[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fL52c11j7ECZ-z8POQ4FVXefcGBXgPE4QdXQryX4GQI4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":140,"fingerprints":186},"login-telegram-notifier","Login Telegram Notifier","1.3.2","Phil","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilstudio\u002F","\u003Cp>Login Telegram Notifier sends you instant login notifications via Telegram every time someone signs into your WordPress admin area.\u003C\u002Fp>\n\u003Cp>The alert includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🔗 Login URL\u003C\u002Fli>\n\u003Cli>🌍 IP address\u003C\u002Fli>\n\u003Cli>🧭 Geo location (via ip-api.com)\u003C\u002Fli>\n\u003Cli>👤 Username\u003C\u002Fli>\n\u003Cli>ℹ️ Browser and OS information\u003C\u002Fli>\n\u003Cli>⏰ Login timestamp\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin helps site owners monitor unauthorized access, multi-user logins or staging\u002Fadmin activity.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🔔 Telegram notifications on every login\u003C\u002Fli>\n\u003Cli>🌍 IP, geo location, browser and OS info\u003C\u002Fli>\n\u003Cli>🔐 Works with Telegram bots securely\u003C\u002Fli>\n\u003Cli>🧼 GDPR-friendly — no sensitive data stored\u003C\u002Fli>\n\u003Cli>💡 Simple setup, no coding required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services:\u003C\u002Fp>\n\u003Ch3>Telegram Bot API\u003C\u002Fh3>\n\u003Cp>Used to send login alert messages to your Telegram bot\u002Fchat.\u003Cbr \u002F>\n🔗 \u003Ca href=\"https:\u002F\u002Fcore.telegram.org\u002Fbots\u002Fapi\" rel=\"nofollow ugc\">Telegram API Docs\u003C\u002Fa>\u003Cbr \u002F>\n📜 \u003Ca href=\"https:\u002F\u002Ftelegram.org\u002Fprivacy\" rel=\"nofollow ugc\">Telegram Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Data sent: Chat ID, bot token (from your settings), and message with IP\u002Flocation\u002Fuser agent info.\u003Cbr \u002F>\nData is only sent when someone logs in and notifications are enabled.\u003Cbr \u002F>\nAll data is not stored locally exclude Chat ID, bot token from your settings.\u003C\u002Fp>\n\u003Ch3>IP-API.com\u003C\u002Fh3>\n\u003Cp>Used to retrieve geolocation data (city, country) from the IP address.\u003Cbr \u002F>\n🔗 \u003Ca href=\"http:\u002F\u002Fip-api.com\" rel=\"nofollow ugc\">https:\u002F\u002Fip-api.com\u003C\u002Fa>\u003Cbr \u002F>\n📜 \u003Ca href=\"https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Data sent: visitor’s IP address.\u003Cbr \u002F>\nData is used to enhance notification detail and is not stored locally.\u003C\u002Fp>\n","This plugin sends real-time Telegram alerts when someone logs into the WordPress admin panel. Includes IP, location, user agent and more.",10,550,0,"2026-03-14T09:58:00.000Z","6.9.4","5.3","7.2",[19,20,21,22,23],"alert","login","monitor","security","telegram","https:\u002F\u002Fiphil.top\u002Fportfolio\u002Flogin-telegram-notifier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-telegram-notifier.1.3.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"philstudio",3,30,94,"2026-04-04T13:46:53.029Z",[37,63,81,102,121],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":15,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":61,"last_vuln_date":62,"fetched_at":28},"siteguard","SiteGuard WP Plugin","1.7.9","jp-secure","https:\u002F\u002Fprofiles.wordpress.org\u002Fjp-secure\u002F","\u003Cp>You can find docs, FAQ and more detailed information on \u003Ca href=\"https:\u002F\u002Fwww.jp-secure.com\u002Fsiteguard_wp_plugin_en\u002F\" rel=\"nofollow ugc\">English Page\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fwww.jp-secure.com\u002Fsiteguard_wp_plugin\u002F\" rel=\"nofollow ugc\">Japanese Page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Simply install the SiteGuard WP Plugin, WordPress security is improved.\u003Cbr \u002F>\nThis plugin is a security plugin that specializes in the login attack of brute force, such as protection and management capabilities.\u003C\u002Fp>\n\u003Cp>Notes\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It does not support the multisite function of WordPress.\u003C\u002Fli>\n\u003Cli>It only supports Apache 1.3, 2.x for Web servers.\u003C\u002Fli>\n\u003Cli>To use the CAPTCHA function, the expansion library “mbstring” and “gd” should be installed on php.\u003C\u002Fli>\n\u003Cli>To use the management page filter function and login page change function, “mod_rewrite” should be loaded on Apache.\u003C\u002Fli>\n\u003Cli>To use the WAF Tuning Support, WAF ( SiteGuard Server Edition ) should be installed on Apache.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>There are the following functions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Admin Page IP Filter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function for the protection against the attack to the management page (under wp-admin.)\u003Cbr \u002F>\nTo the access from the connection source IP address which does not login to the management page, 404 (Not Found) is returned.\u003Cbr \u002F>\nAt the login, the connection source IP address is recorded and the access to that page is allowed.\u003Cbr \u002F>\nThe connection source IP address which does not login for more than 24 hours is sequentially deleted.\u003Cbr \u002F>\nThe URL (under wp-admin) where this function is excluded can be specified.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Rename Login\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to decrease the vulnerability against an illegal login attempt attack such as a brute force attack or a password list attack.\u003Cbr \u002F>\nThe login page name (wp-login.php) is changed. The initial value is “login_\u003C5 random digits>” but it can be changed to a favorite name.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CAPTCHA\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to decrease the vulnerability against an illegal login attempt attack such as a brute force attack or a password list attack,\u003Cbr \u002F>\nor to receive less comment spam. For the character of CAPTCHA, hiragana and alphanumeric characters can be selected.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login Lock\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to decrease the vulnerability against an illegal login attempt attack such as a brute force attack or a password list attack.\u003Cbr \u002F>\nEspecially, it is the function to prevent an automated attack. The connection source IP address the number of login failure of which reaches\u003Cbr \u002F>\nthe specified number within the specified period is blocked for the specified time.\u003Cbr \u002F>\nEach user account is not locked.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login Alert\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to make it easier to notice unauthorized login. E-mail will be sent to a login user when logged in.\u003Cbr \u002F>\nIf you receive an e-mail to there is no logged-in idea, please suspect unauthorized login.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fail Once\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to decrease the vulnerability against a password list attack. Even is the login input is correct, the first login must fail.\u003Cbr \u002F>\nAfter 5 seconds and later within 60 seconds, another correct login input make login succeed. At the first login failure, the following error message is displayed.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable Pingback\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The pingback function is disabled and its abuse is prevented.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block Author Query\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Prevents leakage of user names due to “\u002F?author=” access.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Updates Notify\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Basic of security is that always you use the latest version. If WordPress core, plugins, and themes updates are needed , sends email to notify administrators.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WAF Tuning Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is the function to create the rule to avoid the false detection in WordPress (including 403 error occurrence with normal access,)\u003Cbr \u002F>\nif WAF ( SiteGuard Server Edition ) by EG Secure Solutions is installed on a Web server. WAF prevents the attack from the outside against the Web server,\u003Cbr \u002F>\nbut for some WordPress or plugin functions, WAF may detect the attack which is actually not attack and block the function.\u003Cbr \u002F>\nBy creating the WAF exclude rule, the WAF protection function can be activated while the false detection for the specified function is prevented.\u003C\u002Fp>\n\u003Ch4>Translate\u003C\u002Fh4>\n\u003Cp>If you have created your own language pack, or have an update of an existing one, you can send \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTranslating_WordPress\" rel=\"nofollow ugc\">gettext PO and MO files\u003C\u002Fa> to sgdev@jp-secure.com so that We can bundle it into SiteGuard WP Plugin. You can download the latest \u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsiteguard\u002Ftrunk\u002Flanguages\u002Fsiteguard.pot\" rel=\"nofollow ugc\">POT file\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsiteguard\u002Fbranches\u002Flanguages\u002F\" rel=\"nofollow ugc\">PO files in each language\u003C\u002Fa>.\u003C\u002Fp>\n","SiteGurad WP Plugin is the plugin specialized for the protection against the attack to the management page and login.",600000,5177761,86,15,"2025-12-04T04:47:00.000Z","3.9","",[53,54,55,56,22],"captcha","login-alert","login-lock","pingback","http:\u002F\u002Fwww.jp-secure.com\u002Fcont\u002Fproducts\u002Fsiteguard_wp_plugin\u002Findex_en.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsiteguard.1.7.9.zip",76,2,1,"2026-02-23 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":26,"num_ratings":61,"last_updated":73,"tested_up_to":15,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":79,"download_link":80,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"loginpetze","Loginpetze","1.4","Christian Sabo","https:\u002F\u002Fprofiles.wordpress.org\u002Fpixelverbieger\u002F","\u003Cp>Sometimes it is useful to know if – or when – a user successfully logged in to WordPress. Loginpetze generates a notification mail for this incident. This is a conveniant way to e.g. monitor staging sites for customer logins. No need to regularly take a look at statistics or tracking tools. Mails are customizable with shortcodes. All texts are translatable.\u003C\u002Fp>\n\u003Cp>Loginpetze 1.x is \u003Cstrong>not compatible\u003C\u002Fstrong> with WordPress Multisite.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you wish to help translate this plugin, you are most welcome!\u003Cbr \u002F>\nTo contribute, please visit \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Floginpetze\u002F\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Keep in mind that if you’re not PTE or GTE for your language, you have to notify someone to approve your contributed strings. This can be done via \u003Ca href=\"https:\u002F\u002Fwordpress.slack.com\u002F\" rel=\"nofollow ugc\">Slack\u003C\u002Fa> or by writing a request on \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fpolyglots\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fmake.wordpress.org\u002Fpolyglots\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To find the translation team for your locale, please visit \u003Ca href=\"https:\u002F\u002Fmake.wordpress.org\u002Fpolyglots\u002Fteams\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fmake.wordpress.org\u002Fpolyglots\u002Fteams\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Special Thanks go to \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fkau-boy\u002F\" rel=\"nofollow ugc\">Bernhard Kau\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fzodiac1978\" rel=\"nofollow ugc\">Torsten Landsiedel\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fpixolin\u002F\" rel=\"nofollow ugc\">Bego Mario Garde\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ftfrommen\u002F\" rel=\"nofollow ugc\">Thorsten Frommen\u003C\u002Fa>.\u003C\u002Fp>\n","Notifies the admin by email as soon as a user has successfully logged in. The mails are customizable, the plugin is completely translatable.",80,5082,"2025-12-09T13:55:00.000Z","4.7","5.5",[19,20,21,77,78],"notification","staging","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Floginpetze\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floginpetze.1.4.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":26,"num_ratings":61,"last_updated":91,"tested_up_to":15,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":100,"download_link":101,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"activity-track","Activity Track – User Activity Log","1.0.6","Activity Track","https:\u002F\u002Fprofiles.wordpress.org\u002Fujimoto\u002F","\u003Cp>\u003Cstrong>Activity Track – User Activity Log\u003C\u002Fstrong> – Track every user action in WordPress with a real-time User Activity Log. Get instant alerts, AI insights, and full audit trails to keep your site secure.\u003C\u002Fp>\n\u003Cp>It combines \u003Cstrong>real-time activity tracking\u003C\u002Fstrong>, \u003Cstrong>AI-driven analysis\u003C\u002Fstrong>, and \u003Cstrong>customizable notifications\u003C\u002Fstrong> to help you quickly investigate issues, monitor security, and understand what users do on your site.\u003C\u002Fp>\n\u003Ch4>What This Plugin Logs (at a glance)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>User logins & logouts\u003C\u002Fstrong> (success and failed attempts)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post\u002Fpage changes\u003C\u002Fstrong> (create, update, delete, status changes)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin & theme actions\u003C\u002Fstrong> (activate, deactivate, install, update)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User & role changes\u003C\u002Fstrong> (add, remove, capability\u002Frole updates)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media & downloads\u003C\u002Fstrong> (uploads, deletions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Settings changes\u003C\u002Fstrong> (options updated)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Who It’s For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>**Agencies managing multiple client sites\u003C\u002Fli>\n\u003Cli>**Security teams monitoring user actions\u003C\u002Fli>\n\u003Cli>**Content teams needing transparency and accountability\u003C\u002Fli>\n\u003Cli>**Site owners who want visibility into their site’s health\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Choose This Activity Log Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Accurate audit trail\u003C\u002Fstrong>: designed for admins who need trustworthy logs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast & lightweight\u003C\u002Fstrong>: minimal overhead; indexed tables keep queries quick.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Actionable alerts\u003C\u002Fstrong>: email\u002FSlack rules so you know about critical events instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy controls\u003C\u002Fstrong>: IP anonymization and hashing options (Pro) for GDPR\u002FCCPA.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Core Features (Free)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>🔍 \u003Cstrong>Real-Time Activity Logging\u003C\u002Fstrong>\u003Cbr \u002F>\nCapture every key event (logins, content edits, downloads, failed attempts, etc.) as it happens.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🔔 \u003Cstrong>Custom Notifications\u003C\u002Fstrong>\u003Cbr \u002F>\nTrigger alerts based on user roles, specific actions, IP ranges or threshold events via email or Slack.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>📊 \u003Cstrong>Reports & Statistics\u003C\u002Fstrong>\u003Cbr \u002F>\nView detailed dashboards and exportable reports on activity trends, top users, and security events.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🔒 \u003Cstrong>Multisite Compatible\u003C\u002Fstrong>\u003Cbr \u002F>\nSingle-site or network-wide deployment—centralized control for multisite installs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>📥 \u003Cstrong>CSV & PDF Exports\u003C\u002Fstrong>\u003Cbr \u002F>\nDownload detailed activity reports for compliance, audit or sharing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>GET SUPPORT AND PRO FEATURES\u003C\u002Fh3>\n\u003Cp>Get professional support and more features with \u003Ca href=\"https:\u002F\u002Factivitytrack.ai\" rel=\"nofollow ugc\">Activity Track PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Pro Features (Optional Upgrade)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>🤖 \u003Cstrong>AI-Driven Summaries\u003C\u002Fstrong>\u003Cbr \u002F>\nGet natural-language overviews of activity trends, anomalies and key insights without lifting a finger.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🌐 \u003Cstrong>VPN & Proxy Detection\u003C\u002Fstrong>\u003Cbr \u002F>\nAutomatically flag or exclude traffic coming from known VPNs, proxies or TOR nodes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🔒 \u003Cstrong>IP Anonymization & Hashing\u003C\u002Fstrong>\u003Cbr \u002F>\nMeet GDPR\u002FCCPA requirements by masking or hashing visitor IP addresses.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🗂️ \u003Cstrong>Grouped Activity Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nConsolidate repeated events into single entries with frequency counts for cleaner analysis.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>⏱ \u003Cstrong>Advanced Time Filters\u003C\u002Fstrong>\u003Cbr \u002F>\nSee data for the last 24 hours, 7 days, 30 days or any custom interval.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🚨 \u003Cstrong>Unlimited Notification Rules\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate as many email notifications as you need—no caps.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🛠 \u003Cstrong>Priority Email Support\u003C\u002Fstrong>\u003Cbr \u002F>\nGet fast, expert help whenever you need it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Source Code & Human-Readable Files\u003C\u002Fh3>\n\u003Cp>We include both the original (human-readable) and the minified assets in this ZIP so you can review or fork them directly.\u003C\u002Fp>\n\u003Cp>— \u003Cstrong>JavaScript sources\u003C\u002Fstrong> (in \u003Ccode>assets\u002Fadmin\u002Fjs\u002F\u003C\u002Fcode>):\u003Cbr \u002F>\n  • \u003Ccode>flowbite.js\u003C\u002Fcode>\u003Cbr \u002F>\n    – original Flowbite source (upstream: https:\u002F\u002Fgithub.com\u002Fthemesberg\u002Fflowbite)\u003Cbr \u002F>\n  • \u003Ccode>flowbite.min.js\u003C\u002Fcode>\u003Cbr \u002F>\n    – minified Flowbite\u003Cbr \u002F>\n  • \u003Ccode>atk.notifications.js\u003C\u002Fcode>\u003Cbr \u002F>\n    – our plugin’s notifications logic (un-minified)\u003Cbr \u002F>\n  • \u003Ccode>atk.settings.js\u003C\u002Fcode>\u003Cbr \u002F>\n    – our plugin’s settings page logic (un-minified)\u003C\u002Fp>\n\u003Cp>— \u003Cstrong>CSS sources\u003C\u002Fstrong> (in \u003Ccode>assets\u002Fadmin\u002Fcss\u002F\u003C\u002Fcode>):\u003Cbr \u002F>\n  • \u003Ccode>tailwind-admin.css\u003C\u002Fcode>\u003Cbr \u002F>\n    – compiled Tailwind CSS for admin pages (un-minified)\u003Cbr \u002F>\n  • \u003Ccode>atk.custom.css\u003C\u002Fcode>\u003Cbr \u002F>\n    – plugin custom overrides (un-minified)\u003Cbr \u002F>\n  • \u003Ccode>atk.notifications.css\u003C\u002Fcode>\u003Cbr \u002F>\n    – notification panel styles (un-minified)\u003Cbr \u002F>\n  • \u003Ccode>atk.settings.css\u003C\u002Fcode>\u003Cbr \u002F>\n    – settings page styles (un-minified)\u003C\u002Fp>\n\u003Cp>— \u003Cstrong>Production assets enqueued\u003C\u002Fstrong> by the plugin:\u003Cbr \u002F>\n  • all \u003Ccode>.min.js\u003C\u002Fcode> files from \u003Ccode>assets\u002Fadmin\u002Fjs\u002F\u003C\u002Fcode>\u003Cbr \u002F>\n  • all \u003Ccode>.css\u003C\u002Fcode> files from \u003Ccode>assets\u002Fadmin\u002Fcss\u002F\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Updating Flowbite\u003C\u002Fh3>\n\u003Cp>When you want to bump to the latest Flowbite:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Install or update Flowbite\u003C\u002Fstrong>\u003Cbr \u002F>\nFrom your plugin root, run:\u003Cbr \u002F>\nnpm install flowbite\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Copy the JS files\u003C\u002Fstrong>\u003Cbr \u002F>\nOverwrite the ones in your plugin:\u003Cbr \u002F>\ncp node_modules\u002Fflowbite\u002Fdist\u002Fflowbite.js     assets\u002Fadmin\u002Fjs\u002Fflowbite.js\u003Cbr \u002F>\ncp node_modules\u002Fflowbite\u002Fdist\u002Fflowbite.min.js assets\u002Fadmin\u002Fjs\u002Fflowbite.min.js\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Verify & Commit\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>flowbite.js\u003C\u002Fcode> is the human-readable source.  \u003C\u002Fli>\n\u003Cli>\u003Ccode>flowbite.min.js\u003C\u002Fcode> is the minified, production file.\u003Cbr \u002F>\nLoad your plugin in WP Admin and confirm all interactions still work.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is released under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GPLv2 (or later)\u003C\u002Fa>. Free to use, modify, and redistribute.\u003C\u002Fp>\n","User activity log for WordPress — track logins, edits, and admin actions with real-time alerts, audit trail, and AI-powered summaries.",20,748,"2026-03-10T06:13:00.000Z","6.4","8.0",[95,96,97,98,99],"activity-log","audit-trail","login-monitor","user-activity-log","wordpress-security","https:\u002F\u002Factivitytrack.ai\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factivity-track.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":11,"downloaded":110,"rating":13,"num_ratings":13,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":119,"download_link":120,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"dreamcore-monitor","DreamCore Monitor","1.1.0","ifsolutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fhasiprabhath1997\u002F","\u003Cp>DreamCore Monitor is a powerful WordPress monitoring plugin that provides comprehensive insights into your website’s security, performance, and integrity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>External Services\u003C\u002Fstrong>: This plugin connects to external services including ip-api.com for IP geolocation, api.wordpress.org for WordPress core information, and api.github.com for enhanced plugin analysis. See the “External Services” section below for complete details about data transmission and privacy.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login Monitoring\u003C\u002Fstrong> – Track successful and failed login attempts with detailed information including IP addresses, user agents, and geographic data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Core Status\u003C\u002Fstrong> – Monitor WordPress version and check for available updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Monitoring\u003C\u002Fstrong> – Track active plugins, their versions, and available updates with intermediate version information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme Monitoring\u003C\u002Fstrong> – Monitor active theme status and available updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Integrity Checking\u003C\u002Fstrong> – Verify WordPress core files against official checksums to detect unauthorized modifications\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Integration\u003C\u002Fstrong> – Monitor recent orders when WooCommerce is active\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Support\u003C\u002Fstrong> – External access to monitoring data via secure API endpoints\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sync Functionality\u003C\u002Fstrong> – Incremental data synchronization with external monitoring systems\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>API key verification with external monitoring systems\u003C\u002Fli>\n\u003Cli>Secure authentication for REST API endpoints\u003C\u002Fli>\n\u003Cli>Input sanitization and validation\u003C\u002Fli>\n\u003Cli>File integrity monitoring with checksum verification\u003C\u002Fli>\n\u003Cli>Login attempt tracking with geographic information\u003C\u002Fli>\n\u003Cli>Nonce protection for form submissions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REST API Endpoints\u003C\u002Fh4>\n\u003Cp>When an API key is configured, the following endpoints are available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Fsite-info\u003C\u002Fcode> – General site information\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Flogins\u003C\u002Fcode> – Login attempt logs\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Flogins\u002Fsync\u003C\u002Fcode> – Incremental login data sync\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Fcore-version\u003C\u002Fcode> – WordPress core version status\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Fplugins\u003C\u002Fcode> – Active plugins information\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Fthemes\u003C\u002Fcode> – Theme information\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Fintegrity\u003C\u002Fcode> – File integrity check results\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fwp-site-monitor\u002Fv1\u002Forders\u003C\u002Fcode> – WooCommerce orders (if WooCommerce is active)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Website Security Monitoring\u003C\u002Fstrong> – Track login attempts and detect suspicious activity\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maintenance Management\u003C\u002Fstrong> – Monitor WordPress core, plugin, and theme updates across multiple sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Integrity Verification\u003C\u002Fstrong> – Detect unauthorized changes to WordPress core files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Monitoring Integration\u003C\u002Fstrong> – Connect with external monitoring systems via REST API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Store Monitoring\u003C\u002Fstrong> – Keep track of recent orders and store activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>Optional: WooCommerce plugin for order monitoring features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services to provide its functionality:\u003C\u002Fp>\n\u003Ch4>IP Geolocation Service (ip-api.com)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Obtain geographical location information for login monitoring and security analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent\u003C\u002Fstrong>: User’s IP address only\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Each time a user logs in to your WordPress site (if geolocation is enabled)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frequency\u003C\u002Fstrong>: Once per login attempt\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data retention\u003C\u002Fstrong>: This plugin does not store data from this service permanently\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: http:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service\u003C\u002Fstrong>: http:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Control\u003C\u002Fstrong>: Site administrators can disable geolocation in plugin settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Core API (api.wordpress.org)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Check for available WordPress core updates, plugin information, and core file checksums\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent\u003C\u002Fstrong>: Current WordPress version, site URL (as User-Agent header), plugin slugs, and locale information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: During scheduled update checks and plugin analysis (typically daily)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frequency\u003C\u002Fstrong>: Multiple times per day during normal plugin operation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data retention\u003C\u002Fstrong>: This plugin does not store data from this service permanently\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fgpl\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Control\u003C\u002Fstrong>: This is essential for plugin functionality and cannot be disabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GitHub API (api.github.com)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Analyze plugin update information from GitHub repositories for enhanced update type detection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent\u003C\u002Fstrong>: Repository information and release data requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: During plugin update analysis (when available)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frequency\u003C\u002Fstrong>: During plugin update checks (typically daily)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data retention\u003C\u002Fstrong>: This plugin caches repository information temporarily (24 hours)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fdocs.github.com\u002Fen\u002Fsite-policy\u002Fprivacy-policies\u002Fgithub-privacy-statement\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fdocs.github.com\u002Fen\u002Fsite-policy\u002Fgithub-terms\u002Fgithub-terms-of-service\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Control\u003C\u002Fstrong>: This is part of the enhanced plugin analysis feature\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Data Handling and Privacy\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Local Storage\u003C\u002Fstrong>: All monitoring data is stored locally in your WordPress database\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Personal Data\u003C\u002Fstrong>: The plugin does not collect personal user information beyond what’s necessary for monitoring\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Retention\u003C\u002Fstrong>: Login logs are automatically deleted based on your configured retention period (default: 90 days)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Transmission\u003C\u002Fstrong>: Data is only sent to external services as described above\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Rights\u003C\u002Fstrong>: Site administrators can clear all plugin data at any time\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GDPR Compliance\u003C\u002Fh4>\n\u003Cp>This plugin respects user privacy and GDPR guidelines:\u003Cbr \u002F>\n* IP address geolocation is optional and can be disabled\u003Cbr \u002F>\n* Login monitoring data is stored locally and automatically purged\u003Cbr \u002F>\n* No personal data is transmitted to external services beyond IP addresses for geolocation\u003Cbr \u002F>\n* Users can request deletion of their monitoring data through the site administrator\u003C\u002Fp>\n\u003Ch4>Disabling External Services\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Geolocation\u003C\u002Fstrong>: Can be disabled in plugin settings (Settings > Geolocation)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress API\u003C\u002Fstrong>: Cannot be disabled as it’s essential for core functionality\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GitHub API\u003C\u002Fstrong>: Used automatically when available, no separate disable option\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Ch4>Data Collection\u003C\u002Fh4>\n\u003Cp>DreamCore Monitor collects and stores the following information locally in your WordPress database:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login Attempts\u003C\u002Fstrong>: Usernames, IP addresses, user agents, timestamps, and login success\u002Ffailure status\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Information\u003C\u002Fstrong>: WordPress version, plugin\u002Ftheme information, file checksums\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Data\u003C\u002Fstrong>: Order information if WooCommerce is active (order IDs, customer names, amounts, status)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>External Services\u003C\u002Fh4>\n\u003Cp>This plugin connects to external services as detailed in the “External Services” section above:\u003Cbr \u002F>\n* IP geolocation via ip-api.com (optional)\u003Cbr \u002F>\n* WordPress core information via api.wordpress.org (required)\u003Cbr \u002F>\n* GitHub repository analysis via api.github.com (automatic)\u003C\u002Fp>\n\u003Ch4>Data Retention\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login logs are automatically deleted based on your configured retention period (default: 90 days)\u003C\u002Fli>\n\u003Cli>System monitoring data is refreshed during each check\u003C\u002Fli>\n\u003Cli>External service data is not stored permanently\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>User Rights\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Site administrators can clear all plugin data at any time\u003C\u002Fli>\n\u003Cli>Geolocation can be disabled in plugin settings\u003C\u002Fli>\n\u003Cli>Users can request deletion of their login attempt data through the site administrator\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GDPR Compliance\u003C\u002Fh4>\n\u003Cp>This plugin respects user privacy and follows GDPR guidelines. No personal data is transmitted to external services except IP addresses for optional geolocation purposes..\u003C\u002Fp>\n","WordPress monitoring solution that tracks login attempts, core status, plugin updates, theme status, and file integrity.",258,"2025-09-25T08:02:00.000Z","6.7.5","5.0","7.4",[116,117,20,118,22],"admin","integrity","monitoring","https:\u002F\u002Fdreamcore360.com\u002Fwebsite\u002Fwebsite-health-monitor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdreamcore-monitor.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":11,"downloaded":129,"rating":26,"num_ratings":61,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":51,"tags":133,"homepage":137,"download_link":138,"security_score":139,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"email-login-attempts","Email Login Attempts","1.1.1","tildemark","https:\u002F\u002Fprofiles.wordpress.org\u002Ftildemark\u002F","\u003Cp>This plugin will send an email whenever a someone tries to login via the WordPress login page.\u003C\u002Fp>\n\u003Ch4>Todos\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add admin page\u003C\u002Fli>\n\u003Cli>Specify recipient email addresses\u003C\u002Fli>\n\u003Cli>determine if failed or success login attempt\u003C\u002Fli>\n\u003Cli>Limit login attempts before sending email\u003C\u002Fli>\n\u003Cli>Do not send email on Whitelisted ip addresses\u003C\u002Fli>\n\u003Cli>Ability provide or change the default sender address\u003C\u002Fli>\n\u003Cli>Ability to block IP addresses\u003C\u002Fli>\n\u003Cli>Determine the location where the IP is coming from\u003C\u002Fli>\n\u003Cli>open to suggestions\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin will send an email whenever a someone tries to login via the WordPress login page.",2070,"2015-05-19T01:28:00.000Z","4.2.39","3.0.1",[134,135,136,20,22],"alerts","brute-force","email","http:\u002F\u002Fcazimiweb.com\u002Fplugin\u002Femail-login-attempts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-login-attempts.1.1.1.zip",85,{"attackSurface":141,"codeSignals":166,"taintFlows":174,"riskAssessment":175,"analyzedAt":185},{"hooks":142,"ajaxHandlers":162,"restRoutes":163,"shortcodes":164,"cronEvents":165,"entryPointCount":13,"unprotectedCount":13},[143,149,153,158],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","admin_init","ltgntf_register_settings","admin\\settings-page.php",21,{"type":144,"name":150,"callback":151,"file":147,"line":152},"admin_menu","ltgntf_add_settings_menu",39,{"type":154,"name":155,"callback":156,"priority":11,"file":157,"line":89},"filter","plugin_row_meta","ltgntf_plugin_row_meta","login-telegram-notifier.php",{"type":144,"name":159,"callback":160,"priority":11,"file":157,"line":161},"wp_login","ltgntf_handle_login",44,[],[],[],[],{"dangerousFunctions":167,"sqlUsage":168,"outputEscaping":170,"fileOperations":13,"externalRequests":60,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":173},[],{"prepared":13,"raw":13,"locations":169},[],{"escaped":171,"rawEcho":13,"locations":172},75,[],[],[],{"summary":176,"deductions":177},"The \"login-telegram-notifier\" v1.3.2 plugin demonstrates a generally strong security posture based on the static analysis.  The absence of dangerous functions, SQL queries without prepared statements, and entirely escaped output are significant strengths.  Furthermore, the plugin has no recorded vulnerability history, which is a positive indicator.  However, the analysis reveals two external HTTP requests, which, without further context on their purpose and implementation, represent a potential area of concern as they could be exploited for various attacks if not handled securely.  The lack of nonce checks and capability checks, while not immediately presenting a risk given the zero attack surface, signifies a potential weakness if the plugin were to introduce entry points in the future without proper authentication and authorization mechanisms.",[178,181,183],{"reason":179,"points":180},"External HTTP requests (2)",5,{"reason":182,"points":180},"Missing nonce checks",{"reason":184,"points":180},"Missing capability checks","2026-03-17T01:26:21.547Z",{"wat":187,"direct":192},{"assetPaths":188,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[],[],[],[],{"cssClasses":193,"htmlComments":194,"htmlAttributes":195,"restEndpoints":196,"jsGlobals":197,"shortcodeOutput":198},[],[],[],[],[],[]]