[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPBbX1HKhnS4fAGgNtZwT2dkMsbuqvr-lEHr2ZGMN75Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":13,"tags":16,"homepage":13,"download_link":20,"security_score":21,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":33,"analysis":56,"fingerprints":104},"login-by-ip-authentication","Login By IP Authentication","0.1","DotsquaresLtd","https:\u002F\u002Fprofiles.wordpress.org\u002Fdswpsupport\u002F","\u003Cp>The plugin will allow users to login with their allowed IPs only. If you want user should be allowed to login with multiple IPs, then admin can associate multiple IPs separated with comma(,) character.\u003C\u002Fp>\n\u003Ch4>General Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>IP Restricted login.\u003C\u002Fli>\n\u003Cli>You can set multiple IPs for a user to allow login from multiple IPs.\u003C\u002Fli>\n\u003Cli>Lightweight.\u003C\u002Fli>\n\u003C\u002Ful>\n","The plugin will allow users to login with their allowed IPs only. If you want user should be allowed to login with multiple IPs, then admin can associ …",0,1031,"","4.9.29","3.0",[17,18,19],"ip-authentication","ip-based-login","login-with-ip-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-by-ip-authentication.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":29,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"dswpsupport",6,110,88,30,86,"2026-04-04T00:41:13.083Z",[34],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":11,"downloaded":42,"rating":11,"num_ratings":11,"last_updated":43,"tested_up_to":44,"requires_at_least":45,"requires_php":46,"tags":47,"homepage":52,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":22,"fetched_at":55},"unoapp-protects-wp-admin","Unoapp Protect WP Admin","1.1","Kartik Busa","https:\u002F\u002Fprofiles.wordpress.org\u002Funoapp\u002F","\u003Cp>Many time sites hacked by admin access because it’s common URL for all wp-admin, this unoapp protect wp admin gives advanced security against hackers.\u003C\u002Fp>\n\u003Cp>Are you seeing a lot of attacks on your WordPress admin area? Protecting the admin area from unauthorized access allows you to block many common security threats\u003Cbr \u002F>\nunoapp protect wp admin helps solve this problem by allowing webmasters to customize their admin panel URL and access allows only selected ips.\u003C\u002Fp>\n\u003Cp>After installed and configured unoapp protect wp admin plugin, administrator able to change the “sitename.com\u002Fwp-admin” link into “sitename.com\u002Fcustom-admin”.\u003C\u002Fp>\n\u003Cp>The plugin also restrict admin access by multiple ips based\u003C\u002Fp>\n\u003Cp>** NOTE: You should keed backup your database before activating this plugin.**\u003Cbr \u002F>\nfor some reason, you find it necessary to restore your database from these backups.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option to change custom wp-admin into both sides after logged in and before login URL(i.e http:\u002F\u002Fyourdomain.com\u002Fcustom-admin)\u003C\u002Fli>\n\u003Cli>Automatically change “Register” page URL\u003C\u002Fli>\n\u003Cli>Automatically change “Lost Password” page URL\u003C\u002Fli>\n\u003Cli>Restrict applied for registered non-admin users from wp-admin\u003C\u002Fli>\n\u003Cli>Allow admin access by defining comma separated multiple ips\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Important\u003C\u002Fh3>\n\u003Cp>1) Save the slug.\u003C\u002Fp>\n\u003Cp>2) Please put below two lines code in your wp-config.php file above of Absolute path (ABSPATH).\u003C\u002Fp>\n\u003Cp>define(‘WP_ADMIN_DIR’, ‘office-admin’);\u003C\u002Fp>\n\u003Cp>define(‘ADMIN_COOKIE_PATH’, SITECOOKIEPATH . WP_ADMIN_DIR);\u003C\u002Fp>\n\u003Cp>3)\u003Cbr \u002F>\nSometimes it’s issuing while permalink settings not updated.\u003Cbr \u002F>\nSome time .htaccess not updated due to permission issue, permalink issue or some other security plugins, in that case, you can update .htaccess manually.\u003C\u002Fp>\n\u003Cpre>\u003Ccode># BEGIN WordPress\n\u003CIfModule mod_rewrite.c>\nRewriteEngine On\nRewriteBase \u002F\nRewriteRule ^index\\.php$ - [L]\nRewriteRule ^custom-admin\u002F(.*) wp-admin\u002F$1?%{QUERY_STRING} [L]\nRewriteRule ^custom-admin\u002F?$ wp-login.php [L]\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\nRewriteRule . \u002Findex.php [L]\n\u003C\u002FIfModule>\n# END WordPress\n\u003C\u002Fcode>\u003C\u002Fpre>\n","unoapp protect wp admin allows access for you only by URL change and access on IP based.",1301,"2022-05-19T09:50:00.000Z","5.9.13","4.0","5.2.4",[48,18,49,50,51],"change-wp-admin-slug","protect-wordpress-admin","secure-wordpress-admin","unoapp-protect-wp-admin","http:\u002F\u002Fwww.unoapp.com\u002Fwp-plugins\u002Funoapp-protects-wp-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funoapp-protects-wp-admin.zip",85,"2026-03-15T15:16:48.613Z",{"attackSurface":57,"codeSignals":85,"taintFlows":94,"riskAssessment":95,"analyzedAt":103},{"hooks":58,"ajaxHandlers":81,"restRoutes":82,"shortcodes":83,"cronEvents":84,"entryPointCount":11,"unprotectedCount":11},[59,65,68,72,75],{"type":60,"name":61,"callback":62,"file":63,"line":64},"action","show_user_profile","ds_lbia_extra_ip_fields","login-by-ip-authentication.php",18,{"type":60,"name":66,"callback":62,"file":63,"line":67},"edit_user_profile",19,{"type":60,"name":69,"callback":70,"file":63,"line":71},"personal_options_update","ds_lbia_save_extra_ip_fields",40,{"type":60,"name":73,"callback":70,"file":63,"line":74},"edit_user_profile_update",41,{"type":76,"name":77,"callback":78,"priority":79,"file":63,"line":80},"filter","wp_authenticate_user","ds_lbia_check_ip_auth",99,52,[],[],[],[],{"dangerousFunctions":86,"sqlUsage":87,"outputEscaping":89,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":92,"bundledLibraries":93},[],{"prepared":11,"raw":11,"locations":88},[],{"escaped":90,"rawEcho":11,"locations":91},3,[],1,[],[],{"summary":96,"deductions":97},"The \"login-by-ip-authentication\" plugin version 0.1 exhibits a strong security posture based on the provided static analysis.  It effectively avoids dangerous functions, uses prepared statements for all SQL queries, and ensures all outputs are properly escaped.  The plugin also has no file operations or external HTTP requests, further minimizing its attack surface.  The single capability check is a positive indicator of intended access control, although its effectiveness isn't detailed here.  The absence of known CVEs and any recorded vulnerability history is a significant strength, suggesting a well-maintained and secure codebase over time.\n\nHowever, the complete lack of AJAX handlers, REST API routes, shortcodes, and cron events means the plugin has zero identified entry points, which is exceptionally low. While this indicates no obvious direct vulnerabilities, it also means there's no active functionality exposed via common WordPress mechanisms that would typically require robust security checks like nonce validation. This could imply a very limited feature set or functionality that relies solely on other plugin\u002Ftheme interactions. The lack of taint analysis data is also a point of note; while it suggests no issues were found, it's also possible no extensive taint analysis was performed or reported.",[98,101],{"reason":99,"points":100},"No nonce checks on entry points",5,{"reason":102,"points":90},"Limited reported taint analysis coverage","2026-03-17T05:47:19.845Z",{"wat":105,"direct":110},{"assetPaths":106,"generatorPatterns":107,"scriptPaths":108,"versionParams":109},[],[],[],[],{"cssClasses":111,"htmlComments":113,"htmlAttributes":118,"restEndpoints":121,"jsGlobals":122,"shortcodeOutput":123},[112],"form-table",[114,115,116,117],"Filter and Function to add extra field to allow admin to associate IPs in user's update profile page from admin panel. ","Filter and Function to add save associated IPs for user.","Filter and Function to check if user is logging in from the allowed IP. ","Function to get user's current IP.",[119,120],"name=\"allowedips\"","id=\"next\"",[],[],[]]