[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fC_2HZf9QKqarNKKBpnd9_zTezbwUIKH8r1GtCAxMD6A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":65,"crawl_stats":38,"alternatives":71,"analysis":173,"fingerprints":813},"jonradio-private-site","My Private Site","4.1.0","David Gewirtz","https:\u002F\u002Fprofiles.wordpress.org\u002Fdgewirtz\u002F","\u003Cp>\u003Cstrong>My Private Site\u003C\u002Fstrong> makes your WordPress site private so only logged-in users can see your content. With one click, you can restrict access to all posts and pages, automatically redirect visitors to the login screen, and keep your site visible only to people you trust.\u003C\u002Fp>\n\u003Cp>Unlike full membership or subscription systems, My Private Site focuses on strong privacy without unnecessary complexity. It is ideal for family sites, schools, clubs, client previews, or development environments where you want to share content with a trusted audience without managing payments, profiles, or custom roles.\u003C\u002Fp>\n\u003Ch3>Ideal Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Family sites and school projects\u003C\u002Fstrong>: Share personal updates, photos, or assignments only with family members, classmates, or teachers you choose.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development and staging sites\u003C\u002Fstrong>: Safely show work-in-progress to clients or teammates without exposing unfinished content or letting it be indexed by search engines.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clubs, groups, and internal blogs\u003C\u002Fstrong>: Create a private online space for members or staff without the overhead of a complex membership system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Digital Fortress protection\u003C\u002Fh3>\n\u003Cp>My Private Site helps protect the “front door” of your private site with built-in safeguards for login and user registration, including registration spam protection and optional reCAPTCHA support. It also includes AI Crawler Defense to discourage automated collection of your site’s content.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Make your entire WordPress site private with a single setting  \u003C\u002Fli>\n\u003Cli>Redirect logged-out visitors automatically to the login page  \u003C\u002Fli>\n\u003Cli>Choose where users land after login (requested page, home, dashboard, or custom URL)  \u003C\u002Fli>\n\u003Cli>Support user self-registration on private sites when enabled  \u003C\u002Fli>\n\u003Cli>Protect registration with built-in spam controls and optional reCAPTCHA  \u003C\u002Fli>\n\u003Cli>Optionally block unauthenticated access to the WordPress REST API  \u003C\u002Fli>\n\u003Cli>Simple, no-code setup using standard WordPress settings \u003C\u002Fli>\n\u003Cli>Privacy shortcode lets you selectively show or hide content within a page or post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built-in AI Crawler Defense\u003C\u002Fh3>\n\u003Cp>The internet is rapidly changing, with AI crawlers and bots harvesting content without consent. My Private Site helps you defend your work with integrated \u003Cstrong>AI Crawler Defense\u003C\u002Fstrong> features:\u003Cbr \u002F>\n* \u003Cstrong>NoAI and NoImageAI tags\u003C\u002Fstrong>: Automatically add meta tags and headers that signal compliant AI systems not to use your text or images for training.\u003Cbr \u002F>\n* \u003Cstrong>Block GPTBot\u003C\u002Fstrong>: Add a robots.txt rule to prevent OpenAI’s crawler from accessing your site.\u003Cbr \u002F>\n* \u003Cstrong>Really Simple Licensing (RSL)\u003C\u002Fstrong>: Publish a machine-readable license that explicitly prohibits AI training on your content.\u003C\u002Fp>\n\u003Cp>These protections are included free in the core plugin, easy to enable with a checkbox, and designed to safeguard your site without affecting normal visitors or search engines. You can use them even if you’re not using any other site privacy features.\u003C\u002Fp>\n\u003Ch3>Watch the Video Overview and Demo\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fjry3DHD-OB8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Premium Add-ons\u003C\u002Fh3>\n\u003Cp>Premium add-ons turn My Private Site into a comprehensive privacy suite, giving you enterprise-style layered security defenses, smarter oversight, and flexible access, without the complexity or cost.\u003C\u002Fp>\n\u003Cp>Advanced AI Crawler Defense, Visitor Intelligence, and Block IP provide protections regardless of whether you’re using any site privacy features.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FB6s8O9VZLc0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-public-pages\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Public Pages 2.0\u003C\u002Fstrong>\u003C\u002Fa>: Allows site operators to designate certain specific pages, or pages with specified prefix, to be available to the public without login. Now also allows public site, private pages. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fu7BuYtzS_pI\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-advanced-ai-defense\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Advanced AI Crawler Defense\u003C\u002Fstrong>\u003C\u002Fa>: Protect WordPress content from AI crawlers using licensing, opt-out tags, selective bot blocking, and firewall defenses to control and safeguard your data. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FEb4qQDafaRk\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-visitor-intelligence\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Visitor Intelligence\u003C\u002Fstrong>\u003C\u002Fa>: Track logins, logouts, failed attempts, and bot activity with a unified log, anomaly detection, and export tools for stronger site oversight and security. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FTTK8bGVD8pM\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-guest-access\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Guest Access\u003C\u002Fstrong>\u003C\u002Fa>: Grant temporary, secure access to private WordPress content using unique shareable links with expiration, one-time use, and full admin-controlled invite management. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fj1vYV8lhqcc\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-block-ip\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Block IP\u003C\u002Fstrong>\u003C\u002Fa>: Block unwanted visitors by IP address or range with full IPv4\u002FIPv6 support, configurable scope, and fast enforcement to secure your WordPress site. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FvsxLqYXWITs\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-tags-and-categories\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Tags & Categories\u003C\u002Fstrong>\u003C\u002Fa>: Allows you to make pages public or (with Public Pages 2.0) private based on tags and categories. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FdEv7lXxU5lo\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-selective-content\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Selective Content\u003C\u002Fstrong>\u003C\u002Fa>: Allows hiding, showing, and obscurifying page content through the use of shortcodes. Can also selectively hide widgets and sidebars. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FexgJrJJSCNY\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-pricing\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Digital Fortress Bundle\u003C\u002Fstrong>\u003C\u002Fa>: All add-ons are available in bundle form.  \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FB6s8O9VZLc0\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Limits\u003C\u002Fh3>\n\u003Cp>This plugin does not hide non-WordPress web pages, such as .html and .php files. It also won’t restrict images and other media and text files directly accessed by their URL. If your hosting provider’s filesystem protections haven’t been set up correctly, files may also be accessed by directory listing.\u003C\u002Fp>\n\u003Ch3>Support Note\u003C\u002Fh3>\n\u003Cp>Support has moved to the ZATZLabs site and is no longer provided on the WordPress.org forums. If you need a timely reply from the developer, please \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">open a ticket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Mailing List\u003C\u002Fh3>\n\u003Cp>If you’d like to keep up with the latest updates to this plugin, please visit \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Flab-notes\u002F\" rel=\"nofollow ugc\">David’s Lab Notes\u003C\u002Fa> and add yourself to the mailing list.\u003C\u002Fp>\n","Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.",20000,568968,90,80,"2026-01-28T21:00:00.000Z","6.9.4","4.4","5.4",[20,21,22,23,24],"login","privacy","private-site","registration","security","http:\u002F\u002Fzatzlabs.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjonradio-private-site.4.1.0.zip",99,2,0,"2024-02-16 00:00:00","2026-03-15T15:16:48.613Z",[33,49],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-0978","my-private-site-improper-access-control-to-sensitive-information-exposure-via-rest-api","My Private Site \u003C= 3.0.14 - Improper Access Control to Sensitive Information Exposure via REST API","The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's site privacy feature and view restricted page and post content.",null,"\u003C=3.0.14","3.1.0","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Improper Access Control","2024-02-20 18:56:37",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F970bc71c-7d0a-4761-874a-379cda71418e?source=api-prod",5,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":64},"CVE-2022-1627","my-private-site-cross-site-request-forgery","My Private Site \u003C= 3.0.7 - Cross-Site Request Forgery","The plugin My Private Site for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.7. This is due to missing or incorrect nonce validation in the my_private_site_tab_advanced_process_buttons function. This makes it possible for unauthenticated attackers to inject malicious JavaScript, that will execute whenever a user accesses the \u002Fmy_private_site_tab_advanced_process_buttons page, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=3.0.7","3.0.8","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2022-05-29 00:00:00","2024-01-22 19:56:02",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1900941d-cbb6-4384-977e-6c40f65b2789?source=api-prod",604,{"slug":66,"display_name":7,"profile_url":8,"plugin_count":67,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":68,"trust_score":69,"computed_at":70},"dgewirtz",1,305,78,"2026-04-03T19:23:16.543Z",[72,94,116,137,156],{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":11,"downloaded":80,"rating":81,"num_ratings":82,"last_updated":83,"tested_up_to":16,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":89,"download_link":90,"security_score":91,"vuln_count":92,"unpatched_count":29,"last_vuln_date":93,"fetched_at":31},"login-with-ajax","Login With Ajax – Fast Logins, 2FA, Redirects","4.5.1","Marcus (aka @msykes)","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetweblogic\u002F","\u003Cp>Login With Ajax is for sites that need user logins or registrations and would like to avoid the normal wordpress login pages, or add AJAX effects to the regular login pages. This plugin adds the capability of placing a login widget in the sidebar with smooth AJAX login effects.\u003C\u002Fp>\n\u003Cp>Some of the features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>AJAX-powered logins, no screen refreshes!\n\u003Cul>\n\u003Cli>Login\u003C\u002Fli>\n\u003Cli>Registration\u003C\u002Fli>\n\u003Cli>Remember\u002FReset Password\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>PassKeys \u003Cstrong>(new in 4.4)\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Next-Generation security, no passwords required!\u003C\u002Fli>\n\u003Cli>Users can log in without a username AND password.\u003C\u002Fli>\n\u003Cli>Biometric support (fingerprint, face ID, etc.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>2FA – Two-Factor Authentication\n\u003Cul>\n\u003Cli>TOTP – Time-based One-Time Password\u003C\u002Fli>\n\u003Cli>Scan a QR code with popular authenticator apps like Google Authenticator, Authy, etc.\u003C\u002Fli>\n\u003Cli>Email – Send a code to the user’s email address\u003C\u002Fli>\n\u003Cli>Backup Codes – Generate and use backup codes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Integrate 2FA setup options in other plugin account pages\n\u003Cul>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>BuddyPress\u003C\u002Fli>\n\u003Cli>BuddyBoss\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>“AJAXify” other login forms\n\u003Cul>\n\u003Cli>Create a better login experience in the default WP login form with AJAX effects for logins, password recovery and registration.\u003C\u002Fli>\n\u003Cli>Regular WP login and registration forms\u003C\u002Fli>\n\u003Cli>WooCommerce login forms\u003C\u002Fli>\n\u003Cli>Events Manager login forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Many ways to display and customize your login form:\n\u003Cul>\n\u003Cli>Gutenberg Blocks\u003C\u002Fli>\n\u003Cli>Full-site editor compatible\u003C\u002Fli>\n\u003Cli>Widgets (classic and blocks)\u003C\u002Fli>\n\u003Cli>Shortcode\u003C\u002Fli>\n\u003Cli>Template Tags\u003C\u002Fli>\n\u003Cli>PHP API\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Flexible templates and options\n\u003Cul>\n\u003Cli>Multiple templates to choose from\u003C\u002Fli>\n\u003Cli>Including Modal\u002FPop-Up login forms\u003C\u002Fli>\n\u003Cli>Responsive and Accessible!\u003C\u002Fli>\n\u003Cli>Choose a base color for each individual login form.\u003C\u002Fli>\n\u003Cli>Individual display options via all display methods (e.g. Gutenberg Blocks, Shortcode etc.)\u003C\u002Fli>\n\u003Cli>Create your own upgrade-safe templates, or override our own ones.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Custom Login\u002FLogout redirections\n\u003Cul>\n\u003Cli>Redirect users to custom URLs on Login and Logout\u003C\u002Fli>\n\u003Cli>Redirect users with different roles to custom URLs\u003C\u002Fli>\n\u003Cli>WPML – Language-specific redirects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Modify registration email templates\u003C\u002Fli>\n\u003Cli>Other Features\n\u003Cul>\n\u003Cli>Disable CSS styling (via shortcode or PHP display methods)\u003C\u002Fli>\n\u003Cli>SSL-compatible\u003C\u002Fli>\n\u003Cli>Fallback mechanism, will still work on javascript-disabled browsers\u003C\u002Fli>\n\u003Cli>Compatible with WordPress, MultiSite, BuddyPress and many other plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Developer Friendly\n\u003Cul>\n\u003Cli>Multiple PHP and JS hooks\u003C\u002Fli>\n\u003Cli>Overridable CSS and JS files\u003C\u002Fli>\n\u003Cli>Easy-to-customize and overridable template files\u003C\u002Fli>\n\u003Cli>Well-documented\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>First released in 2009, the oldest login plugin for WordPress, regularly maintained and updated since then!\u003C\u002Fp>\n\u003Ch4>Pro Add-On Features\u003C\u002Fh4>\n\u003Cp>As of version 4.0, \u003Ca href=\"https:\u002F\u002Floginwithajax.com\u002F\" rel=\"nofollow ugc\">we now offer a Pro add-on\u003C\u002Fa> which extends Login With AJAX with multiple new features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Security Features\u003C\u002Fem> – Harden the security of your login forms\n\u003Cul>\n\u003Cli>2FA – Additional Two-Factor Authentication Methods:\u003C\u002Fli>\n\u003Cli>SMS – Send a code to the user’s phone\u003C\u002Fli>\n\u003Cli>WhatsApp – Send a message, user clicks a button, done!\u003C\u002Fli>\n\u003Cli>Telegram – Send a message, user clicks a button, done!\u003C\u002Fli>\n\u003Cli>reCaptcha (v2, v2 Invisible and v3)\u003C\u002Fli>\n\u003Cli>Login limiter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cem>3rd Party Page Builder Blocks\u002FWidgets\u002FModules\u003C\u002Fem>\n\u003Cul>\n\u003Cli>Divi\u003C\u002Fli>\n\u003Cli>Elementor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>More on the way!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Getting Help\u002FSupport\u003C\u002Fh4>\n\u003Cblockquote>\u003Cp> Version 4 is a major overhaul of the plugin, which has remained largely unchanged for 11 years yet remained a staple tool for logins to WordPress! Changes include a complete rewrite of login templates updated to modern stadnards and practices, as well as new WP features such as Gutenberg Blocks. \u003C\u002Fp>\u003C\u002Fblockquote>\n\u003Cp>If you’re stuck, we strongly suggest visiting our \u003Ca href=\"https:\u002F\u002Fdocs.loginwithajax.com\u002F\" rel=\"nofollow ugc\">Documentation Site\u003C\u002Fa> which contains exensive information and advice on setup and troubleshooting.\u003C\u002Fp>\n\u003Cp>If you have any problems with the plugin after reading our \u003Ca href=\"https:\u002F\u002Fdoocs.loginwithajax.com\u002Ftroubleshooting\u002F\" rel=\"nofollow ugc\">Troubleshooting\u003C\u002Fa>, please visit our freely supported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flogin-with-ajax\" rel=\"ugc\">community forums\u003C\u002Fa>, or \u003Ca href=\"https:\u002F\u002Floginwithajax.com\u002Fgopro\u002F\" rel=\"nofollow ugc\">Go Pro\u003C\u002Fa> for premium support.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>Please visit our \u003Ca href=\"https:\u002F\u002Fdocs.loginwithajax.com\" rel=\"nofollow ugc\">documentation site\u003C\u002Fa>, which is regularly and extensively maintained and updated with all the information relevant to getting started, advanced setup and troubleshooting common issues.\u003C\u002Fp>\n","Add beautiful login forms with smooth AJAX login\u002Fregistration effects, 2FA support, custom redrection options and many more login-related features!",1126792,92,166,"2025-12-03T15:37:00.000Z","4.8","5.2",[87,20,88,23,24],"2fa","passkeys","https:\u002F\u002Floginwithajax.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-with-ajax.4.5.1.zip",97,6,"2024-04-10 00:00:00",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":113,"download_link":114,"security_score":115,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"no-captcha-recaptcha","No CAPTCHA reCAPTCHA","1.3.4","Collins Agbonghama","https:\u002F\u002Fprofiles.wordpress.org\u002Fcollizo4sky\u002F","\u003Cp>A simple plugin for adding the new No CAPTCHA reCAPTCHA by Google to WordPress login, registration and comment system as well as BuddyPress registration form to protect against spam.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Option to activate CAPTCHA in login, registration, comment and BuddyPress registration forms.\u003C\u002Fli>\n\u003Cli>Choose a theme for the CAPTCHA.\u003C\u002Fli>\n\u003Cli>Auto-detects the user’s language.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugins you will like\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fno-captcha-recaptcha-for-woocommerce\u002F\" rel=\"ugc\">No CAPTCHA reCAPTCHA for WooCommerce\u003C\u002Fa>\u003C\u002Fstrong>: Protect WooCommerce login, registration and password reset form against spam using Google’s No CAPTCHA reCAPTCHA.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fppress\u002F\" rel=\"ugc\">ProfilePress\u003C\u002Fa>\u003C\u002Fstrong>: A shortcode based WordPress form builder that makes building custom login, registration and password reset forms stupidly simple. \u003Ca href=\"http:\u002F\u002Fprofilepress.net\" rel=\"nofollow ugc\">More info here\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailoptin\u002F\" rel=\"ugc\">MailOptin\u003C\u002Fa>\u003C\u002Fstrong> – The best WordPress email optin forms, email automation & newsletters plugin in the market.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect WordPress login, registration, comment and BuddyPress registration forms with Google's No CAPTCHA reCAPTCHA.",5000,151171,86,69,"2020-04-15T16:05:00.000Z","5.4.19","4.0",[110,20,111,112,24],"comment-form","recaptcha","registration-form","http:\u002F\u002Fw3guy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-captcha-recaptcha.1.3.4.zip",85,{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":67,"last_updated":127,"tested_up_to":16,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":135,"download_link":136,"security_score":126,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"user-approval-manager","User Approval Manager","1.0.5","Sotiris Rallios","https:\u002F\u002Fprofiles.wordpress.org\u002Fsrallios\u002F","\u003Cp>\u003Cstrong>User Approval Manager\u003C\u002Fstrong> adds an approval layer to WordPress user registration.\u003C\u002Fp>\n\u003Cp>When a new user registers, the plugin prevents immediate login and notifies the site administrator(s) by email. The administrator can approve or reject the user directly via action buttons included in the email.\u003C\u002Fp>\n\u003Cp>At the same time, the user receives an automatic email informing them that their account is pending approval. Once approved, the user is notified and can log in normally.\u003C\u002Fp>\n\u003Cp>This plugin is ideal for:\u003Cbr \u002F>\n– Membership websites\u003Cbr \u002F>\n– B2B platforms\u003Cbr \u002F>\n– Private communities\u003Cbr \u002F>\n– WooCommerce stores requiring verified customers\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Blocks login for newly registered users until approved\u003C\u002Fli>\n\u003Cli>Sends notification email to up to \u003Cstrong>two administrator email addresses\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Approve or reject users directly from email buttons\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password button\u003C\u002Fstrong> — use the {reset_password_button} placeholder in the User Approval Email to send new users a one-click “Set Password” link (respects custom login URLs and wp_lang)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-approval checkbox\u003C\u002Fstrong> — optionally auto-approve new users so they can log in immediately without manual approval\u003C\u002Fli>\n\u003Cli>Sends automatic status emails to users (pending \u002F approved)\u003C\u002Fli>\n\u003Cli>Simple configuration via WordPress admin\u003C\u002Fli>\n\u003Cli>Lightweight and focused — no unnecessary complexity\u003C\u002Fli>\n\u003C\u002Ful>\n","Requires administrator approval before new users can log in. Sends email notifications to admins and users during the approval process.",20,351,100,"2026-02-20T21:31:00.000Z","5.0","7.2",[131,132,24,133,134],"admin-approval","login-control","user-approval","user-registration","https:\u002F\u002Fwww.rallios.gr\u002Fportfolio\u002Fuser-approval-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-approval-manager.1.0.5.zip",{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":145,"downloaded":146,"rating":29,"num_ratings":29,"last_updated":147,"tested_up_to":148,"requires_at_least":149,"requires_php":147,"tags":150,"homepage":153,"download_link":154,"security_score":126,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":155},"behind-closed-doors","Behind Closed Doors","1.1","spencersokol","https:\u002F\u002Fprofiles.wordpress.org\u002Fspencersokol\u002F","\u003Cp>Keep your site behind closed doors with this plugin, by redirecting visitors to a single page, and optionally giving users a login form to view the remainder of your site.\u003C\u002Fp>\n\u003Cp>Basic uses:\u003Cbr \u002F>\n1. Keeping your site hidden while in initial development, while still allowing test users and clients to login\u003Cbr \u002F>\n2. Putting your site in a “maintenance mode” quickly\u003C\u002Fp>\n\u003Ch3>Upgrade Notices\u003C\u002Fh3>\n\u003Ch3>Future Releases\u003C\u002Fh3>\n","Keep your site behind closed doors, by redirecting visitors to a single page, optionally giving them a login form to view the remainder of your site.",10,1806,"","5.0.25","3.5",[20,151,152,21,24],"maintenance","maintenance-mode","http:\u002F\u002Fspencersokol.com\u002Fprojects\u002Fbehind-closed-doors\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbehind-closed-doors.1.1.zip","2026-03-15T10:48:56.248Z",{"slug":157,"name":158,"version":159,"author":160,"author_profile":161,"description":162,"short_description":163,"active_installs":145,"downloaded":164,"rating":126,"num_ratings":67,"last_updated":165,"tested_up_to":166,"requires_at_least":128,"requires_php":167,"tags":168,"homepage":171,"download_link":172,"security_score":115,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"force-login-pro","Force Login Pro","0.0.4","Brandon Hubbard","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhubbard\u002F","\u003Cp>Keep your WordPress site secure by requiring all visitors to first login to your site. Simply turn it on and it works out of the box.\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\u003C\u002Fp>\n","A simple WordPress plugin to force login.",1249,"2021-05-19T17:29:00.000Z","5.7.15","7.0",[20,21,169,170,24],"protected","protection","https:\u002F\u002Fgithub.com\u002Faccessnetworks\u002Fforce-login-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-login-pro.zip",{"attackSurface":174,"codeSignals":586,"taintFlows":716,"riskAssessment":799,"analyzedAt":812},{"hooks":175,"ajaxHandlers":572,"restRoutes":580,"shortcodes":581,"cronEvents":584,"entryPointCount":585,"unprotectedCount":29},[176,182,186,191,194,198,202,205,210,212,217,220,222,226,228,232,235,238,242,244,247,251,253,256,260,263,268,271,276,281,286,289,292,296,300,304,308,312,315,319,322,326,331,336,340,344,347,351,354,357,360,363,366,370,374,378,382,387,391,394,397,400,404,407,411,414,416,419,422,426,430,434,438,440,444,447,451,455,458,461,464,468,471,473,475,479,482,485,489,492,496,500,504,507,508,510,515,519,521,524,528,531,535,539,542,546,549,553,556,560,563,565,569],{"type":177,"name":178,"callback":179,"file":180,"line":181},"action","cmb2_admin_init","my_private_site_admin_addons_menu","admin\\addons.php",17,{"type":177,"name":183,"callback":184,"file":180,"line":185},"admin_enqueue_scripts","my_private_site_addons_enqueue_tutorial_assets",18,{"type":177,"name":187,"callback":188,"file":189,"line":190},"admin_post_my_private_site_tab_advanced","my_private_site_tab_advanced_process_buttons","admin\\advanced.php",37,{"type":177,"name":178,"callback":192,"file":189,"line":193},"my_private_site_admin_advanced_menu",54,{"type":177,"name":195,"callback":196,"file":189,"line":197},"admin_notices","closure",642,{"type":177,"name":199,"callback":200,"file":201,"line":190},"admin_post_my_private_site_tab_landing_page","my_private_site_tab_landing_page_process_buttons","admin\\landing-page.php",{"type":177,"name":178,"callback":203,"file":201,"line":204},"my_private_site_admin_landing_page_menu",50,{"type":177,"name":206,"callback":207,"file":208,"line":209},"admin_post_my_private_site_tab_licenses","my_private_site_tab_licenses_process_buttons","admin\\licenses.php",38,{"type":177,"name":178,"callback":211,"file":208,"line":204},"my_private_site_admin_licenses_menu",{"type":177,"name":213,"callback":214,"file":215,"line":216},"admin_post_my_private_site_tab_main","my_private_site_tab_main_process_buttons","admin\\main.php",40,{"type":177,"name":178,"callback":218,"file":215,"line":219},"my_private_site_admin_main_menu",62,{"type":177,"name":183,"callback":196,"file":215,"line":221},167,{"type":177,"name":223,"callback":224,"file":225,"line":190},"admin_post_my_private_site_tab_membership","my_private_site_tab_membership_process_buttons","admin\\membership.php",{"type":177,"name":178,"callback":227,"file":225,"line":204},"my_private_site_admin_membership_menu",{"type":177,"name":229,"callback":230,"file":231,"line":216},"admin_post_my_private_site_tab_public_pages","my_private_site_tab_public_pages_process_buttons","admin\\public-pages.php",{"type":177,"name":178,"callback":233,"file":231,"line":234},"my_private_site_admin_public_pages_menu",53,{"type":177,"name":183,"callback":236,"file":231,"line":237},"my_private_site_public_pages_enqueue_tutorial_assets",55,{"type":177,"name":239,"callback":240,"file":241,"line":190},"admin_post_my_private_site_tab_selective_content","my_private_site_tab_selective_content_process_buttons","admin\\selective-content.php",{"type":177,"name":178,"callback":243,"file":241,"line":204},"my_private_site_admin_selective_content_menu",{"type":177,"name":183,"callback":245,"file":241,"line":246},"my_private_site_selective_content_enqueue_tutorial_assets",51,{"type":177,"name":248,"callback":249,"file":250,"line":209},"admin_post_my_private_site_tab_site_privacy","my_private_site_tab_site_privacy_process_buttons","admin\\site-privacy.php",{"type":177,"name":178,"callback":252,"file":250,"line":237},"my_private_site_admin_site_privacy_menu",{"type":177,"name":183,"callback":254,"file":250,"line":255},"my_private_site_site_privacy_enqueue_tutorial_assets",56,{"type":177,"name":257,"callback":258,"file":250,"line":259},"admin_post_my_private_site_retest_robots","my_private_site_handle_retest_robots",58,{"type":177,"name":195,"callback":261,"file":250,"line":262},"my_private_site_show_recaptcha_login_notice",59,{"type":177,"name":264,"callback":265,"file":266,"line":267},"all_admin_notices","jr_ps_warning_privacy","includes\\all-admin.php",23,{"type":177,"name":195,"callback":269,"file":266,"line":270},"my_private_site_jr_ps_30_update_alert_message",43,{"type":177,"name":272,"callback":273,"file":274,"line":275},"pre_current_active_plugins","jr_ps_show_plugin","includes\\installed-plugins.php",36,{"type":177,"name":277,"callback":278,"file":279,"line":280},"network_admin_menu","jr_ps_network_admin_hook","includes\\net-settings.php",7,{"type":177,"name":282,"callback":283,"file":284,"line":285},"get_header","jr_ps_force_login","includes\\public.php",32,{"type":177,"name":287,"callback":283,"file":284,"line":288},"template_redirect",35,{"type":177,"name":290,"callback":291,"file":284,"line":209},"rest_api_init","jr_ps_handle_rest_requests",{"type":177,"name":293,"callback":294,"file":284,"line":295},"login_init","jr_ps_login",39,{"type":297,"name":298,"callback":299,"file":284,"line":216},"filter","login_url","jr_ps_login_url",{"type":177,"name":301,"callback":302,"file":284,"line":303},"wp_login_failed","jr_ps_login_failed",41,{"type":177,"name":305,"callback":306,"priority":145,"file":284,"line":307},"wp_authenticate","jr_ps_wp_authenticate",42,{"type":297,"name":309,"callback":310,"priority":126,"file":284,"line":311},"login_redirect","jr_ps_login_redirect_filter",49,{"type":177,"name":313,"callback":314,"file":284,"line":193},"plugins_loaded","jr_ps_plugins_loaded",{"type":297,"name":316,"callback":317,"priority":145,"file":284,"line":318},"pmpro_login_redirect_url","jr_ps_pmpro_login_redirect_url_filter",57,{"type":297,"name":320,"callback":196,"priority":145,"file":284,"line":321},"rest_pre_dispatch",320,{"type":177,"name":183,"callback":323,"file":324,"line":325},"my_private_site_queue_admin_stylesheet","jonradio-private-site-admin.php",102,{"type":177,"name":327,"callback":328,"file":329,"line":330},"login_form","my_private_site_recaptcha_login_guard_render","jonradio-private-site.php",317,{"type":297,"name":332,"callback":333,"priority":334,"file":329,"line":335},"wp_authenticate_user","my_private_site_recaptcha_login_guard_validate",11,318,{"type":177,"name":337,"callback":338,"file":329,"line":339},"register_form","my_private_site_spam_guard_add_honeypot",354,{"type":297,"name":341,"callback":342,"priority":145,"file":329,"line":343},"registration_errors","my_private_site_spam_guard_validate_registration",415,{"type":177,"name":345,"callback":346,"file":329,"line":64},"wp_loaded","jr_ps_maybe_hide_admin_bar",{"type":177,"name":178,"callback":348,"file":349,"line":350},"yourprefix_register_demo_metabox","library\\cmb2\\example-functions.php",105,{"type":177,"name":178,"callback":352,"file":349,"line":353},"yourprefix_register_about_page_metabox",470,{"type":177,"name":178,"callback":355,"file":349,"line":356},"yourprefix_register_repeatable_group_field_metabox",500,{"type":177,"name":178,"callback":358,"file":349,"line":359},"yourprefix_register_user_profile_metabox",564,{"type":177,"name":178,"callback":361,"file":349,"line":362},"yourprefix_register_taxonomy_metabox",633,{"type":177,"name":178,"callback":364,"file":349,"line":365},"yourprefix_register_theme_options_metabox",674,{"type":177,"name":367,"callback":368,"file":349,"line":369},"cmb2_init","yourprefix_register_rest_api_box",777,{"type":177,"name":371,"callback":372,"file":373,"line":193},"cmb2_save_options-page_fields","clean_stale_options_page_oembeds","library\\cmb2\\includes\\CMB2_Ajax.php",{"type":297,"name":375,"callback":376,"priority":145,"file":373,"line":377},"get_post_metadata","hijack_oembed_cache_get",147,{"type":297,"name":379,"callback":380,"priority":145,"file":373,"line":381},"update_post_metadata","hijack_oembed_cache_set",150,{"type":297,"name":383,"callback":384,"priority":145,"file":385,"line":386},"cmb2_show_on","anonymous","library\\cmb2\\includes\\CMB2_Hookup.php",79,{"type":177,"name":388,"callback":389,"file":385,"line":390},"edit_form_top","add_context_metaboxes",118,{"type":177,"name":392,"callback":389,"file":385,"line":393},"edit_form_before_permalink",122,{"type":177,"name":395,"callback":389,"file":385,"line":396},"edit_form_after_title",126,{"type":177,"name":398,"callback":389,"file":385,"line":399},"edit_form_after_editor",130,{"type":177,"name":401,"callback":402,"file":385,"line":403},"add_meta_boxes","add_metaboxes",134,{"type":177,"name":401,"callback":405,"file":385,"line":406},"remove_default_tax_metaboxes",137,{"type":177,"name":408,"callback":409,"file":385,"line":410},"add_attachment","save_post",138,{"type":177,"name":412,"callback":409,"file":385,"line":413},"edit_attachment",139,{"type":177,"name":409,"callback":409,"priority":145,"file":385,"line":415},140,{"type":177,"name":417,"callback":418,"file":385,"line":377},"pre_get_posts","columns_sortable_orderby",{"type":177,"name":420,"callback":402,"file":385,"line":421},"add_meta_boxes_comment",155,{"type":177,"name":423,"callback":424,"file":385,"line":425},"edit_comment","save_comment",156,{"type":297,"name":427,"callback":428,"file":385,"line":429},"manage_edit-comments_columns","register_column_headers",159,{"type":177,"name":431,"callback":432,"priority":145,"file":385,"line":433},"manage_comments_custom_column","column_display",160,{"type":297,"name":435,"callback":436,"file":385,"line":437},"manage_edit-comments_sortable_columns","columns_sortable",161,{"type":177,"name":417,"callback":418,"file":385,"line":439},162,{"type":177,"name":441,"callback":442,"file":385,"line":443},"show_user_profile","user_metabox",171,{"type":177,"name":445,"callback":442,"file":385,"line":446},"edit_user_profile",172,{"type":177,"name":448,"callback":449,"file":385,"line":450},"user_new_form","user_new_metabox",173,{"type":177,"name":452,"callback":453,"file":385,"line":454},"personal_options_update","save_user",175,{"type":177,"name":456,"callback":453,"file":385,"line":457},"edit_user_profile_update",176,{"type":177,"name":459,"callback":453,"file":385,"line":460},"user_register",177,{"type":297,"name":462,"callback":428,"file":385,"line":463},"manage_users_columns",180,{"type":297,"name":465,"callback":466,"priority":145,"file":385,"line":467},"manage_users_custom_column","return_column_display",181,{"type":297,"name":469,"callback":436,"file":385,"line":470},"manage_users_sortable_columns",182,{"type":177,"name":417,"callback":418,"file":385,"line":472},183,{"type":177,"name":417,"callback":418,"file":385,"line":474},229,{"type":177,"name":476,"callback":477,"priority":145,"file":385,"line":478},"created_term","save_term",233,{"type":177,"name":480,"callback":477,"priority":145,"file":385,"line":481},"edited_terms",234,{"type":177,"name":483,"callback":483,"priority":145,"file":385,"line":484},"delete_term",235,{"type":297,"name":486,"callback":487,"priority":145,"file":488,"line":193},"wp_prepare_attachment_for_js","prepare_image_sizes_for_js","library\\cmb2\\includes\\CMB2_Hookup_Field.php",{"type":177,"name":183,"callback":490,"priority":27,"file":488,"line":491},"dequeue_rgba_colorpicker_script",71,{"type":177,"name":493,"callback":493,"file":494,"line":495},"cmb2_do_oembed","library\\cmb2\\includes\\helper-functions.php",131,{"type":297,"name":497,"callback":497,"priority":145,"file":498,"line":499},"is_protected_meta","library\\cmb2\\includes\\rest-api\\CMB2_REST.php",144,{"type":177,"name":501,"callback":502,"file":503,"line":495},"init","include_cmb","library\\cmb2\\init.php",{"type":297,"name":505,"callback":196,"file":506,"line":181},"my_private_site_deactivate_feedback_form_plugins","telemetry\\deactivate.php",{"type":177,"name":183,"callback":196,"file":506,"line":246},{"type":297,"name":505,"callback":196,"file":506,"line":509},110,{"type":297,"name":511,"callback":512,"priority":145,"file":513,"line":514},"cmb2_row_classes","my_private_site_cmb_secondary_row_classes","util\\cmbhelpers.php",81,{"type":297,"name":516,"callback":517,"priority":124,"file":513,"line":518},"cmb2_field_arguments","my_private_site_cmb_enforce_subtab_show_on",83,{"type":297,"name":516,"callback":196,"priority":29,"file":513,"line":520},704,{"type":177,"name":522,"callback":196,"priority":29,"file":513,"line":523},"admin_head",726,{"type":177,"name":195,"callback":525,"file":526,"line":527},"my_private_site_show_ai_defense_admin_notice","util\\utilities.php",221,{"type":177,"name":529,"callback":525,"file":526,"line":530},"network_admin_notices",222,{"type":177,"name":532,"callback":533,"priority":29,"file":526,"line":534},"wp_head","my_private_site_output_noai_meta",370,{"type":177,"name":536,"callback":537,"file":526,"line":538},"send_headers","my_private_site_output_noai_headers",385,{"type":177,"name":501,"callback":540,"file":526,"line":541},"my_private_site_register_rsl_rewrite",660,{"type":297,"name":543,"callback":544,"file":526,"line":545},"query_vars","my_private_site_register_rsl_query_var",672,{"type":177,"name":501,"callback":547,"priority":29,"file":526,"line":548},"my_private_site_maybe_output_license_xml_early",720,{"type":177,"name":550,"callback":551,"file":526,"line":552},"admin_post_my_private_site_backup_settings","my_private_site_handle_backup_settings",1081,{"type":177,"name":554,"callback":555,"file":526,"line":164},"admin_post_my_private_site_restore_settings","my_private_site_handle_restore_settings",{"type":177,"name":557,"callback":558,"file":526,"line":559},"admin_post_my_private_site_reset_settings","my_private_site_handle_reset_settings",1272,{"type":177,"name":287,"callback":561,"priority":29,"file":526,"line":562},"my_private_site_maybe_output_license_xml",1345,{"type":177,"name":282,"callback":561,"priority":29,"file":526,"line":564},1347,{"type":297,"name":566,"callback":567,"priority":124,"file":526,"line":568},"robots_txt","my_private_site_add_license_to_robots",1385,{"type":297,"name":566,"callback":570,"priority":124,"file":526,"line":571},"my_private_site_add_gptbot_block_to_robots",1415,[573,578],{"action":574,"nopriv":575,"callback":576,"hasNonce":577,"hasCapCheck":575,"file":373,"line":246},"cmb2_oembed_handler",false,"oembed_handler",true,{"action":574,"nopriv":577,"callback":576,"hasNonce":577,"hasCapCheck":575,"file":373,"line":579},52,[],[582],{"tag":21,"callback":583,"file":329,"line":527},"my_private_site_shortcode",[],3,{"dangerousFunctions":587,"sqlUsage":593,"outputEscaping":599,"fileOperations":585,"externalRequests":92,"nonceChecks":714,"capabilityChecks":124,"bundledLibraries":715},[588],{"fn":589,"file":590,"line":591,"context":592},"unserialize","library\\cmb2\\includes\\CMB2_Utils.php",571,"$datetime = @unserialize( trim( $date_value ), array( 'allowed_classes' => array( 'DateTime' ) ) );",{"prepared":594,"raw":67,"locations":595},4,[596],{"file":597,"line":334,"context":598},"uninstall.php","$wpdb->get_results() with variable interpolation",{"escaped":600,"rawEcho":318,"locations":601},290,[602,606,608,610,611,614,616,618,620,622,624,626,627,628,629,631,633,634,636,637,640,643,645,647,648,650,651,653,655,657,659,661,663,665,667,669,671,673,675,677,679,681,683,685,688,691,693,695,697,699,701,702,704,706,708,710,712],{"file":603,"line":604,"context":605},"legacy\\legacy.php",24,"raw output",{"file":603,"line":607,"context":605},29,{"file":349,"line":609,"context":605},70,{"file":349,"line":115,"context":605},{"file":612,"line":613,"context":605},"library\\cmb2\\includes\\CMB2.php",319,{"file":612,"line":615,"context":605},528,{"file":612,"line":617,"context":605},532,{"file":612,"line":619,"context":605},534,{"file":612,"line":621,"context":605},537,{"file":612,"line":623,"context":605},552,{"file":612,"line":625,"context":605},618,{"file":612,"line":625,"context":605},{"file":612,"line":625,"context":605},{"file":612,"line":625,"context":605},{"file":612,"line":630,"context":605},622,{"file":612,"line":632,"context":605},625,{"file":612,"line":632,"context":605},{"file":612,"line":635,"context":605},647,{"file":612,"line":635,"context":605},{"file":638,"line":639,"context":605},"library\\cmb2\\includes\\CMB2_Base.php",249,{"file":641,"line":642,"context":605},"library\\cmb2\\includes\\CMB2_Field.php",925,{"file":641,"line":644,"context":605},1147,{"file":646,"line":425,"context":605},"library\\cmb2\\includes\\CMB2_Field_Display.php",{"file":646,"line":472,"context":605},{"file":646,"line":649,"context":605},195,{"file":646,"line":484,"context":605},{"file":646,"line":652,"context":605},237,{"file":646,"line":654,"context":605},266,{"file":646,"line":656,"context":605},277,{"file":646,"line":658,"context":605},288,{"file":646,"line":660,"context":605},299,{"file":646,"line":662,"context":605},310,{"file":646,"line":664,"context":605},334,{"file":646,"line":666,"context":605},336,{"file":646,"line":668,"context":605},339,{"file":646,"line":670,"context":605},402,{"file":646,"line":672,"context":605},449,{"file":646,"line":674,"context":605},479,{"file":385,"line":676,"context":605},583,{"file":385,"line":678,"context":605},589,{"file":385,"line":680,"context":605},592,{"file":385,"line":682,"context":605},598,{"file":385,"line":684,"context":605},599,{"file":686,"line":687,"context":605},"library\\cmb2\\includes\\CMB2_Options_Hookup.php",203,{"file":689,"line":690,"context":605},"library\\cmb2\\includes\\CMB2_Types.php",101,{"file":689,"line":692,"context":605},338,{"file":689,"line":694,"context":605},344,{"file":689,"line":696,"context":605},440,{"file":494,"line":698,"context":605},129,{"file":700,"line":91,"context":605},"library\\cmb2\\includes\\types\\CMB2_Type_Wysiwyg.php",{"file":700,"line":27,"context":605},{"file":513,"line":703,"context":605},426,{"file":513,"line":705,"context":605},636,{"file":513,"line":707,"context":605},667,{"file":526,"line":709,"context":605},717,{"file":526,"line":711,"context":605},1062,{"file":526,"line":713,"context":605},1340,19,[],[717,735,745,757,778,791],{"entryPoint":718,"graph":719,"unsanitizedCount":29,"severity":734},"\u003Cadvanced> (admin\\advanced.php:0)",{"nodes":720,"edges":732},[721,726],{"id":722,"type":723,"label":724,"file":189,"line":725},"n0","source","$_GET",653,{"id":727,"type":728,"label":729,"file":189,"line":730,"wp_function":731},"n1","sink","echo() [XSS]",658,"echo",[733],{"from":722,"to":727,"sanitized":577},"low",{"entryPoint":736,"graph":737,"unsanitizedCount":29,"severity":734},"my_private_site_cmb_options_display_with_tabs (util\\cmbhelpers.php:21)",{"nodes":738,"edges":743},[739,741],{"id":722,"type":723,"label":724,"file":513,"line":740},26,{"id":727,"type":728,"label":729,"file":513,"line":742,"wp_function":731},119,[744],{"from":722,"to":727,"sanitized":577},{"entryPoint":746,"graph":747,"unsanitizedCount":28,"severity":734},"my_private_site_set_cmb2_submit_button_flag (util\\cmbhelpers.php:443)",{"nodes":748,"edges":755},[749,751],{"id":722,"type":723,"label":750,"file":513,"line":672},"$_POST (x2)",{"id":727,"type":728,"label":752,"file":513,"line":753,"wp_function":754},"update_option() [Settings Manipulation]",477,"update_option",[756],{"from":722,"to":727,"sanitized":575},{"entryPoint":758,"graph":759,"unsanitizedCount":594,"severity":734},"\u003Ccmbhelpers> (util\\cmbhelpers.php:0)",{"nodes":760,"edges":774},[761,762,763,765,767,771],{"id":722,"type":723,"label":724,"file":513,"line":740},{"id":727,"type":728,"label":729,"file":513,"line":742,"wp_function":731},{"id":764,"type":723,"label":750,"file":513,"line":672},"n2",{"id":766,"type":728,"label":752,"file":513,"line":753,"wp_function":754},"n3",{"id":768,"type":723,"label":769,"file":513,"line":770},"n4","$_GET (x2)",495,{"id":772,"type":728,"label":752,"file":513,"line":773,"wp_function":754},"n5",531,[775,776,777],{"from":722,"to":727,"sanitized":577},{"from":764,"to":766,"sanitized":575},{"from":768,"to":772,"sanitized":575},{"entryPoint":779,"graph":780,"unsanitizedCount":29,"severity":734},"my_private_site_handle_restore_settings (util\\utilities.php:1187)",{"nodes":781,"edges":789},[782,785],{"id":722,"type":723,"label":783,"file":526,"line":784},"$_FILES",1206,{"id":727,"type":728,"label":786,"file":526,"line":787,"wp_function":788},"file_get_contents() [SSRF\u002FLFI]",1220,"file_get_contents",[790],{"from":722,"to":727,"sanitized":577},{"entryPoint":792,"graph":793,"unsanitizedCount":29,"severity":734},"\u003Cutilities> (util\\utilities.php:0)",{"nodes":794,"edges":797},[795,796],{"id":722,"type":723,"label":783,"file":526,"line":784},{"id":727,"type":728,"label":786,"file":526,"line":787,"wp_function":788},[798],{"from":722,"to":727,"sanitized":577},{"summary":800,"deductions":801},"The \"jonradio-private-site\" v4.1.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates a good number of entry points (AJAX, shortcodes) are protected with appropriate checks, and a significant majority of SQL queries utilize prepared statements, which is a strong defense against SQL injection. The plugin also appears to have a robust implementation of nonce and capability checks, contributing to its overall security. However, the presence of the `unserialize` function, even if not directly observed in taint flows, is a significant concern as it can lead to object injection vulnerabilities if not handled with extreme caution and input validation.  The vulnerability history, particularly the past high and medium severity issues related to Improper Access Control and CSRF, indicates a recurring pattern of potential weaknesses that require diligent patching and ongoing scrutiny. While there are currently no unpatched CVEs, the history suggests a need for more rigorous security development practices to prevent future vulnerabilities. The taint analysis shows no critical or high severity unsanitized flows, which is encouraging, but the presence of two unsanitized paths warrants further investigation to ensure they do not pose an exploitable risk.\n\nIn conclusion, the plugin has strengths in its input validation and authorization mechanisms. However, the use of `unserialize` and the historical vulnerability patterns are significant red flags. Developers should prioritize a thorough review and sanitization of all data passed to `unserialize` and continue to focus on preventing access control and CSRF issues in future development. The presence of two unsanitized paths in the taint analysis also necessitates immediate attention.",[802,804,807,810],{"reason":803,"points":145},"Use of unserialize function",{"reason":805,"points":806},"2 unsanitized paths found in taint analysis",8,{"reason":808,"points":809},"History of High severity vulnerability",15,{"reason":811,"points":145},"History of Medium severity vulnerability","2026-03-16T17:34:10.150Z",{"wat":814,"direct":846},{"assetPaths":815,"generatorPatterns":829,"scriptPaths":830,"versionParams":832},[816,817,818,819,820,821,822,823,824,825,826,827,828],"\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fadmin-table.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fcolor-picker.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fcustom-login.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Flogin.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fcss\u002Fprivacy.css","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Fadmin-scripts.js","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Fcolor-picker.js","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Fcustom-login.js","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Flogin.js","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Fprivacy.js","\u002Fwp-content\u002Fplugins\u002Fjonradio-private-site\u002Fjs\u002Fresponsive.js",[],[831],"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi.js",[833,834,835,836,837,838,839,840,841,842,843,844,845],"jonradio-private-site\u002Fcss\u002Fadmin.css?ver=","jonradio-private-site\u002Fcss\u002Fadmin-style.css?ver=","jonradio-private-site\u002Fcss\u002Fadmin-table.css?ver=","jonradio-private-site\u002Fcss\u002Fcolor-picker.css?ver=","jonradio-private-site\u002Fcss\u002Fcustom-login.css?ver=","jonradio-private-site\u002Fcss\u002Flogin.css?ver=","jonradio-private-site\u002Fcss\u002Fprivacy.css?ver=","jonradio-private-site\u002Fjs\u002Fadmin-scripts.js?ver=","jonradio-private-site\u002Fjs\u002Fcolor-picker.js?ver=","jonradio-private-site\u002Fjs\u002Fcustom-login.js?ver=","jonradio-private-site\u002Fjs\u002Flogin.js?ver=","jonradio-private-site\u002Fjs\u002Fprivacy.js?ver=","jonradio-private-site\u002Fjs\u002Fresponsive.js?ver=",{"cssClasses":847,"htmlComments":849,"htmlAttributes":864,"restEndpoints":866,"jsGlobals":867,"shortcodeOutput":871},[848],"jr-ps-privacy-setting-field",[850,851,852,853,854,855,856,857,858,859,860,861,862,863],"Security violation detected. Access denied. Codes up to [A008].","Exit if .php file accessed directly","Previous versions turned Privacy on at Activation;\n\t\t\tNow it is a Setting on the Settings page,\n\t\t\tso warn Admin.","Plugin is either:\n\t\t- updated from a version so old that Version was not yet stored in the plugin's settings, or\n\t\t- first use after install:\n\t\t\t- first time ever installed, or\n\t\t\t- installed previously and properly uninstalled (data deleted)","Create, if internal settings do not exist; update if they do exist","Legacy compatibility helpers are needed by add-ons on both admin and public requests.","this is the complement of the activation hook which we don't have","would be for going to the welcome page","Maybe hide the admin bar based on plugin settings.","Mirrors the legacy behaviour from the admin bootstrap but lives here so\n\t\tfront-end requests no longer need to load the full admin stack.","Privacy shortcode handler.","Check whether reCAPTCHA Login Guard is enabled and configured.","Render reCAPTCHA widget on the WordPress login form when enabled.","Validate reCAPTCHA on login when enabled and configured.",[865],"data-sitekey",[],[868,869,870],"jr_ps_path","jr_ps_plugin_basename","jr_ps_plugin_data",[872,873],"[privacy hide-if=\"logged-in\"]","[privacy hide-if=\"logged-out\"]"]