[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHaWlV-yDU_rjBke-Vh4O4Xn5FtI8dbWgJFBeehlryKs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":141,"fingerprints":337},"mm-login-customization","MM Login Customization","1.4","samarpitabhattacharya","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamarpitabhattacharya\u002F","\u003Cp>✤ Websites get hacked every day. Being secure in the online world becomes more and more important every day and it is vital to protect your website and the data it holds now. This plugin helps web-admins to protect their WordPress website in a specific way.\u003C\u002Fp>\n\u003Cp>✤ Before taking a look at the detailed description of the plugin, let’s check the URL of the demo page. \u003Ca href=\"https:\u002F\u002Fwww.betatesting.net\u002Fprojects\u002Fmm_login_customization\u002F2fal2b6q\" rel=\"nofollow ugc\">Click Here\u003C\u002Fa>, let’s see what this plugin can do.\u003C\u002Fp>\n\u003Cp>✤ The default admin login URL of any website developed in WordPress is with ..\u002Fwp-admin or ..\u002Fwp-login.php. The problem is, this type of admin log-in makes the WordPress admin section predictable and hence vulnerable. Using this vulnerability, an unauthenticated person can breach the admin section of the website. These unauthenticated breaches not only damages the reputation of the website but also offers the miscreants a chance to misuse sensitive and important information.\u003C\u002Fp>\n\u003Cp>✤ This plug-in ensures that such breaches never happen to your website. It ensures the security of your website admin login section as well as the website data. Using this plugin, you can generate dynamic admin URLs for login and choose a template for the custom login page as well. This login masks wp-login.php and wp-admin during the login process.\u003C\u002Fp>\n\u003Cp>✤ The admin of the website can change the login URL frequently by deactivating the old URL with subsequent activation of the plugin status. Once that is done, save the newly activated plugin status. This plug-in generates different admin log-in URLs for every website. This feature ensures that the miscreants cannot predict the admin log-in URL of your website.\u003C\u002Fp>\n\u003Cp>✤ Procedure ✤\u003Cbr \u002F>\nActive plugin MM Login Customization -> Go to menu option named MM Login Customization -> Choose settings -> Active option from Status tab -> Save URL -> Copy auto generated admin link for future login\u003Cbr \u002F>\nYou may choose template from Choose Template tab for admin login page look and feel.\u003C\u002Fp>\n\u003Cp>For any query please email us at – \u003Ca href=\"mailto:wordpress@matrixnmedia.com\" rel=\"nofollow ugc\">wordpress@matrixnmedia.com\u003C\u002Fa>\u003C\u002Fp>\n","To hide admin login url by this plugin auto generated URL and make secure your site and it's data. You may frequenty change the URL for your site &hellip;",0,1928,"2020-07-09T13:05:00.000Z","5.4.19","5.0","7.0",[18,19,20,21,22],"change-admin-url","hide-admin","hide-wp-admin","hide-wp-login","security-plugin","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmm-login-customization.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,30,84,"2026-04-04T00:38:27.624Z",[35,51,76,98,120],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":11,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":15,"requires_php":46,"tags":47,"homepage":49,"download_link":50,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"obfuscate-admin","Obfuscate Admin","1.0.1","Jason White","https:\u002F\u002Fprofiles.wordpress.org\u002Fijasonwhite\u002F","\u003Cp>You want to stop users from accessing the wp-admin of your WordPress installation.\u003C\u002Fp>\n\u003Cp>Obfoscate WordPress admin url and prevent casual discovery. Returns 404 status from direct requests to \u002Fwp-admin on non-whitelisted host\u003C\u002Fp>\n\u003Ch3>History\u003C\u002Fh3>\n\u003Cp>1.0 Original Version\u003C\u002Fp>\n\u003Cp>1.0.1 – added obfuscation protection for \u002Fwp-login.php – this was also casually discoverable in previous version\u003C\u002Fp>\n","You want to stop users from accessing the wp-admin of your WordPress installation. Obfoscate WordPress admin url and prevent casual discovery.",1110,"2019-04-21T22:57:00.000Z","5.1.22","5.6",[48,19,20,36],"hide","https:\u002F\u002Fjasonwhite.uk\u002Fplugins\u002Fobfuscate-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fobfuscate-admin.1.0.1.zip",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":46,"requires_php":65,"tags":66,"homepage":72,"download_link":73,"security_score":74,"vuln_count":30,"unpatched_count":11,"last_vuln_date":75,"fetched_at":27},"disable-admin-notices","Disable Admin Notices – Hide Dashboard Notifications","1.4.3","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>WordPress admin notices and dashboard notifications can quickly become overwhelming. Plugin alerts, theme warnings, update messages, and promotional notices often take up valuable space and disrupt your workflow. \u003Cstrong>Disable Admin Notices\u003C\u002Fstrong> gives you full control by letting you hide, remove, or disable admin notices across the entire dashboard.\u003C\u002Fp>\n\u003Cp>You can hide all notifications, disable selected notices only, or move everything into a clean compact bar so messages no longer clutter your admin screen. The plugin also lets you \u003Cstrong>disable plugin and theme update notifications\u003C\u002Fstrong>, \u003Cstrong>disable WordPress core update alerts\u003C\u002Fstrong>, manage which items appear in the admin bar, and even block redirect URLs used by some plugins to show ads or promotional pages.\u003C\u002Fp>\n\u003Cp>Whether you want a cleaner dashboard, fewer interruptions, or complete control over WordPress admin notifications, this plugin helps you keep your workspace organized and distraction-free.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Disable Admin Notices\u003C\u002Fstrong>\u003Cbr \u002F>\n– Disable admin notices globally or hide selected notifications only\u003Cbr \u002F>\n– Hide dashboard notices and show them in a single compact line\u003Cbr \u002F>\n– Option to display all admin notifications in the WordPress admin bar\u003Cbr \u002F>\n– Disable plugin update notifications\u003Cbr \u002F>\n– Disable WordPress core update notifications\u003Cbr \u002F>\n– Access all hidden notices anytime from the plugin dashboard\u003Cbr \u002F>\n– Reset or restore hidden notices at any time\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable Admin Bar Items\u003C\u002Fstrong>\u003Cbr \u002F>\n– Choose which items appear in the WordPress admin bar\u003Cbr \u002F>\n– Hide or remove unnecessary plugin, theme, or tool menu items to reduce clutter\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Block Ad Redirects\u003C\u002Fstrong>\u003Cbr \u002F>\n– Block specific redirect URLs to prevent plugins from sending you to ads or promotional screens\u003Cbr \u002F>\n– Avoid unexpected admin redirects when activating or updating plugins\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-admin-notices\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like this plugin, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Our blog is a great place to \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">learn more about WordPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">WordPress YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable admin notices and hide dashboard notifications from plugins, themes and core. Hide all notices, selected ones, or show them in a single line.",100000,1365060,94,348,"2026-02-17T09:11:00.000Z","6.9.4","7.4",[67,68,69,70,71],"admin-notices","hide-admin-notices","hide-admin-notifications","nnotifications","update-notifications","https:\u002F\u002Fclearfy.pro\u002Fdisable-admin-notices","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-admin-notices.1.4.3.zip",98,"2026-02-24 20:56:18",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":64,"requires_at_least":89,"requires_php":16,"tags":90,"homepage":94,"download_link":95,"security_score":61,"vuln_count":96,"unpatched_count":11,"last_vuln_date":97,"fetched_at":27},"secupress","SecuPress with Simple SSL – Simple and Performant Security","2.6","SecuPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fsecupress\u002F","\u003Ch4>Test it now!\u003C\u002Fh4>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fsecupress\u002F\" rel=\"nofollow ugc\">test SecuPress Free now\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>YOU MADE IT, WE KEEP IT SAFE!\u003C\u002Fh4>\n\u003Cp>The most advanced WordPress Protection on the market. SecuPress is focused on WordPress attacks and Malwares, not just “usual web protections” like many.\u003C\u002Fp>\n\u003Cp>Protect your WordPress with malware scans ; block bots & suspicious IPs. Get a complete \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">WordPress security toolkit\u003C\u002Fa> for free or as a pro plugin. SecuPress is GDPR compliant.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s the difference between free and pro version?\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you are proactive, our free WordPress security plugin is a great choice! No time to activate weekly scans? Then \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">SecuPress pro\u003C\u002Fa> is the way to go. Our plugin takes care of everything with automated tasks.\u003C\u002Fp>\n\u003Ch4>Here are some of our most popular features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Brute Force Login Protection\u003C\u002Fli>\n\u003Cli>Password Spraying Protection\u003C\u002Fli>\n\u003Cli>Firewall features\u003C\u002Fli>\n\u003Cli>Security alerts (1)\u003C\u002Fli>\n\u003Cli>Malware Scanner (1)\u003C\u002Fli>\n\u003Cli>Block country by geolocation (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>We have included some features you won’t find in most WordPress security plugins:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Protection of Security Keys\u003C\u002Fli>\n\u003Cli>Block visits from Bad Bots\u003C\u002Fli>\n\u003Cli>Vulnerable Plugins & Themes detection (1)\u003C\u002Fli>\n\u003Cli>Security Reports in PDF format (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can check out \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffaq\u002F\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa> or get in touch with our \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fsupport\u002F\" rel=\"nofollow ugc\">support\u003C\u002Fa>. Want to know all about SecuPress? You can read our documentation here: \u003Ca href=\"https:\u002F\u002Fdocs.secupress.me\" rel=\"nofollow ugc\">docs.secupress.me\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How will you know it works?\u003C\u002Fstrong>\u003Cbr \u002F>\nWell, we have a dedicated security scanner that will give you a clear security grade and report for your website. This way, you’ll know exactly what to fix.\u003C\u002Fp>\n\u003Ch4>WordPress Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Security Audit\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress is the only plugin with a full scanner able to fix the issues for you. And when it requires a decision from you, it will ask you before proceeding. With this feature, you can check 35 security points in 5 minutes and let us take care of the rest.\u003C\u002Fp>\n\u003Cp>Once done, you get a security grade that gives you a clear idea of what your security level is. You can export this analysis in PDF format to share with others (clients or colleagues) (1).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Users & Login\u003C\u002Fstrong>\u003Cbr \u002F>\nThis feature is the easiest way to make sure your users’ data is protected and to keep their accounts from being compromised. With this feature you can limit the number of bad login attempts, ban non-existing usernames login attempts and set a non-login time slot. SecuPress also makes sure you control the sessions of your users.\u003C\u002Fp>\n\u003Cp>SecuPress also adds a \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fblog\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">2FA\u003C\u002Fa> (Two Factor Authentication) because it’s almost a mandatory feature when it comes to WordPress security!\u003C\u002Fp>\n\u003Cp>The plugin also gives you greater user and password control as you can set:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Password lifetimes for your users.\u003C\u002Fli>\n\u003Cli>Enforce strong password use.\u003C\u002Fli>\n\u003Cli>Forbid the use of vague usernames like www or admin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tired of bots finding your WordPress login page? Finally, don’t let bots find your login page, just move it with the famous Move Login plugin, now included in SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins and Themes\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress helps you detect themes and plugins that are vulnerable or that have been tampered with to include malicious code. If you install one of these, your security module will send out an email alert and give you a warning in WordPress.\u003C\u002Fp>\n\u003Cp>SecuPress takes security further by limiting plugin activation, deactivation, installation and removal in your production (live) website. Plugin and theme uploads via .zip files will be on lockdown as well to block off this easy hacking route.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress reinforces the WordPress Core to keep it safe. The security plugin optimizes what’s under the hood to secure the config file by setting the proper parameters.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sensitive Data\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress secures content in many ways:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin secures WordPress Endpoints and APIs by blocking bad requests for XML-RPC or REST API.\u003C\u002Fli>\n\u003Cli>It blocks bad bots with its Robots Blackhole feature.\u003C\u002Fli>\n\u003Cli>It provides an anti-hotlink feature to preserve your bandwidth.\u003C\u002Fli>\n\u003Cli>The plugin packs 7 anti-disclose security modules to make sure no precious information is available to hackers in your PHP or WordPress itself.\u003C\u002Fli>\n\u003Cli>Profile and SecuPress settings pages are password protected to keep sensitive information away from prying eyes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Firewall\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SecuPress is one of the most efficient WordPress bouncer you’ll ever see!\u003C\u002Fli>\n\u003Cli>The plugin blocks malicious incoming requests.\u003C\u002Fli>\n\u003Cli>It blocks bad User Agents (no bad crawlers allowed).\u003C\u002Fli>\n\u003Cli>Bad requests methods also get the boot in a single click.\u003C\u002Fli>\n\u003Cli>URLs are kept in check: no bad URL contents.\u003C\u002Fli>\n\u003Cli>SQL injection scanners are kept out as well.\u003C\u002Fli>\n\u003Cli>Brute force attempts are stopped in their tracks.\u003C\u002Fli>\n\u003Cli>GeoIP Blocking by country gives you more control over your traffic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Malware Scan\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress has a unique malware scan developed by our security experts. It hunts down bad files and provides you with an easy step-by-step report that lets you take action. It looks into:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bad files in your FTP.\u003C\u002Fli>\n\u003Cli>Your uploads folder for dangerous files.\u003C\u002Fli>\n\u003Cli>Potential phishing attempts via \u003Ccode>index.php\u003C\u002Fcode> loads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Backups\u003C\u002Fstrong>\u003Cbr \u002F>\nWe know firsthand how painful it is to pick up the pieces after an attack damages your WordPress. SecuPress preserves your data to help you avoid lost content or settings if your website comes under attack. The plugin backs up your database and files and lets you download them to guarantee you peace of mind.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Anti Spam\u003C\u002Fstrong>\u003Cbr \u002F>\nDid you know that 60% of the traffic on the Internet is generated by bots? Most of them happen to be spam bots. We developed our own anti-spam system that works quietly in the background. Just activate it and enjoy a spam free experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Alerts\u003C\u002Fstrong>\u003Cbr \u002F>\nAlerts are an essential tool when your website is under attack. When something important happens on your website, SecuPress will send you an alert via email. We’re working on alerts via SMS, Slack & Twitter as well.\u003C\u002Fp>\n\u003Cp>You also receive a daily report that provides a debrief of the attempted attack and all the activities blocked by SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Security Tasks\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress can run 3 separate scheduled tasks for you. It’s like having a security patrol on your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Scanner:\u003C\u002Fstrong> SecuPress scans your website to detect any issues. After the scan is complete, you get a report in your inbox outlining any actions you have to take to protect your website.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Backup:\u003C\u002Fstrong> our team knows that everyone at one time or another forgets to back things up. We made it an automatic task to help ensure you always can recover from an attack with your content safe.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Malware Scan:\u003C\u002Fstrong> this security feature scans your website at regular intervals to hunt down any malware that may have gotten into your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress will keep a log of important security activities and 404 pages triggered by users, bots or even Chuck Norris. This lets you keep an eye on what’s going on in your WordPress at any time. You can also control banned IPs from this option.\u003C\u002Fp>\n\u003Cp>\u003Cem>(1) Available in the \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cem>(SecuPress est une extension de sécurité WordPress française)\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>Create a trust score for each non WP file and displays it\u003Cbr \u002F>\nCreate a “suspicious” status for alerts\u003Cbr \u002F>\nRevamp alerts\u003Cbr \u002F>\nRevamp logs\u003Cbr \u002F>\nAdd http logs\u003Cbr \u002F>\nPHP 8.O min\u003Cbr \u002F>\nreplace %s by ###USERNAME### in emails\u003Cbr \u002F>\n.htaccess scanner\u003Cbr \u002F>\nlogin rest disclose scanner\u003Cbr \u002F>\nmove EDD updater+white label into a mu to allow upgrade+rollback even with plugin deactivated\u003Cbr \u002F>\ngive possibility to rename logins\u003Cbr \u002F>\ntarget=”_blank” on doc links\u003Cbr \u002F>\nAI Scanner\u003Cbr \u002F>\nImprove malware scanner, again\u003C\u002Fp>\n","Protect your WordPress with SecuPress, analyze and ensure the safety of your website daily.",40000,1194523,82,108,"2026-01-16T10:56:00.000Z","5.4",[91,92,22,93],"malware","security","wordpress-security","https:\u002F\u002Fsecupress.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecupress.2.6.zip",6,"2025-04-28 00:00:00",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":46,"tags":113,"homepage":117,"download_link":118,"security_score":119,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"hide-admin-bar","Hide Admin Bar","1.0.2","David Vongries","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidvongries\u002F","\u003Cp>Hides the Admin Bar in WordPress 3.1+.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! You can now hide the WordPress admin bar for specific user roles!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What’s next?\u003C\u002Fh3>\n\u003Cp>If you like Hide Admin Bar, you will love our other, free WordPress products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbetteradminbar.com\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=bab\" rel=\"nofollow ugc\">Better Admin Bar\u003C\u002Fa>\u003C\u002Fstrong> – The plugin to make your clients enjoy WordPress. It replaces the default admin bar to provide the best possible user experience when editing & navigating a website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-pagebuilderframework.com\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=wpbf\" rel=\"nofollow ugc\">Page Builder Framework\u003C\u002Fa>\u003C\u002Fstrong> – A fast & minimalistic WordPress theme designed for the new WordPress era.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fultimatedashboard.io\u002F?utm_source=hide_admin_bar&utm_medium=repository&utm_campaign=udb\" rel=\"nofollow ugc\">Ultimate Dashboard\u003C\u002Fa>\u003C\u002Fstrong> – The #1 WordPress plugin to customize your WordPress dashboard and admin area.\u003C\u002Fli>\n\u003C\u002Ful>\n","Hide the Admin Bar in WordPress 3.1+.",20000,808109,88,29,"2025-11-04T09:02:00.000Z","6.8.5","3.1",[114,115,116,48,99],"admin","admin-bar","hidden","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-bar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar.1.0.2.zip",100,{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":106,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":64,"requires_at_least":132,"requires_php":46,"tags":133,"homepage":137,"download_link":138,"security_score":119,"vuln_count":139,"unpatched_count":11,"last_vuln_date":140,"fetched_at":27},"hide-admin-bar-based-on-user-roles","Hide Admin Bar Based on User Roles","7.1.0","Ankit Panchal","https:\u002F\u002Fprofiles.wordpress.org\u002Fankitmaru\u002F","\u003Cp>\u003Cstrong>Hide Admin Bar Based On User Roles\u003C\u002Fstrong> gives you complete control over who sees the WordPress toolbar.\u003C\u002Fp>\n\u003Cp>Whether you are running a membership site, a WooCommerce store, or simply want a cleaner frontend for your subscribers, this plugin lets you hide the admin bar with precision — by role, capability, device, page, or time. Stop exposing backend links to users who don’t need them.\u003C\u002Fp>\n\u003Cp>The plugin is lightweight, developer-friendly, and works immediately upon activation — no configuration required to get started.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F25WBldgArAk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_BAwxGVnKNY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple but great plugin. 🙂\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fsimple-but-great-plugin-12\u002F\" rel=\"ugc\">wptoolsdev\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Works flawlessly! 🙂\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fworks-flawlessly-129\u002F\" rel=\"ugc\">thebrazeneye\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>🚀 Key Features (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide for All Users:\u003C\u002Fstrong> Completely remove the admin bar from the frontend for everyone.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide for Guests:\u003C\u002Fstrong> Ensure non-logged-in visitors never see the toolbar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Hiding:\u003C\u002Fstrong> Select specific roles (e.g., Subscriber, Customer, Editor) to hide the bar for.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Capability-Based Hiding:\u003C\u002Fstrong> Hide the bar based on WordPress capabilities (e.g., hide for anyone who cannot \u003Ccode>manage_options\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Fast:\u003C\u002Fstrong> Zero bloat — no external requests, no database overhead on the frontend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🏆 Premium Features (Pro)\u003C\u002Fh3>\n\u003Cp>Unlock advanced visibility logic with the \u003Ca href=\"https:\u002F\u002Fpluginstack.dev\u002Fplugins\u002Fhide-admin-bar-pro\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa>:\u003Cbr \u002F>\n* \u003Cstrong>Page-Based Targeting:\u003C\u002Fstrong> Show or hide the admin bar only on specific URLs, post types, or page templates.\u003Cbr \u002F>\n* \u003Cstrong>Device Detection:\u003C\u002Fstrong> Hide the toolbar on Mobile or Tablet to save screen space, while keeping it on Desktop.\u003Cbr \u002F>\n* \u003Cstrong>Per-User Overrides:\u003C\u002Fstrong> Manually force the admin bar to show or hide for individual user accounts.\u003Cbr \u002F>\n* \u003Cstrong>Time-Based Visibility:\u003C\u002Fstrong> Automatically hide the bar during specific hours of the day.\u003Cbr \u002F>\n* \u003Cstrong>Smart Redirects:\u003C\u002Fstrong> Redirect users to the homepage or a custom URL when they try to access the backend.\u003Cbr \u002F>\n* \u003Cstrong>Inactivity Auto-Hide:\u003C\u002Fstrong> Automatically slide the toolbar away after a configurable period of inactivity.\u003Cbr \u002F>\n* \u003Cstrong>Import \u002F Export Settings:\u003C\u002Fstrong> Back up and migrate your configuration across sites in one click.\u003C\u002Fp>\n\u003Ch3>You can check our other plugins:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimakit-for-wp\u002F\" rel=\"ugc\">All-in-One WordPress Toolkit for SEO, Security, Customization, and Performance\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flike-dislike-for-wp\u002F\" rel=\"ugc\">Like Dislike For WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-block-editor-fullscreen-mode\u002F\" rel=\"ugc\">Disable Block Editor FullScreen mode\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnoteflow\u002F\" rel=\"ugc\">NoteFlow – Smart Notes Manager for WordPress Admin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Hide the WordPress Admin Bar for specific user roles, capabilities, devices, pages, or time windows. The ultimate toolbar control plugin for membershi &hellip;",762894,78,20,"2026-02-24T15:00:00.000Z","5.5",[115,134,99,135,136],"admin-toolbar","toolbar","user-roles","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-admin-bar-based-on-user-roles\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-admin-bar-based-on-user-roles.7.1.0.zip",1,"2022-02-21 00:00:00",{"attackSurface":142,"codeSignals":224,"taintFlows":280,"riskAssessment":320,"analyzedAt":336},{"hooks":143,"ajaxHandlers":193,"restRoutes":220,"shortcodes":221,"cronEvents":222,"entryPointCount":223,"unprotectedCount":223},[144,150,154,158,161,164,168,172,176,180,185,189],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","activeLcMenu","init\\mmlc-setup.php",15,{"type":145,"name":151,"callback":152,"file":148,"line":153},"wp_enqueue_scripts","lc_front_enque_scripts",16,{"type":145,"name":155,"callback":156,"file":148,"line":157},"admin_enqueue_scripts","lc_admin_enque_scripts",17,{"type":145,"name":151,"callback":159,"file":148,"line":160},"lc_front_enque_scripts_first",34,{"type":145,"name":151,"callback":162,"file":148,"line":163},"lc_front_enque_scripts_second",39,{"type":145,"name":165,"callback":166,"file":148,"line":167},"login_form","redirect_wp_admin",63,{"type":145,"name":169,"callback":170,"file":148,"line":171},"login_redirect","lc_custom_login",65,{"type":145,"name":173,"callback":174,"file":148,"line":175},"wp_login_failed","lc_custom_login_fail",67,{"type":145,"name":177,"callback":178,"file":148,"line":179},"logout_redirect","lc_custom_logout",69,{"type":181,"name":182,"callback":183,"file":148,"line":184},"filter","theme_page_templates","lc_add_page_template",72,{"type":181,"name":186,"callback":187,"file":148,"line":188},"template_include","lc_redirect_page_template",74,{"type":145,"name":190,"callback":191,"file":148,"line":192},"admin_head","lc_remove_dispaly_page",76,[194,199,202,206,208,212,214,218],{"action":195,"nopriv":196,"callback":197,"hasNonce":196,"hasCapCheck":196,"file":148,"line":198},"get_lc_status",false,"get_lc_status_callback",45,{"action":195,"nopriv":200,"callback":197,"hasNonce":196,"hasCapCheck":196,"file":148,"line":201},true,46,{"action":203,"nopriv":196,"callback":204,"hasNonce":196,"hasCapCheck":196,"file":148,"line":205},"get_lc_url_save","get_lc_url_save_callback",49,{"action":203,"nopriv":200,"callback":204,"hasNonce":196,"hasCapCheck":196,"file":148,"line":207},50,{"action":209,"nopriv":196,"callback":210,"hasNonce":196,"hasCapCheck":196,"file":148,"line":211},"get_lc_disable","get_lc_disable_callback",53,{"action":209,"nopriv":200,"callback":210,"hasNonce":196,"hasCapCheck":196,"file":148,"line":213},54,{"action":215,"nopriv":196,"callback":216,"hasNonce":196,"hasCapCheck":196,"file":148,"line":217},"get_lc_template_save","get_lc_template_save_callback",57,{"action":215,"nopriv":200,"callback":216,"hasNonce":196,"hasCapCheck":196,"file":148,"line":219},58,[],[],[],8,{"dangerousFunctions":225,"sqlUsage":226,"outputEscaping":254,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":279},[],{"prepared":11,"raw":227,"locations":228},11,[229,232,235,237,239,241,243,245,248,250,252],{"file":230,"line":74,"context":231},"init\\admin\\mmlc-admin-settings-setup.php","$wpdb->get_row() with variable interpolation",{"file":230,"line":233,"context":234},102,"$wpdb->query() with variable interpolation",{"file":230,"line":236,"context":234},104,{"file":230,"line":238,"context":231},160,{"file":230,"line":240,"context":234},164,{"file":230,"line":242,"context":234},166,{"file":244,"line":130,"context":231},"init\\admin\\mmlc-admin-settings-template.php",{"file":246,"line":247,"context":231},"init\\admin\\mmlc-admin-settings.php",111,{"file":148,"line":249,"context":231},27,{"file":148,"line":251,"context":231},263,{"file":148,"line":253,"context":231},295,{"escaped":255,"rawEcho":256,"locations":257},28,9,[258,262,264,266,267,270,272,275,277],{"file":259,"line":260,"context":261},"init\\admin\\mmlc-admin-help.php",43,"raw output",{"file":230,"line":263,"context":261},32,{"file":230,"line":265,"context":261},149,{"file":246,"line":242,"context":261},{"file":268,"line":269,"context":261},"init\\front-template\\template-firstlog.php",21,{"file":268,"line":271,"context":261},25,{"file":273,"line":274,"context":261},"init\\front-template\\template-secondlog.php",31,{"file":273,"line":276,"context":261},35,{"file":148,"line":278,"context":261},300,[],[281,308],{"entryPoint":282,"graph":283,"unsanitizedCount":306,"severity":307},"lcAdminStatusUrlSave (init\\admin\\mmlc-admin-settings-setup.php:36)",{"nodes":284,"edges":303},[285,290,296,299],{"id":286,"type":287,"label":288,"file":230,"line":289},"n0","source","$_POST (x2)",38,{"id":291,"type":292,"label":293,"file":230,"line":294,"wp_function":295},"n1","sink","update_option() [Settings Manipulation]",106,"update_option",{"id":297,"type":287,"label":298,"file":230,"line":289},"n2","$_POST",{"id":300,"type":292,"label":301,"file":230,"line":265,"wp_function":302},"n3","echo() [XSS]","echo",[304,305],{"from":286,"to":291,"sanitized":196},{"from":297,"to":300,"sanitized":196},3,"medium",{"entryPoint":309,"graph":310,"unsanitizedCount":306,"severity":319},"\u003Cmmlc-admin-settings-setup> (init\\admin\\mmlc-admin-settings-setup.php:0)",{"nodes":311,"edges":316},[312,313,314,315],{"id":286,"type":287,"label":288,"file":230,"line":289},{"id":291,"type":292,"label":293,"file":230,"line":294,"wp_function":295},{"id":297,"type":287,"label":298,"file":230,"line":289},{"id":300,"type":292,"label":301,"file":230,"line":265,"wp_function":302},[317,318],{"from":286,"to":291,"sanitized":196},{"from":297,"to":300,"sanitized":196},"low",{"summary":321,"deductions":322},"The \"mm-login-customization\" v1.4 plugin exhibits significant security concerns primarily due to its extensive unprotected attack surface. All 8 identified AJAX handlers lack any form of authentication or authorization checks, presenting a direct and easily exploitable entry point for attackers. This is further compounded by the fact that all SQL queries are executed without prepared statements, making the plugin highly susceptible to SQL injection vulnerabilities. While there are no recorded CVEs for this plugin and a majority of output is properly escaped, these strengths are overshadowed by the fundamental security flaws in handling user input and protecting critical functionalities.\n\nThe taint analysis, while limited in scope, identified flows with unsanitized paths, which is a clear indicator of potential cross-site scripting (XSS) or other injection vulnerabilities. The complete absence of nonce and capability checks on the AJAX handlers means that any authenticated or unauthenticated user could potentially trigger these actions, leading to unauthorized modifications, data exposure, or even site compromise. Given the lack of historical vulnerabilities, it's difficult to ascertain if this is due to a lack of targeting or a recent introduction of these insecure practices. However, the current state of the code suggests a high risk of exploitation.",[323,326,328,331,334],{"reason":324,"points":325},"AJAX handlers without authentication checks",10,{"reason":327,"points":325},"SQL queries without prepared statements",{"reason":329,"points":330},"Unsanitized paths in taint flows",5,{"reason":332,"points":333},"Nonce checks missing on AJAX handlers",7,{"reason":335,"points":333},"Capability checks missing on AJAX handlers","2026-03-17T06:36:09.091Z",{"wat":338,"direct":351},{"assetPaths":339,"generatorPatterns":346,"scriptPaths":347,"versionParams":348},[340,341,342,343,344,345],"\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fcss\u002Ffront\u002Fmmlc_front_style.css","\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fjs\u002Ffront\u002Fmmlc_front_ajax.js","\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fcss\u002Ffront\u002Fmmlc_front_tempate_one_style.css","\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fcss\u002Ffront\u002Fmmlc_front_tempate_two_style.css","\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fcss\u002Fback\u002Fmmlc_admin_style.css","\u002Fwp-content\u002Fplugins\u002Fmm-login-customization\u002Fassets\u002Fjs\u002Fback\u002Fmmlc_admin_ajax.js",[],[],[349,350],"mm-login-customization\u002Fassets\u002Fjs\u002Ffront\u002Fmmlc_front_ajax.js?ver=1.0.0","mm-login-customization\u002Fassets\u002Fjs\u002Fback\u002Fmmlc_admin_ajax.js?ver=1.0.0",{"cssClasses":352,"htmlComments":353,"htmlAttributes":354,"restEndpoints":355,"jsGlobals":360,"shortcodeOutput":363},[],[],[],[356,357,358,359],"\u002Fwp-json\u002Fget_lc_status","\u002Fwp-json\u002Fget_lc_url_save","\u002Fwp-json\u002Fget_lc_disable","\u002Fwp-json\u002Fget_lc_template_save",[361,362],"lc_admin_localize_ajax_url","lc_front_localize_ajax_url",[]]