[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWZuo0W-fNc6Aea04fV8EQoHpMIpI6xHGvlHfC6ndiyE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":141,"fingerprints":359},"lana-security","Lana Security","1.1.8","Lana Codes","https:\u002F\u002Fprofiles.wordpress.org\u002Flanacodes\u002F","\u003Cp>Security plugin to protect website.\u003C\u002Fp>\n\u003Ch4>Video\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FGAZxD6iMg5o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Encrypt Version\u003C\u002Fh4>\n\u003Cp>Encrypt WordPress version in frontend scripts and styles, and remove generator\u003C\u002Fp>\n\u003Ch4>Insecure Files\u003C\u002Fh4>\n\u003Cp>Block insecure files (readme.html, license.txt) with htaccess\u003C\u002Fp>\n\u003Ch4>Login Captcha\u003C\u002Fh4>\n\u003Cp>Add simple number captcha in WordPress login form\u003C\u002Fp>\n\u003Ch4>Registration Captcha\u003C\u002Fh4>\n\u003Cp>Add simple number captcha in WordPress registration form\u003C\u002Fp>\n\u003Ch4>Lost Password Captcha\u003C\u002Fh4>\n\u003Cp>Add simple number captcha in WordPress lost password form\u003C\u002Fp>\n\u003Ch4>Security Logs\u003C\u002Fh4>\n\u003Cp>Monitors: activate and deactivate Lana Security plugin, password change (roles: only administrator), delete user (roles: all)\u003C\u002Fp>\n\u003Ch4>Login Logs\u003C\u002Fh4>\n\u003Cp>Monitors: success and failed login with comment\u003C\u002Fp>\n\u003Ch4>Lana Codes\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Flana.codes\u002Flana-product\u002Flana-security\u002F\" rel=\"nofollow ugc\">Lana Security\u003C\u002Fa>\u003C\u002Fp>\n","Security plugin to protect website with login captcha, hide version number and security monitor",100,4198,1,"2022-05-28T19:12:00.000Z","5.9.13","4.0","",[19,20,21,22,23],"captcha","login-captcha","login-log","login-security","security","http:\u002F\u002Flana.codes\u002Flana-product\u002Flana-security\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flana-security.1.1.8.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"lanacodes",13,3630,92,400,73,"2026-04-04T07:03:40.302Z",[40,60,82,102,122],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":17,"download_link":59,"security_score":35,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wordfence-login-security","Wordfence Login Security","1.1.15","wfryan","https:\u002F\u002Fprofiles.wordpress.org\u002Fwfryan\u002F","\u003Ch3>WORDFENCE LOGIN SECURITY\u003C\u002Fh3>\n\u003Cp>Wordfence Login Security contains a subset of the functionality found in the full Wordfence plugin: Two-factor Authentication, XML-RPC Protection and Login Page CAPTCHA.\u003C\u002Fp>\n\u003Cp>Are you looking for comprehensive WordPress Security? \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" rel=\"ugc\">Check out the full Wordfence plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>TWO-FACTOR AUTHENTICATION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Two-factor authentication (2FA), one of the most secure forms of remote system authentication available.\u003C\u002Fli>\n\u003Cli>Use any TOTP-based authenticator app or service like Google Authenticator, Authy, 1Password or FreeOTP.\u003C\u002Fli>\n\u003Cli>Enable 2FA for any WordPress user role.\u003C\u002Fli>\n\u003Cli>Completely free to use, no limits or restrictions of any kind.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>LOGIN PAGE CAPTCHA\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easily enable Google ReCAPTCHA v3 on your login and registration pages.\u003C\u002Fli>\n\u003Cli>Stops bots from logging in without inconveniencing your site visitors.\u003C\u002Fli>\n\u003Cli>Robust protection against password guessing and credential stuffing attacks distributed across large IP pools\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>XML-RPC PROTECTION\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>XML-RPC is the biggest target for WordPress attacks, but is often overlooked.\u003C\u002Fli>\n\u003Cli>Protect XML-RPC with 2FA or disable it altogether if it’s not needed.\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.",70000,1239075,80,25,"2025-01-15T17:05:00.000Z","6.7.5","4.7","7.0",[57,19,22,23,58],"2fa","two-factor-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordfence-login-security.1.1.15.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":33,"last_updated":71,"tested_up_to":72,"requires_at_least":16,"requires_php":17,"tags":73,"homepage":17,"download_link":78,"security_score":79,"vuln_count":80,"unpatched_count":27,"last_vuln_date":81,"fetched_at":29},"dologin","DoLogin Security","4.3","WPDO","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdo5ea\u002F","\u003Cp>In one click, your WordPress login page will be pretected with the smart brute force attack protection! Any login attempts more than 6 in 10 minutes (default value) will be limited.\u003C\u002Fp>\n\u003Cp>Limit the number of login attempts through both the login and the auth cookies.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Two-factor Authentication login.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Text SMS message passcode for 2nd step verification support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Cloudflare Turnstile (better than Google reCAPTCHA).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GeoLocation (Continent\u002FCountry\u002FCity) or IP range to limit login attempts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Passwordless login link.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support Whitelist and Blacklist.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WooCommerce Login supported.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>XMLRPC gateway protection.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>API\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'your plugin name or tag' ) : '';\u003C\u002Fcode> to generate one passwordless login link for the current user.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Call the function \u003Ccode>$link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'note\u002Ftip for this generation', $user_id ) : '';\u003C\u002Fcode> to generate a passwordless login link for the user which ID is \u003Ccode>$user_id\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The generated one-time used link will be expired after 7 days.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Define const \u003Ccode>SILENCE_INSTALL\u003C\u002Fcode> to avoid redirecting to setting page after installtion.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CLI\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>List all passwordless links: \u003Ccode>wp dologin list\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Generate a passwordless link for one username (for the login name \u003Ccode>root\u003C\u002Fcode>): \u003Ccode>wp dologin gen root\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Delete a passwordless link w\u002F the ID in list (for the record w\u002F ID 5): \u003Ccode>wp dologin del 5\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How GeoLocation works\u003C\u002Fh4>\n\u003Cp>When visitors hit the login page, this plugin will lookup the Geolocation info from API, compare the Geolocation setting (if has) with the whitelist\u002Fblacklist to decide if allow login attempts.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>The online IP lookup service is provided by https:\u002F\u002Fwww.doapi.us. The provider’s privacy policy is https:\u002F\u002Fwww.doapi.us\u002Fprivacy.\u003C\u002Fp>\n\u003Cp>Based on the original code from Limit Login Attemps plugin and Limit Login Attemps Reloaded plugin.\u003C\u002Fp>\n","Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent\u002FCountry\u002FCity)\u002FIP range to limit login attempts.",7000,162727,90,"2025-06-11T14:21:00.000Z","6.8.5",[74,75,76,77,22],"2fa-login","cloudflare-turnstile-recaptcha","easy-login","geolocation-login-limit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdologin.4.3.zip",98,4,"2023-10-24 00:00:00",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":72,"requires_at_least":95,"requires_php":17,"tags":96,"homepage":17,"download_link":100,"security_score":11,"vuln_count":13,"unpatched_count":27,"last_vuln_date":101,"fetched_at":29},"cartpauj-register-captcha","Cartpauj Register Captcha","2.0.1","cartpauj","https:\u002F\u002Fprofiles.wordpress.org\u002Fcartpauj\u002F","\u003Cp>Cartpauj Register Captcha does one simple task. It prevents SPAM signups through WordPress’s default registration form. There are no settings to configure. Just activate and watch those SPAM sign-ups fade away! Requires openssl PHP library.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Adds CAPTCHA to the WordPress register sign-up form.\u003C\u002Fli>\n\u003Cli>NO settings or configurations to deal with.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>Built with a modified version of Phoca Captcha PHP library\u003Cbr \u002F>\nIcon by \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\u002Fauthors\u002Ffreepik\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa>\u003C\u002Fp>\n","Cartpauj Register Captcha does one simple task. It prevents SPAM signups through WordPress' default registration form.",1000,38872,84,24,"2025-05-20T23:09:00.000Z","6.0",[19,22,97,98,99],"protection","recaptcha","turnstile","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcartpauj-register-captcha.2.0.1.zip","2023-08-21 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":90,"downloaded":110,"rating":11,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":120,"download_link":121,"security_score":35,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"power-captcha-recaptcha","Power Captcha reCAPTCHA","1.1.0","Denis Alemán","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenisaleman\u002F","\u003Cp>Protect your WordPress, WooCommerce, and Contact Form 7 forms from spam, brute-force attacks, and fake accounts using Google reCAPTCHA.\u003C\u002Fp>\n\u003Cp>Power Captcha reCAPTCHA supports 3 Google reCAPTCHA types integrated into 6 common WordPress forms, including login and comment forms, 7 WooCommerce forms, and Contact Form 7.\u003C\u002Fp>\n\u003Ch3>3 CAPTCHA Types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Score-based (v3) CAPTCHA.\u003C\u002Fstrong> Seamless detection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“I’m not a robot” CAPTCHA checkbox.\u003C\u002Fstrong> Verification requests with a challenge.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invisible reCAPTCHA.\u003C\u002Fstrong> Improved, challenge-based CAPTCHA without a checkbox.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6 WordPress Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7 WooCommerce Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Review form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact Form 7\u003C\u002Fh3>\n\u003Cp>As of version 1.0.7, Power Captcha reCAPTCHA integrates with Contact Form 7. You can easily add the Power Captcha reCAPTCHA field to your Contact Form 7 forms.\u003C\u002Fp>\n\u003Ch3>Activity Report\u003C\u002Fh3>\n\u003Cp>The Activity Report feature for the plugin provides users with a detailed overview of captcha interactions. It tracks and displays the number of solved, failed, and empty captchas, offering a daily breakdown to monitor performance trends. Stay informed with clear insights into your captcha performance.\u003C\u002Fp>\n","Protect WordPress\u002FWooCommerce\u002FContact Form 7 forms from spam, brute-force attacks, fake comments, accounts, or registrations with Google reCAPTCHA.",6098,3,"2025-03-09T01:27:00.000Z","6.8.0","5.0","5.5",[117,19,118,119,22],"anti-spam-security","comment-form","google-recaptcha","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpower-captcha-recaptcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpower-captcha-recaptcha.1.1.0.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":11,"num_ratings":13,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":17,"download_link":140,"security_score":11,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"kaya-login-captcha","Kaya Login Captcha","1.0.2","Kaya Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fkayastudio\u002F","\u003Cp>\u003Cstrong>Why use “Kaya Login Captcha”?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin Adds a simple captcha on login form, register form and lost-password form.\u003C\u002Fp>\n\u003Cp>Easy install and use, captcha settings are fully customizable and you can choose the forms on which to display it. The blocked request HTTP status can be customized and the XML-RPC feature can be disabled.\u003C\u002Fp>\n\u003Cp>Captcha statistics are also available on the settings page, with the count of passed and blocked requests sorted by year and month.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Captcha available on the login form (Dashboard and WooCommerce).\u003C\u002Fli>\n\u003Cli>Captcha available on the lost-password form (Dashboard and WooCommerce).\u003C\u002Fli>\n\u003Cli>Captcha available on the register form (Dashboard and WooCommerce).\u003C\u002Fli>\n\u003Cli>Editable Captcha code length.\u003C\u002Fli>\n\u003Cli>Editable Captcha code format: numeric, alphabetic or alphanumeric.\u003C\u002Fli>\n\u003Cli>Random lines available in the background of the Captcha.\u003C\u002Fli>\n\u003Cli>Editable blocked request HTTP status.\u003C\u002Fli>\n\u003Cli>XML-RPC WordPress API deactivatable.\u003C\u002Fli>\n\u003Cli>Captcha statistics of passed and blocked requests sorted by year and month.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress MultiSite and WooCommerce.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>“Kaya Login Captcha” is a professional login captcha system with fully customizable settings.\u003C\u002Fp>\n\u003Ch4>Privacy\u003C\u002Fh4>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies and does not connect to any third-party applications. This plugin only generate a captcha code to verify human action for selected forms on your settings.\u003C\u002Fp>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English.\u003C\u002Fli>\n\u003Cli>French.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cp>Any suggestions or feedback is welcome, thank you for using or trying one of my plugins. Please take the time to let me know about your experiences and rate this plugin.\u003C\u002Fp>\n","Adds a simple captcha on login form, register form and lost-password form.",200,2708,"2025-12-03T10:41:00.000Z","6.9.4","4.6.0","5.3",[137,19,138,22,139],"brute-force-protection","login","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkaya-login-captcha.1.0.2.zip",{"attackSurface":142,"codeSignals":287,"taintFlows":325,"riskAssessment":352,"analyzedAt":358},{"hooks":143,"ajaxHandlers":275,"restRoutes":276,"shortcodes":277,"cronEvents":278,"entryPointCount":27,"unprotectedCount":27},[144,150,154,157,161,164,169,175,180,183,187,191,195,199,203,207,211,215,219,223,227,231,235,239,243,246,250,253,256,259,263,267,271],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_init","lana_security_custom_wp_roles","lana-security.php",189,{"type":145,"name":151,"callback":152,"file":148,"line":153},"admin_enqueue_scripts","lana_security_settings_admin_scripts",208,{"type":145,"name":151,"callback":155,"file":148,"line":156},"lana_security_settings_admin_styles",227,{"type":145,"name":158,"callback":159,"file":148,"line":160},"login_enqueue_scripts","lana_security_login_styles",237,{"type":145,"name":146,"callback":162,"file":148,"line":163},"lana_security_register_settings",270,{"type":145,"name":165,"callback":166,"priority":167,"file":148,"line":168},"admin_menu","lana_security_admin_menu",12,273,{"type":170,"name":171,"callback":172,"priority":173,"file":148,"line":174},"filter","set-screen-option","lana_security_logs_page_set_screen_option",10,365,{"type":170,"name":176,"callback":177,"priority":178,"file":148,"line":179},"script_loader_src","lana_security_replace_wp_version_strings",1019,980,{"type":170,"name":181,"callback":177,"priority":178,"file":148,"line":182},"style_loader_src",981,{"type":170,"name":184,"callback":185,"file":148,"line":186},"the_generator","lana_security_remove_the_generator",999,{"type":170,"name":188,"callback":189,"file":148,"line":190},"init","lana_security_remove_unsecure_head",1020,{"type":170,"name":192,"callback":193,"file":148,"line":194},"mod_rewrite_rules","lana_security_deny_insecure_files",1057,{"type":145,"name":196,"callback":197,"priority":11,"file":148,"line":198},"update_option","lana_security_rewrite_rules_flush",1076,{"type":145,"name":200,"callback":201,"file":148,"line":202},"login_init","lana_security_register_session_in_login",1126,{"type":145,"name":204,"callback":205,"file":148,"line":206},"login_form","lana_security_add_captcha_to_login_form",1151,{"type":145,"name":208,"callback":209,"file":148,"line":210},"register_form","lana_security_add_captcha_to_register_form",1177,{"type":145,"name":212,"callback":213,"file":148,"line":214},"lostpassword_form","lana_security_add_captcha_to_lostpassword_form",1203,{"type":170,"name":216,"callback":217,"priority":11,"file":148,"line":218},"authenticate","lana_security_validate_login_captcha",1256,{"type":145,"name":220,"callback":221,"priority":11,"file":148,"line":222},"register_post","lana_security_validate_register_captcha",1303,{"type":145,"name":224,"callback":225,"priority":11,"file":148,"line":226},"lostpassword_post","lana_security_validate_lostpassword_captcha",1348,{"type":170,"name":216,"callback":228,"priority":229,"file":148,"line":230},"lana_security_add_login_log",101,1383,{"type":145,"name":232,"callback":233,"priority":11,"file":148,"line":234},"profile_update","lana_security_add_admin_change_password_log",1406,{"type":145,"name":236,"callback":237,"priority":11,"file":148,"line":238},"delete_user","lana_security_add_user_deleted_log",1419,{"type":145,"name":240,"callback":241,"file":148,"line":242},"added_option","lana_security_update_cleanup_option_add_schedule_event",1558,{"type":145,"name":244,"callback":241,"file":148,"line":245},"updated_option",1559,{"type":145,"name":247,"callback":248,"file":148,"line":249},"plugins_loaded","lana_security_logs_cleanup_by_amount_schedule_event",1577,{"type":145,"name":247,"callback":251,"file":148,"line":252},"lana_security_logs_cleanup_by_time_schedule_event",1595,{"type":145,"name":247,"callback":254,"file":148,"line":255},"lana_security_login_logs_cleanup_by_amount_schedule_event",1613,{"type":145,"name":247,"callback":257,"file":148,"line":258},"lana_security_login_logs_cleanup_by_time_schedule_event",1631,{"type":145,"name":260,"callback":261,"file":148,"line":262},"lana_security_logs_cleanup_by_amount","lana_security_logs_cleanup_logs_by_amount",1696,{"type":145,"name":264,"callback":265,"file":148,"line":266},"lana_security_logs_cleanup_by_time","lana_security_logs_cleanup_logs_by_time",1712,{"type":145,"name":268,"callback":269,"file":148,"line":270},"lana_security_login_logs_cleanup_by_amount","lana_security_login_logs_cleanup_logs_by_amount",1728,{"type":145,"name":272,"callback":273,"file":148,"line":274},"lana_security_login_logs_cleanup_by_time","lana_security_login_logs_cleanup_logs_by_time",1744,[],[],[],[279,281,283,285],{"hook":260,"callback":260,"file":148,"line":280},1573,{"hook":264,"callback":264,"file":148,"line":282},1591,{"hook":268,"callback":268,"file":148,"line":284},1609,{"hook":272,"callback":272,"file":148,"line":286},1627,{"dangerousFunctions":288,"sqlUsage":289,"outputEscaping":316,"fileOperations":13,"externalRequests":27,"nonceChecks":323,"capabilityChecks":173,"bundledLibraries":324},[],{"prepared":80,"raw":173,"locations":290},[291,295,298,301,303,306,308,310,312,314],{"file":292,"line":293,"context":294},"includes\\class-lana-security-login-logs-list-table.php",209,"$wpdb->get_results() with variable interpolation",{"file":292,"line":296,"context":297},278,"$wpdb->get_var() with variable interpolation",{"file":299,"line":300,"context":294},"includes\\class-lana-security-logs-list-table.php",196,{"file":299,"line":302,"context":297},265,{"file":148,"line":304,"context":305},127,"$wpdb->query() with variable interpolation",{"file":148,"line":307,"context":305},149,{"file":148,"line":309,"context":305},548,{"file":148,"line":311,"context":305},607,{"file":148,"line":313,"context":305},1653,{"file":148,"line":315,"context":305},1679,{"escaped":317,"rawEcho":13,"locations":318},42,[319],{"file":320,"line":321,"context":322},"includes\\class-lana-security-plugins-list-table.php",70,"raw output",8,[],[326,344],{"entryPoint":327,"graph":328,"unsanitizedCount":27,"severity":343},"lana_security_plugins_page (lana-security.php:448)",{"nodes":329,"edges":340},[330,335],{"id":331,"type":332,"label":333,"file":148,"line":334},"n0","source","$_REQUEST (x2)",458,{"id":336,"type":337,"label":338,"file":148,"line":339,"wp_function":196},"n1","sink","update_option() [Settings Manipulation]",471,[341],{"from":331,"to":336,"sanitized":342},true,"low",{"entryPoint":345,"graph":346,"unsanitizedCount":27,"severity":343},"\u003Clana-security> (lana-security.php:0)",{"nodes":347,"edges":350},[348,349],{"id":331,"type":332,"label":333,"file":148,"line":334},{"id":336,"type":337,"label":338,"file":148,"line":339,"wp_function":196},[351],{"from":331,"to":336,"sanitized":342},{"summary":353,"deductions":354},"The lana-security v1.1.8 plugin demonstrates a generally strong security posture.  Static analysis reveals no critical or high-severity issues in taint flows, and a very high percentage of output escaping, indicating good practices in preventing common web vulnerabilities like XSS.  The plugin also implements a healthy number of nonce and capability checks, which are crucial for securing actions within WordPress.  Furthermore, the absence of any recorded vulnerabilities, CVEs, or known common vulnerability types in its history suggests a history of secure development and maintenance. \n\nHowever, a few areas warrant attention. The presence of SQL queries, with a significant portion not utilizing prepared statements (71% not prepared), presents a potential risk for SQL injection if these queries are not handled with extreme care or if external input directly influences their construction. While there are no external HTTP requests, the single file operation could be a vector for insecure file handling if not properly sanitized. The plugin's entry points are all protected, which is excellent, but the general reliance on prepared statements for all SQL queries should be a priority for a more robust security profile.",[355],{"reason":356,"points":357},"SQL queries not using prepared statements",6,"2026-03-16T21:13:40.539Z",{"wat":360,"direct":371},{"assetPaths":361,"generatorPatterns":365,"scriptPaths":366,"versionParams":367},[362,363,364],"\u002Fwp-content\u002Fplugins\u002Flana-security\u002Fassets\u002Fjs\u002Flana-security-settings-admin.js","\u002Fwp-content\u002Fplugins\u002Flana-security\u002Fassets\u002Fcss\u002Flana-security-settings-admin.css","\u002Fwp-content\u002Fplugins\u002Flana-security\u002Fassets\u002Fcss\u002Flana-security-login.css",[],[362],[368,369,370],"lana-security\u002Fassets\u002Fjs\u002Flana-security-settings-admin.js?ver=","lana-security\u002Fassets\u002Fcss\u002Flana-security-settings-admin.css?ver=","lana-security\u002Fassets\u002Fcss\u002Flana-security-login.css?ver=",{"cssClasses":372,"htmlComments":373,"htmlAttributes":374,"restEndpoints":375,"jsGlobals":376,"shortcodeOutput":377},[],[],[],[],[],[]]