[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foWpCC9ChnlADSaMPl1JGMsasq6Dr3HyFRR5HzLPls5M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":45,"crawl_stats":35,"alternatives":53,"analysis":158,"fingerprints":215},"lana-text-to-image","Lana Text to Image","1.1.0","Lana Codes","https:\u002F\u002Fprofiles.wordpress.org\u002Flanacodes\u002F","\u003Cp>Lana Text to Image is a useful privacy plugin, whose primary purpose is to hide the email address from bots.\u003C\u002Fp>\n\u003Cp>Optical Character Recognition (OCR) can recognize the content of text in an image. But it requires a special resource.\u003C\u002Fp>\n\u003Ch4>Shortcodes list:\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Text to Image shortcode\u003C\u002Fstrong>\u003Cbr \u002F>\n    [lana_text_to_image text=”info@lana.codes” class=”lana-email” alt=”protected email” color=”#000000″ font_size=”13px”]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Text to Img shortcode\u003C\u002Fstrong>\u003Cbr \u002F>\n    [lana_text_to_img text=”info@lana.codes” class=”lana-email” alt=”protected email” color=”#000000″ font_size=”13px”]\u003C\u002Fp>\n\u003Cp>Both shortcodes are the same, \u003Ccode>[lana_text_to_img]\u003C\u002Fcode> is an alternative shorter name.\u003C\u002Fp>\n\u003Ch4>Examples:\u003C\u002Fh4>\n\u003Cp>Email address as text:\u003Cbr \u002F>\n    [lana_text_to_image text=”info@lana.codes”]\u003C\u002Fp>\n\u003Cp>Only the @ from the email address as text:\u003Cbr \u002F>\ninfo\u003Ccode>[lana_text_to_image text=\"@\" alt=\"@\"]\u003C\u002Fcode>lana.codes\u003C\u002Fp>\n\u003Cp>You can specify the \u003Ccode>'alt'\u003C\u002Fcode> parameter and the text image will be copiable.\u003C\u002Fp>\n\u003Ch4>Lana Codes\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Flana.codes\u002Fproduct\u002Flana-text-to-image\u002F\" rel=\"nofollow ugc\">Lana Shortcodes\u003C\u002Fa>\u003C\u002Fp>\n","Easy to use text to image shortcode",20,1046,0,"2023-06-23T04:34:00.000Z","6.2.9","4.0","",[19,20,21,22],"privacy","security","shortcode","text-to-image","https:\u002F\u002Flana.codes\u002Fproduct\u002Flana-text-to-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flana-text-to-image.1.1.0.zip",85,1,"2023-06-23 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":6,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":44},"CVE-2023-3387","lana-text-to-image-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Lana Text to Image \u003C= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lana_text_to_image' and 'lana_text_to_img' shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.0.0","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8acb7893-85b2-404a-b3fe-b4c1a835b3eb?source=api-prod",214,{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},"lanacodes",13,3630,92,400,73,"2026-04-04T14:03:24.029Z",[54,79,101,123,142],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":13,"last_vuln_date":78,"fetched_at":28},"jonradio-private-site","My Private Site","4.1.0","David Gewirtz","https:\u002F\u002Fprofiles.wordpress.org\u002Fdgewirtz\u002F","\u003Cp>\u003Cstrong>My Private Site\u003C\u002Fstrong> makes your WordPress site private so only logged-in users can see your content. With one click, you can restrict access to all posts and pages, automatically redirect visitors to the login screen, and keep your site visible only to people you trust.\u003C\u002Fp>\n\u003Cp>Unlike full membership or subscription systems, My Private Site focuses on strong privacy without unnecessary complexity. It is ideal for family sites, schools, clubs, client previews, or development environments where you want to share content with a trusted audience without managing payments, profiles, or custom roles.\u003C\u002Fp>\n\u003Ch3>Ideal Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Family sites and school projects\u003C\u002Fstrong>: Share personal updates, photos, or assignments only with family members, classmates, or teachers you choose.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development and staging sites\u003C\u002Fstrong>: Safely show work-in-progress to clients or teammates without exposing unfinished content or letting it be indexed by search engines.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clubs, groups, and internal blogs\u003C\u002Fstrong>: Create a private online space for members or staff without the overhead of a complex membership system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Digital Fortress protection\u003C\u002Fh3>\n\u003Cp>My Private Site helps protect the “front door” of your private site with built-in safeguards for login and user registration, including registration spam protection and optional reCAPTCHA support. It also includes AI Crawler Defense to discourage automated collection of your site’s content.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Make your entire WordPress site private with a single setting  \u003C\u002Fli>\n\u003Cli>Redirect logged-out visitors automatically to the login page  \u003C\u002Fli>\n\u003Cli>Choose where users land after login (requested page, home, dashboard, or custom URL)  \u003C\u002Fli>\n\u003Cli>Support user self-registration on private sites when enabled  \u003C\u002Fli>\n\u003Cli>Protect registration with built-in spam controls and optional reCAPTCHA  \u003C\u002Fli>\n\u003Cli>Optionally block unauthenticated access to the WordPress REST API  \u003C\u002Fli>\n\u003Cli>Simple, no-code setup using standard WordPress settings \u003C\u002Fli>\n\u003Cli>Privacy shortcode lets you selectively show or hide content within a page or post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built-in AI Crawler Defense\u003C\u002Fh3>\n\u003Cp>The internet is rapidly changing, with AI crawlers and bots harvesting content without consent. My Private Site helps you defend your work with integrated \u003Cstrong>AI Crawler Defense\u003C\u002Fstrong> features:\u003Cbr \u002F>\n* \u003Cstrong>NoAI and NoImageAI tags\u003C\u002Fstrong>: Automatically add meta tags and headers that signal compliant AI systems not to use your text or images for training.\u003Cbr \u002F>\n* \u003Cstrong>Block GPTBot\u003C\u002Fstrong>: Add a robots.txt rule to prevent OpenAI’s crawler from accessing your site.\u003Cbr \u002F>\n* \u003Cstrong>Really Simple Licensing (RSL)\u003C\u002Fstrong>: Publish a machine-readable license that explicitly prohibits AI training on your content.\u003C\u002Fp>\n\u003Cp>These protections are included free in the core plugin, easy to enable with a checkbox, and designed to safeguard your site without affecting normal visitors or search engines. You can use them even if you’re not using any other site privacy features.\u003C\u002Fp>\n\u003Ch3>Watch the Video Overview and Demo\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fjry3DHD-OB8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Premium Add-ons\u003C\u002Fh3>\n\u003Cp>Premium add-ons turn My Private Site into a comprehensive privacy suite, giving you enterprise-style layered security defenses, smarter oversight, and flexible access, without the complexity or cost.\u003C\u002Fp>\n\u003Cp>Advanced AI Crawler Defense, Visitor Intelligence, and Block IP provide protections regardless of whether you’re using any site privacy features.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FB6s8O9VZLc0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-public-pages\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Public Pages 2.0\u003C\u002Fstrong>\u003C\u002Fa>: Allows site operators to designate certain specific pages, or pages with specified prefix, to be available to the public without login. Now also allows public site, private pages. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fu7BuYtzS_pI\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-advanced-ai-defense\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Advanced AI Crawler Defense\u003C\u002Fstrong>\u003C\u002Fa>: Protect WordPress content from AI crawlers using licensing, opt-out tags, selective bot blocking, and firewall defenses to control and safeguard your data. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FEb4qQDafaRk\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-visitor-intelligence\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Visitor Intelligence\u003C\u002Fstrong>\u003C\u002Fa>: Track logins, logouts, failed attempts, and bot activity with a unified log, anomaly detection, and export tools for stronger site oversight and security. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FTTK8bGVD8pM\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-guest-access\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Guest Access\u003C\u002Fstrong>\u003C\u002Fa>: Grant temporary, secure access to private WordPress content using unique shareable links with expiration, one-time use, and full admin-controlled invite management. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fj1vYV8lhqcc\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-block-ip\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Block IP\u003C\u002Fstrong>\u003C\u002Fa>: Block unwanted visitors by IP address or range with full IPv4\u002FIPv6 support, configurable scope, and fast enforcement to secure your WordPress site. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FvsxLqYXWITs\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-tags-and-categories\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Tags & Categories\u003C\u002Fstrong>\u003C\u002Fa>: Allows you to make pages public or (with Public Pages 2.0) private based on tags and categories. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FdEv7lXxU5lo\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-selective-content\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Selective Content\u003C\u002Fstrong>\u003C\u002Fa>: Allows hiding, showing, and obscurifying page content through the use of shortcodes. Can also selectively hide widgets and sidebars. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FexgJrJJSCNY\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-pricing\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Digital Fortress Bundle\u003C\u002Fstrong>\u003C\u002Fa>: All add-ons are available in bundle form.  \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FB6s8O9VZLc0\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Limits\u003C\u002Fh3>\n\u003Cp>This plugin does not hide non-WordPress web pages, such as .html and .php files. It also won’t restrict images and other media and text files directly accessed by their URL. If your hosting provider’s filesystem protections haven’t been set up correctly, files may also be accessed by directory listing.\u003C\u002Fp>\n\u003Ch3>Support Note\u003C\u002Fh3>\n\u003Cp>Support has moved to the ZATZLabs site and is no longer provided on the WordPress.org forums. If you need a timely reply from the developer, please \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">open a ticket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Mailing List\u003C\u002Fh3>\n\u003Cp>If you’d like to keep up with the latest updates to this plugin, please visit \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Flab-notes\u002F\" rel=\"nofollow ugc\">David’s Lab Notes\u003C\u002Fa> and add yourself to the mailing list.\u003C\u002Fp>\n","Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.",20000,568968,90,80,"2026-01-28T21:00:00.000Z","6.9.4","4.4","5.4",[71,19,72,73,20],"login","private-site","registration","http:\u002F\u002Fzatzlabs.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjonradio-private-site.4.1.0.zip",99,2,"2024-02-16 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":62,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":67,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":97,"download_link":98,"security_score":99,"vuln_count":26,"unpatched_count":13,"last_vuln_date":100,"fetched_at":28},"restricted-site-access","Restricted Site Access","7.6.1","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Limit access your site to visitors who are logged in or accessing the site from a set of specified IP addresses. Send restricted visitors to the log in page, redirect them, or display a message or page. A great solution for Extranets, publicly hosted Intranets, or parallel development \u002F staging sites.\u003C\u002Fp>\n\u003Cp>Adds a number of new configuration options to the Reading settings panel as well as the Network Settings panel in multisite. From these panels you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable site restriction\u003C\u002Fli>\n\u003Cli>Change the restriction behavior: send to login, redirect, display a message, display a page\u003C\u002Fli>\n\u003Cli>Add IP addresses to an unrestricted list, including ranges\u003C\u002Fli>\n\u003Cli>Quickly add your current IP to the unrestricted list\u003C\u002Fli>\n\u003Cli>Customize the redirect location, including an option to send them to the same requested path and set the HTTP status code for SEO friendliness\u003C\u002Fli>\n\u003Cli>Define a simple message to show restricted visitors, or select a page to show them – great for “coming soon” teasers!\u003C\u002Fli>\n\u003C\u002Ful>\n","Limit access to visitors who are logged in or allowed by IP addresses. Includes many options for handling blocked visitors.",1120245,96,62,"2026-01-04T21:22:00.000Z","6.6","7.4",[94,95,19,96,20],"limited","permissions","restrict","https:\u002F\u002F10up.com\u002Fplugins\u002Frestricted-site-access-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestricted-site-access.7.6.1.zip",100,"2022-08-31 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":88,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":120,"download_link":121,"security_score":76,"vuln_count":26,"unpatched_count":13,"last_vuln_date":122,"fetched_at":28},"gdpr-framework","The GDPR Framework By Data443","2.2.0","Data443 Risk Mitigation, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdata443\u002F","\u003Cp>This plugin is a service of \u003Ca href=\"https:\u002F\u002Fwww.data443.com\" rel=\"nofollow ugc\">Data443.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Data443 is a Data Security and Compliance company traded on the OTCMarkets as \u003Ca href=\"https:\u002F\u002Fwww.otcmarkets.com\u002Fstock\u002FATDS\u002Foverview\" rel=\"nofollow ugc\">ATDS\u003C\u002Fa>.  We have been providing leading GDPR compliance products such as \u003Ca href=\"https:\u002F\u002Fdata443.com\u002Fglobal-privacy-manager\u002F\" rel=\"nofollow ugc\">Global Privacy Manager\u003C\u002Fa>, Blockchain privacy, and enterprise cloud eDiscovery tools.\u003C\u002Fp>\n\u003Cp>The GDPR regulation is a large and complex law.  Each member country is to ratify it into its own legislation and language.  This makes it cumbersome to manage – but rest assured – we have a full \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">Site Owners Guide\u003C\u002Fa>  to help you learn and understand some of your requirements.\u003C\u002Fp>\n\u003Cp>This product gives a simple and elegant interface to handle Data Subject Access Requests (DSARs).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>☑ Give users an optional time frame to give their consent\u003Cbr \u002F>\n☑ Do Not Sell my private information capability released\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Forders.data443.com\u002Fcart.php?gid=8\" rel=\"nofollow ugc\">Privacy Safe Seal™\u003C\u002Fa> now available – Strengthen your reputation by giving a visual representation of your Privacy Solution in operation!;\u003Cbr \u002F>\n☑ Enable DSAR on one page – allow even those without an account to automatically view, export and delete their personal data;\u003Cbr \u002F>\n☑ Configure the plugin to delete or anonymize personal data automatically or send a notification and allow admins to do it manually;\u003Cbr \u002F>\n☑ Track, manage and withdraw consent;\u003Cbr \u002F>\n☑ Generate a GDPR-compatible Privacy Policy template for your site;\u003Cbr \u002F>\n☑ Use a helpful installation wizard to get you started quickly;\u003Cbr \u002F>\n☑ Report on related data items within your WordPress installation;\u003Cbr \u002F>\n☑ Significantly reduce your staff time efforts dealing with DSARs;\u003Cbr \u002F>\n☑ Enable your larger organization to summarize and consolidate DSAR work;\u003Cbr \u002F>\n☑ Report to management on DSAR status, volume and data requirements;\u003Cbr \u002F>\n☑ We provide this fully documented;\u003Cbr \u002F>\n☑ We are developer-friendly. Everything can be extended, every feature and template can be overridden.\u003Cbr \u002F>\n☑ Cookie solution\u003Cbr \u002F>\n☑ Integration with WooCommerce Version 3.4.0 or later.\u003Cbr \u002F>\n☑ Integration with Easy Digital Download Version 2.6 or later.\u003Cbr \u002F>\n☑ Integration with Email Subscribers & Newsletters.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>Using The GDPR Framework does NOT guarantee compliance to GDPR. This plugin gives you general information and tools, but is NOT meant to serve as complete compliance package. Compliance to GDPR is risk-based ongoing process that involves your whole business. Data443 is not eligible for any claim or action based on any information or functionality provided by this plugin.\u003C\u002Fp>\n\u003Ch3>Notice: Special Details for those using Caching Plugins:\u003C\u002Fh3>\n\u003Cp>As the pages generated by our plugin are highly dynamic, we recommend you exclude all pages generated from caching in order for them to function properly.  Here is an example of how to exclude our pages in \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F718864404\" rel=\"nofollow ugc\">W3 Total Cache\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F709427345\" rel=\"nofollow ugc\">WP Fastest Cache\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">The WordPress Site Owner’s Guide to GDPR\u003C\u002Fa>\u003Cbr \u002F>\nFor developers: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2082439194\" rel=\"nofollow ugc\">Developer Docs\u003C\u002Fa>\u003Cbr \u002F>\nFor users: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F192708653\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Plugin support:\u003C\u002Fh3>\n\u003Cp>The GDPR Framework currently works with the following plugins\u003Cbr \u002F>\n☑ Contact Form 7 & Contact Form Flamingo\u003Cbr \u002F>\n☑ Gravity Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-gravity-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ Formidable Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-formidable-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ Ninja Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-ninja-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-digital-downloads\u002F\" rel=\"ugc\">Easy Digital Download\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-subscribers\u002F\" rel=\"ugc\">Email Subscribers & Newsletters\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>\u003C\u002Fp>\n","Easy to use tools to help make your website GDPR-compliant. Fully documented, extendable and developer-friendly.  Extensions to enterprise GDPR compli &hellip;",10000,692164,65,"2025-05-07T16:13:00.000Z","6.8.5","4.7","5.6",[117,118,19,20,119],"compliance","gdpr","wordpress-gdpr","https:\u002F\u002Fwww.data443.com\u002Fgdpr-framework\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-framework.2.2.0.zip","2025-03-03 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":99,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":17,"tags":137,"homepage":140,"download_link":141,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":35,"fetched_at":28},"logout-clear-cookies","Logout Clear Cookies","0.2","Joel","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoelhardi\u002F","\u003Cp>This is an extremely simple plugin (one line of code!) that deletes all domain cookies whenever a user logs out of your WordPress site, and then redirects the user to the site homepage.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why?\u003C\u002Fstrong> Because by default, WordPress sets a number of cookies that it doesn’t remove on its own when you log out.\u003C\u002Fp>\n\u003Cp>There are security and privacy benefits, because if there are vulnerabilities in WordPress or in your browser, or if someone has access to your computer or device, they may be able to access these cookies. (That goes for you or for anyone who logs into your site to add a post or comment.)\u003C\u002Fp>\n\u003Cp>Likewise, when a user logs out of your site using a public or shared computer, there won’t be any domain cookies left behind.\u003C\u002Fp>\n\u003Cp>The plugin also gives you back the “regular user view” of your site, because after you log out you can browse your site as an anonymous user, without having to manually clear cookies in your browser. (There are many plugins that will display different content or show cached or uncached versions of pages if they see that WordPress cookies have been set.)\u003C\u002Fp>\n","Clears all domain cookies on logout. Because leaving a trail of cookies is bad.",500,8946,4,"2023-11-08T14:46:00.000Z","6.4.8","3.7",[138,139,19,20],"admin","cookie","https:\u002F\u002Flyncd.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogout-clear-cookies.zip",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":131,"downloaded":150,"rating":99,"num_ratings":77,"last_updated":151,"tested_up_to":15,"requires_at_least":114,"requires_php":92,"tags":152,"homepage":156,"download_link":157,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":35,"fetched_at":28},"wp-author-security","WP Author Security","1.5.0","mgm security partners GmbH","https:\u002F\u002Fprofiles.wordpress.org\u002Fmgmsp\u002F","\u003Cp>WP Author Security is a lightweight but powerful plugin to protect against user enumeration attacks on author pages and other places where valid user names can be obtained.\u003C\u002Fp>\n\u003Cp>By default, WordPress will display some sensitive information on author pages.\u003Cbr \u002F>\nThe author page is typically called by requesting the URI \u003Ccode>https:\u002F\u002Fyourdomain.tld\u002F?author=\u003Cid>\u003C\u002Fcode> or with permalinks \u003Ccode>https:\u002F\u002Fyourdomain.tld\u002Fauthor\u002F\u003Cusername>\u003C\u002Fcode>.\u003Cbr \u002F>\nThe page will include (depending on your theme) the full name (first and last name) as well as the username of the author which is used to log in to WordPress.\u003C\u002Fp>\n\u003Cp>In some cases, it is not wanted to expose this information to the public. An attacker is able to brute force valid IDs or valid usernames. This information might be used for further attacks like social engineering attacks or log in brute force attacks with gathered usernames.\u003Cbr \u002F>\n\u003Cem>However, when using the plugin and you disable author pages completely it must be noted that you need to take care that your active theme will not display the author name itself on posts like “Posted by admin” or something like that. This is something the plugin will not handle (at the moment).\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>By using the extension, you are able to disable the author pages either completely or display them only when the author has at least one published post. When the page is disabled the default 404 error page of the active theme is displayed.\u003C\u002Fp>\n\u003Cp>In addition, the plugin will also protect other locations which are commonly used by attackers to gather valid user names. These are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The REST API for users which will list all users with published posts by default.\u003Cbr \u002F>\n  https:\u002F\u002Fyourdomain.tld\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fli>\n\u003Cli>The log in page where different error messages will indicate whether an entered user name or mail address exists or not. The plugin will display a neutral error message independently whether the user exists or not.\u003C\u002Fli>\n\u003Cli>The password forgotten function will also allow an attacker to check for the existence of a user. As for the log in page the plugin will display a neutral message even when the user does not exists.\u003C\u002Fli>\n\u003Cli>Requesting the feed endpoint \u002Ffeed of your blog will also allow others to see the username or display name of the author. The plugin will remove the name from the result list.\u003C\u002Fli>\n\u003Cli>WordPress supports so-called oEmbeds. This is a technique to embed a reference to a post into another post. However, this reference will also contain the author name and a direct link to the profile page. The plugin will also remove the name and link here.\u003C\u002Fli>\n\u003Cli>Since WordPress 5.5 a default sitemap can be reached via \u002Fwp-sitemap.xml. This sitemap will disclose the usernames of all authors. If this should not be disclosed you are able to disable this feature of WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect against user enumeration attacks on author pages and other places where valid user names can be obtained.",6531,"2023-04-12T07:32:00.000Z",[153,19,20,154,155],"author","user-enumeration","wpscan","https:\u002F\u002Fgithub.com\u002Fmgm-sp\u002Fwp-author-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-author-security.1.5.0.zip",{"attackSurface":159,"codeSignals":191,"taintFlows":199,"riskAssessment":200,"analyzedAt":214},{"hooks":160,"ajaxHandlers":180,"restRoutes":181,"shortcodes":182,"cronEvents":190,"entryPointCount":77,"unprotectedCount":13},[161,167,172,176],{"type":162,"name":163,"callback":164,"file":165,"line":166},"action","admin_enqueue_scripts","lana_text_to_image_admin_styles","lana-text-to-image.php",34,{"type":168,"name":169,"callback":170,"file":165,"line":171},"filter","mce_external_plugins","lana_text_to_image_add_mce_plugin",177,{"type":168,"name":173,"callback":174,"file":165,"line":175},"mce_buttons_3","lana_text_to_image_add_mce_button",178,{"type":162,"name":177,"callback":178,"file":165,"line":179},"admin_init","lana_text_to_image_add_mce_shortcodes_buttons",181,[],[],[183,187],{"tag":184,"callback":185,"file":165,"line":186},"lana_text_to_image","lana_text_to_image_shortcode",102,{"tag":188,"callback":185,"file":165,"line":189},"lana_text_to_img",103,[],{"dangerousFunctions":192,"sqlUsage":193,"outputEscaping":195,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":198},[],{"prepared":13,"raw":13,"locations":194},[],{"escaped":196,"rawEcho":13,"locations":197},3,[],[],[],{"summary":201,"deductions":202},"The lana-text-to-image plugin v1.1.0 demonstrates several positive security practices, including the absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and proper output escaping. The static analysis also reveals a limited attack surface with no unprotected entry points and no identified taint flows of critical or high severity.  However, the plugin's vulnerability history is a significant concern.  It has a known CVE, although it is currently patched. The presence of a past medium-severity vulnerability, specifically Cross-site Scripting, indicates a potential weakness in input handling.  The lack of nonce checks and capability checks in the provided static analysis data, despite the presence of shortcodes, also warrants attention as it could represent an indirect risk if not handled appropriately within the shortcode's implementation.",[203,206,209,212],{"reason":204,"points":205},"Known CVE in history",10,{"reason":207,"points":208},"Past medium vulnerability (XSS)",8,{"reason":210,"points":211},"Missing nonce checks",5,{"reason":213,"points":211},"Missing capability checks","2026-03-16T23:09:10.286Z",{"wat":216,"direct":225},{"assetPaths":217,"generatorPatterns":219,"scriptPaths":220,"versionParams":222},[218],"\u002Fwp-content\u002Fplugins\u002Flana-text-to-image\u002Fassets\u002Fcss\u002Flana-text-to-image-admin.css",[],[221],"\u002Fwp-content\u002Fplugins\u002Flana-text-to-image\u002Fassets\u002Fjs\u002Flana-text-to-image-shortcode.js",[223,224],"lana-text-to-image\u002Fassets\u002Fcss\u002Flana-text-to-image-admin.css?ver=","lana-text-to-image\u002Fassets\u002Fjs\u002Flana-text-to-image-shortcode.js?ver=",{"cssClasses":226,"htmlComments":227,"htmlAttributes":228,"restEndpoints":229,"jsGlobals":230,"shortcodeOutput":231},[4],[],[],[],[],[232],"\u003Cimg src=\"data:image\u002Fpng;base64,"]