[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgVVEPbxr4asdgIMp-XfubxRz0nJqkR-CUXhe3jzdYjk":3,"$f0Yjr1_odbDhD9EFFab3wtIQYGXyDjwemFXfBssrqZvk":218,"$fCOQzeEX99S8i4U0giMNVyPL8ypYhqZkLmAd_V46xvYw":223},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":38,"analysis":140,"fingerprints":190},"mixed-content","Mixed Content","1.0.0","Mubeen Khan","https:\u002F\u002Fprofiles.wordpress.org\u002Fmubeenkhan\u002F","","this free plugin will fix your mixed content issue after install SSL. . It replaces all http:\u002F\u002F with https:\u002F\u002F in any output. Nothing to configure",30,1544,20,1,"2021-10-26T16:27:00.000Z","5.8.13","3.3","7.0",[20,4,21,22,23],"mixed","seo","ssl","ssl-mixed-content","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmixed-content\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmixed-content.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":26,"avg_patch_time_days":11,"trust_score":36,"computed_at":37},"mubeenkhan",3,130,84,"2026-05-20T05:17:04.062Z",[39,61,81,102,120],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":49,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"jsm-force-ssl","JSM Force HTTP to HTTPS \u002F SSL – No Setup, Fast and Reliable","3.5.0","JS Morisset","https:\u002F\u002Fprofiles.wordpress.org\u002Fjsmoriss\u002F","\u003Cp>\u003Cstrong>A simple, safe, and reliable way to force HTTP URLs to HTTPS dynamically:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>No setup required – simply activate the plugin to force HTTP URLs to HTTPS.\u003C\u002Fp>\n\u003Cp>There are no plugin settings to adjust, and no changes are made to your WordPress configuration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>SIGNIFICANTLY FASTER than other popular plugins of this type:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Other well known plugins use \u003Ca href=\"https:\u002F\u002Fsecure.php.net\u002Fmanual\u002Fen\u002Ffunction.ob-start.php\" rel=\"nofollow ugc\">PHP’s output buffer\u003C\u002Fa> to search & replace URLs in the rendered HTML, which is a technique that is error prone and \u003Cem>negatively affects caching performance\u003C\u002Fem> (as changes are not cached).\u003C\u002Fp>\n\u003Cp>This plugin uses standard WordPress filters instead of PHP’s output buffer for maximum reliability, performance, caching compatibility, and uses 301 permanent redirects for best SEO results (\u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FHTTP_301\" rel=\"nofollow ugc\">301 redirects are considered best for SEO when moving from HTTP to HTTPS\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supports advanced proxy \u002F load-balancing HTTP headers:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>X-Forwarded-Proto\u003C\u002Fcode> (aka \u003Ccode>HTTP_X_FORWARDED_PROTO\u003C\u002Fcode> server value)\u003C\u002Fli>\n\u003Cli>\u003Ccode>X-Forwarded-Ssl\u003C\u002Fcode> (aka \u003Ccode>HTTP_X_FORWARDED_SSL\u003C\u002Fcode> server value)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FHTTP\u002FHeaders\u002FX-Forwarded-Proto\" rel=\"nofollow ugc\">Web technology for developers > HTTP > HTTP headers > X-Forwarded-Proto\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Plugin Requirements\u003C\u002Fh4>\n\u003Cp>Your web server must already be configured with an SSL certificate and able to handle HTTPS connections. 😉\u003C\u002Fp>\n","No setup required - simply activate to force HTTP URLs to HTTPS using native WordPress filters and permanent redirects for best SEO.",7000,105937,100,13,"2026-03-25T12:11:00.000Z","6.9.4","6.0","7.4.33",[56,57,4,58,21],"force-ssl","insecure-content","redirect","https:\u002F\u002Fsurniaulula.com\u002Fextend\u002Fplugins\u002Fjsm-force-ssl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjsm-force-ssl.3.5.0.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":52,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":79,"download_link":80,"security_score":49,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"ssl-insecure-content-fixer","SSL Insecure Content Fixer","2.7.2","webaware","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebaware\u002F","\u003Cp>Clean up your WordPress website’s HTTPS insecure content and mixed content warnings. Installing the SSL Insecure Content Fixer plugin will solve most insecure content warnings with little or no effort. The remainder can be diagnosed with a few simple tools.\u003C\u002Fp>\n\u003Cp>When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.\u003C\u002Fp>\n\u003Cp>WordPress Multisite gets a network settings page. This can be used to set default settings for all sites within a network, so that network administrators only need to specify settings on sites that have requirements differing from the network defaults.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fssl.webaware.net.au\u002F\" rel=\"nofollow ugc\">SSL Insecure Content Fixer website\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Many thanks to the generous efforts of our translators:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bulgarian (bg_BG) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fbg\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Bulgarian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Chinese simplified (zh_CN) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fzh-cn\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Chinese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_CA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-ca\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (Canadian) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_GB) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-gb\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (British) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (en_ZA) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fen-za\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the English (South African) translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fnl\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Dutch translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (de_DE) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fde\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the German translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>French (fr_FR) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Ffr\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the French translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (it_IT) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fit\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Italian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese (ja) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fja\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Japanese translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fru\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Russian translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) — \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Flocale\u002Fes\u002Fdefault\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">the Spanish translation team\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you’d like to help out by translating this plugin, please \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fssl-insecure-content-fixer\" rel=\"nofollow ugc\">sign up for an account and dig in\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>SSL Insecure Content Fixer does not collect any personally identifying information, and does not set any cookies.\u003C\u002Fp>\n","Clean up WordPress website HTTPS insecure content",100000,2654218,96,221,"2025-12-14T04:38:00.000Z","4.0","5.3",[77,57,4,78,22],"https","partially-encrypted","https:\u002F\u002Fssl.webaware.net.au\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-insecure-content-fixer.2.7.2.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":52,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":98,"download_link":99,"security_score":100,"vuln_count":14,"unpatched_count":27,"last_vuln_date":101,"fetched_at":29},"wp-force-ssl","WP Force SSL & HTTPS SSL Redirect","1.68","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F?ref=wporg\" rel=\"nofollow ugc\">WP Force SSL\u003C\u002Fa> helps you redirect insecure HTTP traffic to secure HTTPS and fix SSL errors \u003Cstrong>without touching any code\u003C\u002Fstrong>. Activate Force SSL and everything will be set and SSL enabled. The entire site will move to HTTPS using your SSL certificate. It works with any SSL certificate. It can be free SSL certificate from Let’s Encrypt or a paid SSL certificate.\u003C\u002Fp>\n\u003Cp>How to add SSL & enable SSL? Most hosting companies support the free SSL certificate from Let’s Encrypt, so login to your hosting panel and add SSL certificate. You’ll see a button labeled “Add SSL Certificate” or “Add Let’s Encrypt Certificate” and after that it’s 1 click to have the SSL enabled on your site with WP Force SSL. If that doesn’t work get \u003Ca href=\"https:\u002F\u002Fwpforcessl.com\u002F\" rel=\"nofollow ugc\">WP Force SSL PRO\u003C\u002Fa> and it’ll generate free SSL certificate for your site. And will regenerate SSL certificate every 90 days.\u003C\u002Fp>\n\u003Cp>Access WP Force SSL settings via the main Settings menu -> WP Force SSL.\u003C\u002Fp>\n\u003Ch4>SSL Tests available in the plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>is site on localhost?\u003C\u002Fli>\n\u003Cli>check SSL certificate\u003C\u002Fli>\n\u003Cli>check SSL certificate expiry date\u003C\u002Fli>\n\u003Cli>is latest version of Force SSL used?\u003C\u002Fli>\n\u003Cli>are known incompatible SSL plugins active?\u003C\u002Fli>\n\u003Cli>is WP address URL set for SSL?\u003C\u002Fli>\n\u003Cli>is WP home URL set for SSL?\u003C\u002Fli>\n\u003Cli>is SSL monitoring enabled (pro feature)\u003C\u002Fli>\n\u003Cli>is HTTPS redirection working?\u003C\u002Fli>\n\u003Cli>is file redirection working (pro feature)\u003C\u002Fli>\n\u003Cli>is HSTS enabled?\u003C\u002Fli>\n\u003Cli>check mixed-content issue (pro feature)\u003C\u002Fli>\n\u003Cli>is htaccess available & writable?\u003C\u002Fli>\n\u003Cli>is 404 redirection enabled (pro feature)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>redirect HTTP to HTTPS\u003C\u002Fli>\n\u003Cli>fix mixed-content (pro)\u003C\u002Fli>\n\u003Cli>enable HSTS\u003C\u002Fli>\n\u003Cli>force secure cookies (pro)\u003C\u002Fli>\n\u003Cli>cross-site scripting protection (pro)\u003C\u002Fli>\n\u003Cli>expect CT header\u003C\u002Fli>\n\u003Cli>X-Frame options\u003C\u002Fli>\n\u003Cli>show WP Force SSL menu in admin bar\u003C\u002Fli>\n\u003Cli>show WP Force SSL widget in admin dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SSL certificate testing tool\u003C\u002Fh4>\n\u003Cp>WP Force SSL comes with an SSL certificate testing tool. It tests if the SSL certificate is valid, properly installed & up-to date.\u003C\u002Fp>\n\u003Ch4>Need support?\u003C\u002Fh4>\n\u003Cp>We’re here for you! Things get frustrating when they don’t work so make sure you \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-force-ssl\u002F\" rel=\"ugc\">open a support topic\u003C\u002Fa> in the official Force SSL forum. We answer all questions within a few hours!\u003C\u002Fp>\n\u003Ch4>External Assets\u003C\u002Fh4>\n\u003Cp>A big thank you to \u003Ca href=\"https:\u002F\u002Fsweetalert2.github.io\u002F\" rel=\"nofollow ugc\">SweetAlert2\u003C\u002Fa> authors which we use to make alerts nicer. And to \u003Ca href=\"https:\u002F\u002Fdepositphotos.com\u002F248496280\u002Fstock-illustration-online-payment-protection-system-concept.html\" rel=\"nofollow ugc\">DepositPhotos\u003C\u002Fa> for the lovely header image.\u003C\u002Fp>\n","Enable SSL & HTTPS redirect with 1 click! Add SSL certificate & WP Force SSL to redirect site from HTTP to HTTPS & fix SSL errors.",90000,1752139,94,179,"2025-12-03T20:17:00.000Z","4.6","5.2",[56,77,4,22,97],"ssl-certificate","https:\u002F\u002Fwpforcessl.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-force-ssl.1.68.zip",99,"2024-06-07 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":52,"requires_at_least":94,"requires_php":9,"tags":115,"homepage":117,"download_link":118,"security_score":100,"vuln_count":14,"unpatched_count":27,"last_vuln_date":119,"fetched_at":29},"one-click-ssl","One Click SSL","1.7.7","Tribulant Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fcontrid\u002F","\u003Cp>A simple and easy to use WordPress SSL plugin which will redirect all non-SSL pages to SSL\u002FTLS and ensure that all resources on your SSL pages are loaded over SSL as well.\u003C\u002Fp>\n\u003Cp>It includes a user-friendly setup wizard upon activation to check if SSL is supported on the hosting\u002Fserver before it allows the SSL to be enabled and that ensures that the website doesn’t become inaccessible if SSL is not supported.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check if SSL\u002FTLS is supported on hosting\u002Fserver\u003C\u002Fli>\n\u003Cli>Enable SSL with a single click\u003C\u002Fli>\n\u003Cli>Redirects all non-SSL URLs to https:\u002F\u002F\u003C\u002Fli>\n\u003Cli>Converts all non-SSL resources (images, scripts, stylesheets, etc.) to https:\u002F\u002F on pages\u003C\u002Fli>\n\u003Cli>Redirect to non-SSL if SSL is not enabled\u003C\u002Fli>\n\u003Cli>Multisite network compatibility (enable SSL for all sites from one location)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See our \u003Ca href=\"https:\u002F\u002Ftribulant.com\u002Fdocs\u002Fone-click-ssl-plugin\u002F11098\" rel=\"nofollow ugc\">online documentation\u003C\u002Fa> for more details and detailed instructions.\u003C\u002Fp>\n","Enable SSL\u002FTLS (https:\u002F\u002F) to redirect all pages to SSL\u002FTLS and load all resources over SSL\u002FTLS.",10000,305630,98,139,"2026-02-25T15:19:00.000Z",[77,4,58,116,22],"resources","https:\u002F\u002Ftribulant.com\u002Fplugins\u002Fview\u002F18\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fone-click-ssl.1.7.7.zip","2019-07-11 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":110,"downloaded":128,"rating":112,"num_ratings":129,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":137,"download_link":138,"security_score":49,"vuln_count":14,"unpatched_count":27,"last_vuln_date":139,"fetched_at":29},"ssl-zen","SSL Zen — SSL Certificate Installer & HTTPS Redirects","4.7.7","SSL Zen - Free SSL\u002FHTTPS","https:\u002F\u002Fprofiles.wordpress.org\u002Fsslzen\u002F","\u003Ch3>Secure your website with a Free Let’s Encrypt SSL certificate.\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FJk86wUqoOco?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsslzen.com\" rel=\"nofollow ugc\">SSL Zen\u003C\u002Fa> is a ‘Free SSL certificate’ plugin that helps you to secure your website, protect your customer’s data and show your visitors you’re trustworthy and authentic.\u003C\u002Fp>\n\u003Cp>Manually installing a free Let’s Encrypt SSL certificate involves editing SSL configuration files on your web server and troubleshooting issues. With this plugin, you can follow a few steps to get your free Let’s Encrypt SSL certificate. No coding required, no more mixed content, or insecure content warnings. You require no special developer experience to move your HTTP web pages to HTTPS or to force SSL on your website.\u003C\u002Fp>\n\u003Ch4>Features of Free Version:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Generate a free SSL certificate by verifying your domain ownership\u003C\u002Fli>\n\u003Cli>Install the free SSL certificate on your server or cPanel by following our video tutorials\u003C\u002Fli>\n\u003Cli>Renew the free SSL certificate by re-verifying and re-installing the SSL certificate every 90 days\u003C\u002Fli>\n\u003Cli>Settings page that shows your SSL certificate validity duration\u003C\u002Fli>\n\u003Cli>Get an email reminder 30 days before the free SSL certificate expires\u003C\u002Fli>\n\u003Cli>Secure padlock in the browser using Let’s Encrypt™ Free SSL certificate\u003C\u002Fli>\n\u003Cli>SSL certificate is a ranking factor for search engines\u003C\u002Fli>\n\u003Cli>SSL certificate displays information about your domain name and is verified by Let’s Encrypt™\u003C\u002Fli>\n\u003Cli>Enable secure payment processing on websites with SSL certificates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: The free version requires you to manually verify your domain name with \u003Ca href=\"https:\u002F\u002Fletsencrypt.org\" rel=\"nofollow ugc\">Let’s Encrypt\u003C\u002Fa> by uploading a file on your server. You will also need to upload the free SSL certificate on your server and configure them. SSL certificate from Let’s Encrypt is only valid for \u003Ca href=\"https:\u002F\u002Fletsencrypt.org\u002F2015\u002F11\u002F09\u002Fwhy-90-days.html\" rel=\"nofollow ugc\">90 days\u003C\u002Fa> and need to be manually renewed. If you fail to renew your free SSL certificate, your website will start showing a not secure warning to the visitors.\u003C\u002Fp>\n\u003Cp>If you want the plugin to automatically install the SSL certificate and auto-renew it, please check the premium version of the plugin.\u003C\u002Fp>\n\u003Ch4>Features of Premium Version:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic Domain Verification\u003C\u002Fli>\n\u003Cli>Automatic free SSL Certificate Generation\u003C\u002Fli>\n\u003Cli>Automatic free SSL Certificate Installation\u003C\u002Fli>\n\u003Cli>Automatic free SSL Certificate Renewal\u003C\u002Fli>\n\u003Cli>Automatic HTTPS redirection\u003C\u002Fli>\n\u003Cli>Accelerate your website with StackPath’s Global Content Delivery Network\u003C\u002Fli>\n\u003Cli>Premium Support – Live Chat, Email Support\u003C\u002Fli>\n\u003Cli>Spam Protection\u003C\u002Fli>\n\u003Cli>Brute-Force Protection\u003C\u002Fli>\n\u003Cli>Forces Browser Validation on traffic anomalies\u003C\u002Fli>\n\u003Cli>Performs Real-time threat intelligence for IP addresses, source location, and information on malicious IPs.\u003C\u002Fli>\n\u003Cli>Patches known vulnerabilities in the Apache Struts framework by blocking requests suspected of exploiting these vulnerabilities\u003C\u002Fli>\n\u003Cli>Enables a set of rules designed to block common WordPress exploits\u003C\u002Fli>\n\u003Cli>Blocks clients performing multiple injection attacks.\u003C\u002Fli>\n\u003Cli>Blocks Probing and Forced Browsing\u003C\u002Fli>\n\u003Cli>Blocks SQL injection attack attempts\u003C\u002Fli>\n\u003Cli>Blocks Cross-Site-Scripting (XSS) attack attempts\u003C\u002Fli>\n\u003Cli>Blocks Shellshock attack attempts\u003C\u002Fli>\n\u003Cli>Blocks requests suspected of being a Remote File Inclusion attempt\u003C\u002Fli>\n\u003Cli>Blocks requests suspected of a Local File Inclusion attempt\u003C\u002Fli>\n\u003Cli>Blocks attempts to access and potentially harm your servers through backdoors\u003C\u002Fli>\n\u003Cli>Blocks requests suspected of web shell attempts\u003C\u002Fli>\n\u003Cli>Blocks requests suspected of Response header injection attempts\u003C\u002Fli>\n\u003Cli>Blocks Invalid User Agents\u003C\u002Fli>\n\u003Cli>Blocks Unknown User Agents\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fsslzen.com\u002F#pricing\" rel=\"nofollow ugc\">CLICK HERE TO THE BUY PREMIUM VERSION\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Why get an SSL certificate?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Trust – Starting from July 2018, Google Chrome has begun to mark all non-SSL websites as ‘Not-Secure’. When your users see the broken padlock, their trust wavers!\u003C\u002Fli>\n\u003Cli>Security – SSL certificate provides authentication, trust and compliance. If your customer is filling out forms, or making payments on your website, you need an SSL certificate to protect sensitive data from eavesdroppers.\u003C\u002Fli>\n\u003Cli>SEO – Google ranks SSL-enabled websites higher than unsecured websites. Hence, securing your website also helps get you on top of Google’s search results.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Facing problems with the plugin?\u003C\u002Fh4>\n\u003Cp>We have detailed documentation for the most common issues you might face while installing SSL using our plugin. Please visit our documentation site at \u003Ca href=\"https:\u002F\u002Fdocs.sslzen.com\u002F\" rel=\"nofollow ugc\">docs.sslzen.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Please leave a review\u003C\u002Fh4>\n\u003Cp>If our plugin helped you secure your website, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fssl-zen\u002Freviews\u002F#new-post\" rel=\"ugc\">review here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For more information about our plugin, please visit \u003Ca href=\"https:\u002F\u002Fsslzen.com\" rel=\"nofollow ugc\">sslzen.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Want SSL Zen plugin in your language?\u003C\u002Fh4>\n\u003Cp>You can directly translate the plugin in your language \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fssl-zen\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003Cbr \u002F>\nWhen you add translations, get in touch with us as we will get you listed as a Project Translation Editor for our plugin.\u003C\u002Fp>\n\u003Ch4>Legal:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>By downloading our plugin, You agree to Let’s Encrypt® \u003Ca href=\"https:\u002F\u002Fletsencrypt.org\u002Fdocuments\u002FLE-SA-v1.2-November-15-2017.pdf\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>By downloading our plugin, You agree to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyourivw\u002FLEClient\u002Fblob\u002Fmaster\u002FLICENSE\" rel=\"nofollow ugc\">LEClient license terms\u003C\u002Fa>, a PHP LetsEncrypt client library to verify domain ownership and generate an SSL certificate for your website.\u003C\u002Fli>\n\u003Cli>We use \u003Ca href=\"https:\u002F\u002Fletsdebug.net\u002F\" rel=\"nofollow ugc\">Let’s Debug\u003C\u002Fa> API, a diagnostic tool to help figure out why you might not be able to issue a certificate for Let’s Encrypt®.\u003C\u002Fli>\n\u003Cli>We use \u003Ca href=\"https:\u002F\u002Ffreemius.com\" rel=\"nofollow ugc\">Freemius\u003C\u002Fa> to collect non-sensitive diagnostic data about your website should you opt-in.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Internet Security Research Group™, Let’s Encrypt®, ISRG™ are trademarks of the Internet Security Research Group. StackPath®, EdgeSSL™ are trademarks of StackPath, LLC. All rights reserved.\u003C\u002Fp>\n","Helps install a free Let's Encrypt SSL certificate, redirects HTTP to HTTPS and forces SSL on all pages.",1082641,663,"2025-12-10T11:50:00.000Z","6.6.5","4.2","5.6",[135,136,77,4,22],"free-ssl","free-ssl-certificate","https:\u002F\u002Fsslzen.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fssl-zen.4.7.7.zip","2024-04-17 00:00:00",{"attackSurface":141,"codeSignals":173,"taintFlows":183,"riskAssessment":184,"analyzedAt":189},{"hooks":142,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":172,"entryPointCount":27,"unprotectedCount":27},[143,149,153,158,163],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","plugins_loaded","mk_mixed_content_buffer_start","includes\\mixed-content-functions.php",11,{"type":144,"name":150,"callback":151,"file":147,"line":152},"shutdown","mk_mixed_content_buffer_end",16,{"type":144,"name":154,"callback":155,"file":156,"line":157},"in_plugin_update_message-mixed-content\u002Fmixed-content.php","mk_mixed_content_update_warning","mixed-content.php",137,{"type":144,"name":159,"callback":160,"priority":161,"file":156,"line":162},"init","mk_mixed_content_load_textdomain",5,138,{"type":164,"name":165,"callback":166,"priority":167,"file":156,"line":168},"filter","plugin_row_meta","mk_mixed_content_description_links",10,140,[],[],[],[],{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":177,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":182},[],{"prepared":27,"raw":27,"locations":176},[],{"escaped":27,"rawEcho":14,"locations":178},[179],{"file":156,"line":180,"context":181},149,"raw output",[],[],{"summary":185,"deductions":186},"The \"mixed-content\" plugin v1.0.0 presents a generally positive security posture based on the static analysis provided.  The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface.  Furthermore, the code signals indicate a responsible approach to data handling, with no dangerous functions identified, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests.  The lack of identified taint flows, including those with unsanitized paths, is a strong indicator of secure coding practices regarding data sanitization and validation.  The plugin also boasts a clean vulnerability history, with no recorded CVEs, which suggests a well-maintained and secure codebase.\n\nHowever, a critical concern arises from the output escaping analysis. With one total output and 0% properly escaped, this indicates a potential for Cross-Site Scripting (XSS) vulnerabilities. Any data outputted by the plugin that is not properly escaped could be manipulated by an attacker to inject malicious scripts, impacting users who interact with the compromised site.  While the attack surface is minimal and the vulnerability history is excellent, this single unescaped output represents a significant, albeit isolated, risk that needs immediate attention.  In conclusion, while the plugin demonstrates strong adherence to secure coding principles in most areas, the lack of output escaping is a glaring weakness that overshadows its otherwise robust security.",[187],{"reason":188,"points":161},"Unescaped output detected","2026-03-16T22:33:01.482Z",{"wat":191,"direct":196},{"assetPaths":192,"generatorPatterns":193,"scriptPaths":194,"versionParams":195},[],[],[],[],{"cssClasses":197,"htmlComments":198,"htmlAttributes":214,"restEndpoints":215,"jsGlobals":216,"shortcodeOutput":217},[],[199,200,201,202,203,204,205,206,207,208,209,210,211,212,213],"\u003C!-- Here we are adding plugin final class -->","\u003C!-- Mixed Content Expire version -->","\u003C!-- Mixed Content Expire text domain -->","\u003C!-- Not allowed -->","\u003C!-- Define -->","\u003C!-- Require File -->","\u003C!-- Construct -->","\u003C!-- Define Constants -->","\u003C!-- Here we define all plugin dir paths -->","\u003C!-- Include Plugin Files -->","\u003C!-- WordPress -->","\u003C!-- Plugin Update Warning -->","\u003C!-- Load Plugin Textdomain -->","\u003C!-- Plugin Links -->","\u003C!-- Plugin Description Links -->",[],[],[],[],{"error":219,"url":220,"statusCode":221,"statusMessage":222,"message":222},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmixed-content\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":224},[]]