[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTmB1wnjKgMAP2wrni3SlankBod8aS2H_kIVu2mcJgP0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":145,"fingerprints":257},"login-dongle","Login Dongle","1.5.2","Andrea Ercolino","https:\u002F\u002Fprofiles.wordpress.org\u002Faercolino\u002F","\u003Cp>Login Dongle protects your login by means of a \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FSecurity_question\" rel=\"nofollow ugc\">security question\u003C\u002Fa>\u003Cbr \u002F>\n(AKA challenge\u002Fresponse) as an extra security layer. A bookmark is your login dongle.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to your standard login page, fill in the form as usual, and click the bookmark.\u003C\u002Fli>\n\u003Cli>A prompt asks the challenge. Fill in the response, and accept.\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=9zejJewYVi4\u003C\u002Fp>\n\u003Ch4>Why it works\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Under the hood, the bookmark submits login data, together with the challenge and response.\u003C\u002Fli>\n\u003Cli>If both challenge and response validate on the server, the login process goes on as usual, otherwise it dies.\u003C\u002Fli>\n\u003Cli>The login page stays exactly the same as usual, so attackers won’t know how to guess challenge and response.\u003C\u002Fli>\n\u003Cli>Only you know the response to the challenge, so nobody but you will be able to use the bookmarlet.\u003C\u002Fli>\n\u003Cli>People using your PC won’t be able to login even if your browser fills in the login form with your password.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Login Dongle is compatible with any other login plugin.\u003C\u002Fp>\n\u003Cp>For more info, please refer to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flogin-dongle\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa>\u003Cbr \u002F>\nand the user’s instructions you’ll find on the settings page after activating the plugin.\u003C\u002Fp>\n\u003Ch4>User Guides\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Dutch: http:\u002F\u002Fwww.wpsitemaken.nl\u002Flogin-dongle\u003C\u002Fli>\n\u003Cli>English: http:\u002F\u002Fwww.itechdestiny.com\u002Fwordpress-security-with-login-dongle-plugin\u002F\u003C\u002Fli>\n\u003Cli>English: http:\u002F\u002Fwww.shoutmeloud.com\u002Fsecure-wordpress-login.html\u003C\u002Fli>\n\u003Cli>French: http:\u002F\u002Fneosting.net\u002Fcomment-securiser-acces-login-wordpress-2-etapes\u003C\u002Fli>\n\u003Cli>German: https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fexcellent-plugin-110\u003C\u002Fli>\n\u003Cli>Japanese: http:\u002F\u002Fwp.8jimeyo.info\u002Fplugin\u002Flogin-dongle\u002F\u003C\u002Fli>\n\u003Cli>Turkish: http:\u002F\u002Fhakanertr.wordpress.com\u002F2012\u002F07\u002F24\u002Flogin-dongle\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Quick Reviews\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>http:\u002F\u002Fforum.ait-pro.com\u002Fforums\u002Ftopic\u002Fcompatibility-question-for-custom-login\u002F\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwebscripts.softpedia.com\u002Fscript\u002FModules\u002FWordPress-Plugins\u002FLogin-Dongle-80067.html\u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fplugin-login-dongle-clever-plugin\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwww.evohosting.co.uk\u002Fblog\u002Fweb-development\u002Fwordpress-web-development\u002F6-of-the-best-wordpress-security-plugins\u002F\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwww.labnol.org\u002Finternet\u002Fimprove-wordpress-security\u002F24639\u002F\u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fwww.linkedin.com\u002Fgroups\u002FSecurity-suggestions-1482937.S.199139568#commentID_110730071\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwww.practicalwp.com\u002Flogin-dongle-login-bookmarklet-for-wordpress\u002F\u003C\u002Fli>\n\u003Cli>http:\u002F\u002Fwww.wtfdiary.com\u002F2012\u002F08\u002F8-ways-to-secure-your-wordpress-blog.html\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (Andrea Ercolino)\u003C\u002Fli>\n\u003Cli>Serbian (Borisa Djuraskovic)\u003C\u002Fli>\n\u003Cli>Spanish (Andrea Ercolino)\u003C\u002Fli>\n\u003Cli>Turkish (Hakan Er)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>NOTE: Here ‘bookmark’ and ‘bookmarklet’ are used interchangeably.\u003C\u002Fp>\n\u003Ch3>Uninstall Instructions\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Click the \u003Cem>Delete\u003C\u002Fem> button in the \u003Cem>Plugins\u002FInstalled Plugins\u003C\u002Fem> list.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If you manually removed the \u003Cem>login-dongle\u003C\u002Fem> plugin directory, or if your version was prior to 1.4.0,\u003Cbr \u002F>\nsome garbage is left into your database. It’s harmless, but if you still want to clean it up, access\u003Cbr \u002F>\nthe \u003Cem>options\u003C\u002Fem> table and remove all the rows whose \u003Cem>option_name\u003C\u002Fem> column start with \u003Cem>login_dongle\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>If your version was prior to 1.1.0, edit the \u003Cem>wp-login.php\u003C\u002Fem> file in the root\u003Cbr \u002F>\ndirectory of your blog and remove the line that begins with \u003Ccode>do_action('login-start');\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Banner\u003C\u002Fh3>\n\u003Cp>From \u003Ca href=\"http:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Ffotologic\u002F4891100379\" rel=\"nofollow ugc\">Rusty door\u003C\u002Fa>, taken by\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Ffotologic\u002F\" rel=\"nofollow ugc\">fotologic\u003C\u002Fa> on August 14, 2010 in Penbryn, Wales, GB.\u003C\u002Fp>\n","The bookmark to login nobody but you. Simple and secure.",60,25714,90,2,"2014-10-01T21:03:00.000Z","4.0.38","1.0","",[20,21,22,23,24],"answer","challenge","ddos","response","security-question","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Flogin-dongle\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-dongle.1.5.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"aercolino",5,480,30,84,"2026-04-05T20:40:09.252Z",[40,58,81,104,123],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":28,"downloaded":48,"rating":28,"num_ratings":28,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"mb-challenge-response-authentication","MB Challenge response authentication","1.0.0","Yeora","https:\u002F\u002Fprofiles.wordpress.org\u002Fmabipress\u002F","\u003Cp>The “MB Challenge response authentication” plugin extends the\u003Cbr \u002F>\ndefault WordPress authentication with a challenge response authentication.\u003Cbr \u002F>\nThis ensures that passwords during login are no longer stored in the\u003Cbr \u002F>\nclear text during the login process.\u003C\u002Fp>\n\u003Cp>Via a menu item in the administration you can also set whether the challenge response authentication should be enforced or not. If challenge response authentication is not enforced\u003Cbr \u002F>\nthe default WordPress authentication is allowed as fallback.\u003Cbr \u002F>\nThis is the case if a user cannot hash on the client side.\u003C\u002Fp>\n\u003Cp>Furthermore, the default WordPress hasher is overridden and PHP native functions like password_hash and password_verify are used.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Special thanks to the developers of the\u003Cbr \u002F>\nbcrypt.js library https:\u002F\u002Fgithub.com\u002FdcodeIO\u002Fbcrypt.js.\u003Cbr \u002F>\nThe library is used for client-side hashing.\u003C\u002Fp>\n","This plugin implements challenge response authentication. In addition, the WordPress hasher is replaced by native PHP libraries.",839,"2022-01-23T13:39:00.000Z","5.9.0","5.7.0",[53,54,55],"challenge-response","hash","security","http:\u002F\u002Fmb-challenge-response-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmb-challenge-response-authentication.1.0.0.zip",{"slug":59,"name":60,"version":61,"author":60,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":72,"tags":73,"homepage":77,"download_link":78,"security_score":79,"vuln_count":14,"unpatched_count":28,"last_vuln_date":80,"fetched_at":30},"cloudflare","Cloudflare","4.14.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudflare\u002F","\u003Ch4>What this plugin can do for you\u003C\u002Fh4>\n\u003Cp>[https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=DWANhxoDxFI]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Platform Optimization (APO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Speed up your WordPress site by up to 300% with Cloudflare’s Automatic Platform Optimization (APO) plugin. APO allows Cloudflare to serve your entire WordPress site from our edge network of over 250+ data centers worldwide ensuring fast & reliable performance for your visitors no matter where they are.\u003C\u002Fp>\n\u003Cp>Optimizing your WordPress site with multiple plugins can be overwhelming. Take your WordPress site’s performance to the next level by switching to a single plugin for CDN, intelligent caching, and other key WordPress optimizations with Cloudflare (APO). Visit our \u003Ca href=\"https:\u002F\u002Fblog.cloudflare.com\u002Fautomatic-platform-optimizations-starting-with-wordpress\u002F\" rel=\"nofollow ugc\">announcement blog\u003C\u002Fa> to learn more about APO.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What makes APO different from other caching plugins?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The key differentiating factor between Cloudflare APO and other traditional page caching and CDN solutions is its ability to directly cache static HTML at Cloudflare’s edge. Every other plugin and CDN will cache your static assets (images, javascript, CSS), but none help you cache the actual content on your site (the HTML) using a massive edge network like Cloudflare’s.\u003C\u002Fp>\n\u003Cp>APO intelligently caches your HTML pages and will automatically purge content from the cache that you update, so users will always see the latest content without compromising the performance of pages that haven’t been recently updated\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What you get with Cloudflare APO\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>APO is a $5 add-on with Cloudflare’s free plan and comes with an unlimited amount of subdomains. With APO you also get to leverage many of the other benefits of Cloudflare such as \u003Cstrong>Free DNS, Free Automated SSL Certificates, Free DDoS Mitigation, and more.\u003C\u002Fstrong> APO is free for all paid plan users so if you have Cloudflare Pro or Business already you can just turn it on. You can compare all our plans \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fplans\u002F?utm_source=promo&utm_medium=social&utm_term=&utm_content=&utm_campaign=g421o-pl-apo-wordpress-plans\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Protect your WordPress site with Cloudflare’s Web Application Firewall (WAF)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Cloudflare’s WAF is available on all our \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fplans\u002F?utm_source=promo&utm_medium=social&utm_term=&utm_content=&utm_campaign=g421o-pl-apo-wordpress-plans\" rel=\"nofollow ugc\">paid plans\u003C\u002Fa> and comes with built-in rulesets, specifically tailored to mitigate WordPress threats and vulnerabilities. These security rules are regularly updated by our team of experts. At the flip of a switch, you’ll have your WAF up and running without any difficult adjustments to your site. With over 26 million internet properties under our protection, you can sleep easy knowing Cloudflare has your back.\u003C\u002Fp>\n\u003Ch4>Additional features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Header rewrite to prevent a redirect loop when Cloudflare’s Universal SSL is enabled\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Change Cloudflare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>View analytics such as total visitors, bandwidth saved, and threats blocked\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Support for \u003Ca href=\"https:\u002F\u002Fblog.cloudflare.com\u002Fannouncing-support-for-http-2-server-push-2\u002F\" rel=\"nofollow ugc\">HTTP2\u002FServer Push\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","All of Cloudflare’s performance and security benefits in a simple one-click install.",200000,9150323,70,179,"2025-12-22T16:44:00.000Z","6.9.0","5.0","7.4",[59,22,74,75,76],"seo","speed","ssl","https:\u002F\u002Fblog.cloudflare.com\u002Fnew-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudflare.4.14.2.zip",99,"2024-01-04 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":18,"download_link":102,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-xml-rpc-pingback","Disable XML-RPC Pingback","1.2.2","Samuel Aguilera","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamuelaguilera\u002F","\u003Cp>Stops abuse of your site’s XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.\u003C\u002Fp>\n\u003Cp>This is more friendly than disabling totally XML-RPC, that it’s needed by some plugins and apps (I.e. Mobile apps or some Jetpack’s modules).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The original one.\u003C\u002Fli>\n\u003Cli>Simple and effective.\u003C\u002Fli>\n\u003Cli>No marketing buzz.\u003C\u002Fli>\n\u003Cli>Maintained and \u003Cstrong>updated when needed\u003C\u002Fstrong> since 2014.\u003C\u002Fli>\n\u003Cli>100% compliant with \u003Cstrong>WordPress coding standards\u003C\u002Fstrong> which makes it fail safe.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>60,000+ active installations\u003C\u002Fstrong> can’t be wrong.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’re happy with the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-xml-rpc-pingback\u002Freviews\u002F?filter=5\" rel=\"ugc\">please don’t forget to give it a good rating\u003C\u002Fa>, it will motivate me to keep sharing and improving this plugin (and others).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Removes the following methods from XML-RPC interface.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>pingback.ping\u003C\u002Fli>\n\u003Cli>pingback.extensions.getPingbacks\u003C\u002Fli>\n\u003Cli>X-Pingback from HTTP headers. This will hopefully stops some bots from trying to hit your xmlrpc.php file.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.8.1 or higher.\u003C\u002Fli>\n\u003C\u002Ful>\n","Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.",60000,420220,78,14,"2025-11-24T11:09:00.000Z","6.8.5","4.8","5.6",[22,98,99,100,101],"pingback","rpc","xml","xml-rpc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-xml-rpc-pingback.1.2.2.zip",100,{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":103,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":72,"tags":118,"homepage":18,"download_link":122,"security_score":103,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"stop-xml-rpc-attacks","Stop XML-RPC Attacks","2.0.0","Pascal CESCATO","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcescato\u002F","\u003Cp>Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Three security modes: Full Disable, Guest Disable, or Selective Blocking\u003C\u002Fli>\n\u003Cli>Blocks dangerous methods: system.multicall, pingback.ping, and more\u003C\u002Fli>\n\u003Cli>Compatible with Jetpack and WooCommerce\u003C\u002Fli>\n\u003Cli>Optional user enumeration blocking\u003C\u002Fli>\n\u003Cli>Attack logging for monitoring\u003C\u002Fli>\n\u003Cli>Zero configuration required – works out of the box\u003C\u002Fli>\n\u003Cli>Clean, intuitive admin interface\u003C\u002Fli>\n\u003C\u002Ful>\n","Blocks dangerous XML-RPC methods while preserving Jetpack, WooCommerce, and mobile apps compatibility.",6000,26717,4,"2026-01-01T13:41:00.000Z","6.9.4","6.0",[119,22,120,55,121],"brute-force","jetpack","xmlrpc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-xml-rpc-attacks.2.0.0.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":103,"num_ratings":133,"last_updated":134,"tested_up_to":116,"requires_at_least":96,"requires_php":72,"tags":135,"homepage":141,"download_link":142,"security_score":143,"vuln_count":14,"unpatched_count":28,"last_vuln_date":144,"fetched_at":30},"getresponse-official","Email marketing for WordPress by GetResponse Official","1.6.5","GetResponse","https:\u002F\u002Fprofiles.wordpress.org\u002Fgetresponse\u002F","\u003Ch4>Introduction 👌\u003C\u002Fh4>\n\u003Cp>Looking for an easy way to boost your email marketing right from WordPress? Meet \u003Cstrong>GetResponse for WordPress\u003C\u002Fstrong> – our \u003Cstrong>email marketing plugin for WordPress & WooCommerce\u003C\u002Fstrong>!\u003C\u002Fp>\n\u003Cp>It’s your all-in-one tool for growing your email list, automating campaigns, and getting real-time insights. Whether you’re a blogger, a business owner, or a WooCommerce shop manager, this plugin simplifies email marketing and helps you connect better with your audience.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FXtWMThkHhiA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Description 👌\u003C\u002Fh4>\n\u003Cp>⚡ \u003Cstrong>GetResponse for WordPress\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maximize your \u003Cstrong>WordPress and WooCommerce with GetResponse\u003C\u002Fstrong>, an advanced email marketing and automation platform with 25+ years of expertise.\u003C\u002Fp>\n\u003Cp>➡️ Seamlessly connect to expand your email list, manage contacts, and tailor marketing using visitor behavior and ecommerce data\u003C\u002Fp>\n\u003Cp>➡️ Integrate site visit tracking and ecommerce data sync to execute personalized campaigns effortlessly\u003C\u002Fp>\n\u003Cp>➡️ Add an opt-in box to turn visitors into contacts and import WooCommerce product catalogs and customer info\u003C\u002Fp>\n\u003Cp>Perfect for WordPress multisite and WooCommerce multistore, with multi-currency support, allowing you to choose which data to import for target marketing\u003C\u002Fp>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n“Easy import of all subscribers”\u003C\u002Fp>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n“GetResponse is easy to use and I can do most things by myself but if something is a little confusing they have AI help and live support so answers are easy to get and I don’t waste time trying to figure stuff out.”\u003C\u002Fp>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n“Not only is GetResponse really easy to use (you don’t need to be an expert to get your head around it), it also integrates various other programmes, such as wordpress. This integration allows me to collect hundreds of email addresses every week, passively. These are people who have opted in to receive newsletters via our website as well as those who choose to receive merchandise newsletters while making purchases from the online merch store.”\u003C\u002Fp>\n\u003Ch3>Features 👌\u003C\u002Fh3>\n\u003Cp>⚡ \u003Cstrong>List building – Turn your blog, site or store visitors, and customers into contacts\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With \u003Cstrong>GetResponse for WordPress\u003C\u002Fstrong>, you can expand your reach by encouraging sign-ups through a multitude of list-building options.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Add contacts from your WordPress site \u003Cstrong>directly to GetResponse\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Easily create and add \u003Cstrong>signup forms and popups\u003C\u002Fstrong> to your website with seamless integration\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Track visits to your WordPress site and target users with marketing campaigns based on their browsing behavior.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add subscribers to \u003Cstrong>GetResponse directly from Contact Form 7\u003C\u002Fstrong> on your WordPress site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Automatically update and sync data between WordPress and GetResponse in real-time.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚡ \u003Cstrong>WooCommerce – Add contacts and collect ecommerce data\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>built-in integration with WooCommerce\u003C\u002Fstrong> lets you add customers to your contact list and send ecommerce data to GetResponse.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Grow your list by adding customers at checkout.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Export customer list to GetResponse, including custom fields and purchase history.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Collect information about customer\u003C\u002Fstrong> spending habits, product preferences, purchase history, and cart behavior.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Integrate with our \u003Cstrong>AI Product Recommendations\u003C\u002Fstrong> add-on to automatically recommend products based on AI-powered insights.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Effortlessly create abandoned cart emails with just a few clicks for your WooCommerce store.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚡ \u003Cstrong>Web Event tracking – Engage visitors with personalized workflows based on their activity\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With \u003Cstrong>GetResponse for WordPress\u003C\u002Fstrong>, you can monitor site visits and:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Create workflows based on URLs visited.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Use \u003Cstrong>advanced search options\u003C\u002Fstrong> to identify people who recently visited your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create custom filters and plan your mailings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Trigger popups based on specific product items and categories being viewed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Send \u003Cstrong>bulk SMS campaigns automatically based on selected conditions\u003C\u002Fstrong>, user behavior, or contact information\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How does it work? 👌\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Sign in to WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In the left-hand menu, select \u003Cstrong>Plugins > Add New\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Click \u003Cstrong>Upload Plugin\u003C\u002Fstrong> and \u003Cstrong>Choose File\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Locate and select the plugin on your computer.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Click \u003Cstrong>Install Now\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>After installation, click \u003Cstrong>Activate Plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Go to \u003Cstrong>Integrations and API > WordPress\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Click on the \u003Cstrong>Connect button\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Provide WordPress \u003Cstrong>site URL, admin username and the application password\u003C\u002Fstrong> generated in WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Click on the \u003Cstrong>Connect button\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Now that you have successfully integrated your WordPress website with GetResponse, we think you will appreciate what’s coming next 👇👇👇\u003C\u002Fp>\n\u003Ch3>New Plan for Content Creators: Content Monetization\u003C\u002Fh3>\n\u003Cp>We’re introducing our \u003Cstrong>new Content Monetization plan\u003C\u002Fstrong> – a comprehensive suite of tools designed for online knowledge creators!\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FMN7-9vy0_5I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Now, it’s easier and more affordable than ever to create, market, and monetize your knowledge online.\u003C\u002Fp>\n\u003Cp>🤖 Kickstart your \u003Cstrong>course creation\u003C\u002Fstrong> process with \u003Cstrong>advanced AI technology\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>💰 Use \u003Cstrong>premium newsletters\u003C\u002Fstrong> to \u003Cstrong>monetize your emails and grow your email list\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>🏆 \u003Cstrong>Showcase all your content\u003C\u002Fstrong> on a dedicated \u003Cstrong>creator’s profile\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>🎉 Celebrate \u003Cstrong>course milestones, request feedback\u003C\u002Fstrong>, and \u003Cstrong>upsell to your students\u003C\u002Fstrong> with \u003Cstrong>new automation templates\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Simply put, turn your content into a revenue stream doing what you love and selling it. All within the same platform!  ❤️\u003C\u002Fp>\n\u003Ch3>Get a FREE 1-hour onboarding call when you sign up with GetResponse! ⚡\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FK2ztpN4rsi4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.getresponse.com\u002F\" rel=\"nofollow ugc\">GetResponse\u003C\u002Fa> is a comprehensive email marketing platform that provides small businesses, solopreneurs, coaches, and marketers with powerful and affordable tools to grow their audience, engage with their subscribers, and turn subscribers into paying customers.\u003C\u002Fp>\n\u003Cp>With over 25 years of expertise, our customers choose GetResponse for our user-friendly solution, award-winning 24\u002F7 customer support, and powerful tools that go beyond email marketing – with automation, list growth, and additional communication tools like webinars and live chats to help businesses build their personal brand, sell their products and services, and build a community.\u003C\u002Fp>\n\u003Cp>Need a more advanced platform? \u003Ca href=\"https:\u002F\u002Fwww.getresponse.com\u002Fmax\" rel=\"nofollow ugc\">GetResponse MAX\u003C\u002Fa> offer solutions for demanding users looking for advanced marketing features and reliable support.\u003C\u002Fp>\n","Maximize visitor potential! Capture emails, automate marketing, track visits, and transfer ecommerce data to GetResponse for precision campaigns.",4000,58587,3,"2026-02-23T12:24:00.000Z",[136,137,138,139,140],"ecommerce","email-marketing","getresponse","marketing","newsletter","https:\u002F\u002Fwww.getresponse.com\u002Fhelp\u002Fhow-to-integrate-wordpress-with-getresponse.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgetresponse-official.1.6.5.zip",98,"2025-09-25 00:00:00",{"attackSurface":146,"codeSignals":200,"taintFlows":243,"riskAssessment":244,"analyzedAt":256},{"hooks":147,"ajaxHandlers":196,"restRoutes":197,"shortcodes":198,"cronEvents":199,"entryPointCount":28,"unprotectedCount":28},[148,154,159,163,167,171,175,180,184,189,192],{"type":149,"name":150,"callback":151,"file":152,"line":153},"filter","wp_mail_content_type","htmlContentType","LoginDongleMail.php",31,{"type":155,"name":156,"callback":157,"file":158,"line":36},"action","delete_user","remove","LoginDonglePlugin.php",{"type":155,"name":160,"callback":161,"file":158,"line":162},"login_enqueue_scripts","handleFormGET",41,{"type":155,"name":164,"callback":165,"priority":28,"file":158,"line":166},"login_init","handleFormPOST",42,{"type":149,"name":168,"callback":169,"priority":28,"file":158,"line":170},"wp_xmlrpc_server_class","wpXmlrpcServerClass_filter",44,{"type":155,"name":172,"callback":173,"priority":28,"file":158,"line":174},"login_init_xmlrpc","handleXmlrpcPOST",45,{"type":155,"name":176,"callback":177,"file":178,"line":179},"admin_menu","addPage","LoginDongleSiteAdmin.php",22,{"type":155,"name":181,"callback":182,"file":178,"line":183},"admin_init","bindAPI",23,{"type":155,"name":185,"callback":186,"file":187,"line":188},"profile_personal_options","handleGET","LoginDongleUserAdmin.php",21,{"type":155,"name":190,"callback":186,"file":187,"line":191},"edit_user_profile",24,{"type":155,"name":193,"callback":194,"file":187,"line":195},"profile_update","handlePOST",25,[],[],[],[],{"dangerousFunctions":201,"sqlUsage":202,"outputEscaping":204,"fileOperations":241,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":242},[],{"prepared":28,"raw":28,"locations":203},[],{"escaped":28,"rawEcho":205,"locations":206},17,[207,211,213,215,217,219,221,223,224,226,227,229,231,233,235,237,239],{"file":208,"line":209,"context":210},"LoginDongleUpdater.php",63,"raw output",{"file":208,"line":212,"context":210},74,{"file":208,"line":214,"context":210},93,{"file":208,"line":216,"context":210},97,{"file":187,"line":218,"context":210},196,{"file":187,"line":220,"context":210},198,{"file":187,"line":222,"context":210},202,{"file":187,"line":222,"context":210},{"file":187,"line":225,"context":210},203,{"file":187,"line":225,"context":210},{"file":187,"line":228,"context":210},284,{"file":187,"line":230,"context":210},297,{"file":187,"line":232,"context":210},311,{"file":187,"line":234,"context":210},326,{"file":187,"line":236,"context":210},342,{"file":187,"line":238,"context":210},357,{"file":240,"line":166,"context":210},"LoginDongleXmlrpcServer.php",1,[],[],{"summary":245,"deductions":246},"The login-dongle plugin v1.5.2 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs) and the static analysis shows a complete absence of dangerous functions, external HTTP requests, and SQL queries that are not properly prepared. The attack surface appears minimal, with zero AJAX handlers, REST API routes, shortcodes, or cron events. This suggests a potentially lean and focused plugin. However, significant concerns arise from the code analysis. A critical finding is that 0% of the 17 detected output operations are properly escaped. This represents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamic content could be injected into the output without sanitization. Furthermore, the plugin performs file operations, and without explicit details on these operations and their associated checks, they represent a potential vector for unauthorized file access or modification. The lack of nonce checks and capability checks, combined with zero unprotected entry points, is confusing; it might indicate that the identified entry points are not intended for public interaction, or that the checks are implicitly handled elsewhere, but this lack of explicit checks is a weakness in clear security practice. The absence of taint analysis results is also noteworthy, as it could imply that the analysis tools were unable to identify any potential data flow issues, or that the plugin's structure did not trigger the analysis.",[247,250,252,254],{"reason":248,"points":249},"Unescaped output detected",8,{"reason":251,"points":34},"File operations present without clear checks",{"reason":253,"points":34},"Missing nonce checks",{"reason":255,"points":34},"Missing capability checks","2026-03-16T21:49:56.901Z",{"wat":258,"direct":265},{"assetPaths":259,"generatorPatterns":260,"scriptPaths":261,"versionParams":263},[],[],[262],"\u002Fwp-content\u002Fplugins\u002Flogin-dongle\u002Fjs\u002Flogin-dongle.js",[264],"login-dongle\u002Fjs\u002Flogin-dongle.js?ver=",{"cssClasses":266,"htmlComments":267,"htmlAttributes":292,"restEndpoints":293,"jsGlobals":294,"shortcodeOutput":296},[],[268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,275,285,286,282,283,287,288,289,290,291],"\u003C!-- The bookmark to login nobody but you. Simple and secure. -->","\u003C!-- TODO try to implement handleFormPOST and handleXmlrpcPOST by hooking into the the 'authenticate' filter (see http:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F20704) -->","\u003C!-- just comment the following line if you need to temporarily disable this plugin -->","\u003C!-- This binds events to handlers -->","\u003C!-- Loads the jQuery library into the login page, so the bookmarklet can use it. -->","\u003C!-- This method is a handler bound to the login_enqueue_scripts action. -->","\u003C!-- Validates POST data. -->","\u003C!-- If the challenge\u002Fresponse field is not properly set, it dies with the configured message. -->","\u003C!-- Action for login_init. -->","\u003C!-- WARNING -->","\u003C!-- Since version 1.3.0 this method dies only if the POST user has configured a login dongle. -->","\u003C!-- Up to version 1.2.2 this method died only if the SITE admin had configured a login dongle. -->","\u003C!-- if the request is not a POST -->","\u003C!-- if the page is not the login -->","\u003C!-- if a username is not given -->","\u003C!-- if a challenge is not configured -->","\u003C!-- Validates XMLRPC data. -->","\u003C!-- Action for login_init_xmlrpc. -->","\u003C!-- if the request is not XMLRPC -->","\u003C!-- before 3.4 wordpress wrongfully managed some XML-RPC calls (e.g. wp.getComments) -->","\u003C!-- Loads the XMLRPC replacement class and returns its name. -->","\u003C!-- Filter for wp_xmlrpc_server_class. -->","\u003C!-- Uninstalls this plugin, cleaning up all data. -->","\u003C!-- This is called from uninstall.php without instatiating an object of this class. -->",[],[],[295],"LoginDongle",[]]