow ugc\">Let’s Encrypt®\u003C\u002Fa> and force SSL \u002F HTTPS sitewide, check your SSL score, fix insecure content & mixed content issues easily. Enable HTTPS secure padlock on your site within minutes.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002F?utm_source=wordpress&utm_medium=description&utm_campaign=wpencryption\" rel=\"nofollow ugc\">WP Encryption\u003C\u002Fa> plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge. A typical SSL installation without WP Encryption would require you to generate CSR, prove domain ownership, provide your bussiness data and deal with many more technical tasks!.\u003C\u002Fp>\n\u003Ch3>PRO FEATURES WORTH UPGRADING\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjrkFwFH7r6o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic domain verification\u003C\u002Fli>\n\u003Cli>Automatic SSL certificate installation\u003C\u002Fli>\n\u003Cli>Automatic SSL renewal (Auto renews SSL certificate 30 days prior to expiry date)\u003C\u002Fli>\n\u003Cli>Wildcard SSL support – Install Wildcard SSL certificate for your primary domain that covers ALL sub-domains. Automatic DNS based domain verification for Wildcard SSL installation (DNS should be managed by cPanel or Godaddy)\u003C\u002Fli>\n\u003Cli>Multisite + Mapped domains support – Supports SSL installation for mapped domains\u003C\u002Fli>\n\u003Cli>Advanced security headers & SSL monitoring\u003C\u002Fli>\n\u003Cli>Top notch one to one priority support – Live Chat, Email, Premium Support Forum\u003C\u002Fli>\n\u003Cli>SSL installation help for non-cPanel sites\u003C\u002Fli>\n\u003Cli>Login security via passkeys (powered by WebAuthn) – No passwords. No brute force. Log in with passkeys protected by your browser or password manager — fast, secure, and frictionless.\u003C\u002Fli>\n\u003Cli>Automated daily vulnerability scanning & reporting.\u003C\u002Fli>\n\u003Cli>Automated daily malware & integrity scan\u003C\u002Fli>\n\u003Cli>Instant notification for threats & security issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002F?utm_source=wordpress&utm_medium=premiumfeatures&utm_campaign=wpencryption\" rel=\"nofollow ugc\">BUY PREMIUM VERSION\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>5M+ SSL certificates generated – Switch to HTTPS easily\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FaKvvVlAlZ14?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>FREE SSL PLUGIN FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Unlock every premium feature other plugins charge for — absolutely Free.\u003C\u002Fli>\n\u003Cli>Verify domain ownership and generate free SSL certificate\u003C\u002Fli>\n\u003Cli>Secure webmail and email with HTTPS\u003C\u002Fli>\n\u003Cli>Download generated SSL certificate, key and Intermediate certificate files\u003C\u002Fli>\n\u003Cli>Force HTTPS \u002F Enable HTTPS with 301 htaccess redirection sitewide in one click\u003C\u002Fli>\n\u003Cli>HTTPS redirection includes redirect loop fix for Cloudflare, StackPath, Load balancers and reverse proxies.\u003C\u002Fli>\n\u003Cli>SSL Health page – Track your SSL score and control various SSL & Security features like HSTS strict transport security Header, HttpOnly secure cookies, etc,.\u003C\u002Fli>\n\u003Cli>Enable important security headers including X-XSS-Protection, X-Content-Type-Options, Referrer-Policy\u003C\u002Fli>\n\u003Cli>Enable mixed content \u002F insecure content fixer\u003C\u002Fli>\n\u003Cli>SSL monitoring & Automatic email notification prior to SSL certificate expiration\u003C\u002Fli>\n\u003Cli>Advanced security features – stop user enumeration, disable file editing, hide login error, hide wp version and much more\u003C\u002Fli>\n\u003Cli>Security score & security scanners including malware & integrity scanner, vulnerability scanner.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(Optional) Running WordPress on a specialized VPS\u002FDedicated server without cPanel? You can download the generated SSL certificate files easily via “Download SSL Certificates” page and install it on your server by modifying server config file via SSH access as explained in our \u003Ca href=\"https:\u002F\u002Fwpencryption.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">DOCS\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>(7.8.0) NEW ADVANCED SECURITY PAGE WITH INTEGRITY SCAN & MALWARE SCAN\u003C\u002Fh3>\n\u003Cp>Discover the brand-new ‘Advanced Security & Scanner’ page — your command center for the most powerful protection your WordPress site has ever seen. Run malware and integrity scans to detect modified, additional, or suspicious files in your installation. Stay ahead of threats and keep your security score at its peak.\u003C\u002Fp>\n\u003Ch3>ADVANCED HTTP SECURITY HEADERS\u003C\u002Fh3>\n\u003Cp>Safeguard your site from cross-site scripting attacks, clickjacking, MIME sniffing attacks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable HTTPS Strict Transport Security Header to avoid request protocol downgrading\u003C\u002Fli>\n\u003Cli>Disable directory listing to avoid directory traversing\u003C\u002Fli>\n\u003Cli>Enable X-XSS protection, secure cookies, X-Content-Type-Options to avoid cross site scripting and MIME sniffing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Switch to HTTPS in seconds\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Secure HTTPS browser padlock in minutes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Free domain validated (DV) SSL certificates are provided by Let’s Encrypt (A non profit Global certificate Authority).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>SSL encryption ensures protection against man-in-middle attacks by securely encrypting the data transfer between client and your server.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Optimized for Cloudflare and Reverse Proxies\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Forcing HTTPS using the .htaccess method prevents redirect loops when your site is behind Cloudflare.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Compatible with reverse proxies and load balancers — avoids redirection conflicts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Top Reasons Your WordPress Site Needs an SSL Certificate\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>SEO Benefit: Major search engines like Google ranks SSL enabled sites higher compared to non SSL sites. Thus bringing more organic traffic for your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Data Encryption: Data transmission between server and visitor are securely encrypted on a SSL site thus avoiding any data hijacks in-between the transmission(Ex: personal information, credit card information).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Trust: Google chrome shows non-SSL sites as ‘insecure’, bringing a feel of insecurity in website visitors.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Authentic: HTTPS green padlock represents symbol of trust, authenticity and security.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>REQUIREMENTS\u003C\u002Fh4>\n\u003Cp>Linux hosting, OpenSSL, CURL, allow_url_fopen should be enabled.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Many thanks to the generous efforts of our translators.\u003C\u002Fp>\n\u003Cp>If you would like to translate plugin to your language, \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-letsencrypt-ssl\u002F\" rel=\"nofollow ugc\">Feel free to sign up and start translating!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Show Your Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you find any issue, please submit a bug via support forum.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>LOVE WP ENCRYPTION SSL PLUGIN?\u003C\u002Fh3>\n\u003Cp>If you find this plugin useful, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-letsencrypt-ssl\u002Freviews\u002F\" rel=\"ugc\">positive review\u003C\u002Fa>. Your reviews are our biggest motivation for further development of plugin.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>WP Encryption uses SSLLabs API for SSL scan & detection. By using the plugin, you agree to terms & conditions of \u003Ca href=\"https:\u002F\u002Fwww.ssllabs.com\u002Fdownloads\u002FQualys_SSL_Labs_Terms_of_Use.pdf\" rel=\"nofollow ugc\">SSLLabs\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>By enabling the Vulnerability Scan feature, you agree to terms & conditions of \u003Ca href=\"https:\u002F\u002Fvulnerability.wpsysadmin.com\" rel=\"nofollow ugc\">WPVulnerability Database API\u003C\u002Fa>. The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information.\u003C\u002Fp>\n\u003Cp>Security is an important subject regarding SSL\u002FTLS certificates, of course. It is obvious that your private key, stored on your web server, should never be accessible from the web. When the plugin created the keys directory for the first time, it will store a .htaccess file in this directory, denying all visitors. Always make sure yourself your keys aren’t accessible from the web! We are in no way responsible if your private keys go public. If this does happen, the easiest solution is to check folder permissions on your server and make sure public access is forbidden for root folders. Next, create a new certificate.\u003C\u002Fp>\n","Lifetime SSL solution - Free SSL certificate & HTTPS redirect, resolve insecure site, fix SSL errors, SSL score, SSL monitoring, really simple setup.",50000,3043225,1128,"2026-03-12T07:29:00.000Z","5.4","7.0",[134,135,19,136,23],"force-https","free-ssl","https-redirect","https:\u002F\u002Fwpencryption.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-letsencrypt-ssl.7.8.5.11.zip","2024-04-09 00:00:00",{"attackSurface":141,"codeSignals":193,"taintFlows":206,"riskAssessment":207,"analyzedAt":215},{"hooks":142,"ajaxHandlers":172,"restRoutes":173,"shortcodes":190,"cronEvents":191,"entryPointCount":192,"unprotectedCount":117},[143,149,153,156,159,163,165,168],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_menu","anonymous","includes\\admin.php",18,{"type":144,"name":150,"callback":146,"file":151,"line":152},"init","includes\\assets.php",14,{"type":144,"name":154,"callback":146,"file":151,"line":155},"enqueue_block_editor_assets",15,{"type":144,"name":157,"callback":146,"file":151,"line":158},"admin_enqueue_scripts",16,{"type":160,"name":161,"callback":146,"file":151,"line":162},"filter","mce_css",17,{"type":144,"name":164,"callback":146,"file":151,"line":148},"admin_notices",{"type":144,"name":166,"callback":146,"file":167,"line":148},"rest_api_init","includes\\rest.php",{"type":144,"name":164,"callback":169,"file":170,"line":171},"closure","insecure-content-warning.php",51,[],[174,181,186],{"namespace":175,"route":176,"methods":177,"callback":146,"permissionCallback":179,"file":167,"line":180},"icw\u002Fv1","\u002Fcheck\u002F",[178],"GET","__return_true",25,{"namespace":175,"route":182,"methods":183,"callback":146,"permissionCallback":169,"file":167,"line":185},"\u002Fcount-for-fix\u002F",[184],"POST",35,{"namespace":175,"route":187,"methods":188,"callback":146,"permissionCallback":169,"file":167,"line":189},"\u002Ffix\u002F",[184],101,[],[],3,{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":197,"fileOperations":13,"externalRequests":204,"nonceChecks":13,"capabilityChecks":192,"bundledLibraries":205},[],{"prepared":13,"raw":13,"locations":196},[],{"escaped":198,"rawEcho":117,"locations":199},28,[200],{"file":201,"line":202,"context":203},"includes\\partials\\admin-page.php",39,"raw output",2,[],[],{"summary":208,"deductions":209},"The \"insecure-content-warning\" plugin, version 1.2.2, demonstrates a generally good security posture based on the provided static analysis. The absence of dangerous functions, SQL injection vulnerabilities due to prepared statements, and a high percentage of properly escaped output are positive indicators. Furthermore, the plugin has no recorded vulnerabilities, including CVEs, suggesting a history of secure development or effective patching if issues have arisen in the past.\n\nHowever, there are specific areas of concern that warrant attention. The presence of one unprotected REST API route represents a significant attack surface that could potentially be exploited by unauthenticated users. While there are no critical taint flows identified, the lack of nonce checks for any of the entry points is a missed opportunity for enhanced security, especially considering the unprotected REST API route. The plugin also makes external HTTP requests, which, while not inherently insecure, can introduce risks if not handled carefully, depending on the nature of these requests.\n\nIn conclusion, while the plugin benefits from a strong foundation of secure coding practices and a clean vulnerability history, the unprotected REST API endpoint is a notable weakness. The absence of nonce checks further amplifies this risk. Addressing the unprotected endpoint and implementing appropriate authorization checks would significantly improve the plugin's overall security. The external HTTP requests are a minor concern that would require further investigation into their implementation.",[210,212],{"reason":211,"points":11},"Unprotected REST API route",{"reason":213,"points":214},"No nonce checks on entry points",5,"2026-03-17T00:06:18.440Z",{"wat":217,"direct":232},{"assetPaths":218,"generatorPatterns":224,"scriptPaths":225,"versionParams":226},[219,220,221,222,223],"\u002Fwp-content\u002Fplugins\u002Finsecure-content-warning\u002Fbuild\u002Fgutenberg.css","\u002Fwp-content\u002Fplugins\u002Finsecure-content-warning\u002Fbuild\u002Fclassic-editor.css","\u002Fwp-content\u002Fplugins\u002Finsecure-content-warning\u002Fbuild\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Finsecure-content-warning\u002Fbuild\u002Fgutenberg.js","\u002Fwp-content\u002Fplugins\u002Finsecure-content-warning\u002Fbuild\u002Fclassic-editor.js",[],[222,223,221],[227,228,229,230,231],"insecure-content-warning\u002Fbuild\u002Fgutenberg.css?ver=","insecure-content-warning\u002Fbuild\u002Fclassic-editor.css?ver=","insecure-content-warning\u002Fbuild\u002Fadmin.js?ver=","insecure-content-warning\u002Fbuild\u002Fgutenberg.js?ver=","insecure-content-warning\u002Fbuild\u002Fclassic-editor.js?ver=",{"cssClasses":233,"htmlComments":234,"htmlAttributes":235,"restEndpoints":236,"jsGlobals":239,"shortcodeOutput":241},[],[],[],[237,238],"\u002Fwp-json\u002Ficw\u002Fv1\u002Fcheck\u002F","\u002Fwp-json\u002Ficw\u002Fv1\u002Fcount-for-fix\u002F",[240],"insecureContentAdmin",[]]