[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT3O-Jq6ekvDfThQL5mji6rwi_HtKIQbNB1mCRcjMtIM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":131,"fingerprints":194},"multi-email-login","Multi-Email Login","1.0.2","mdburnette","https:\u002F\u002Fprofiles.wordpress.org\u002Fmdburnette\u002F","\u003Cp>Multi-Email Login is a WordPress plugin that enables users to associate multiple email addresses with a single account and authenticate using any of them. This solves a common problem where users have multiple email addresses (personal, work, legacy accounts) but want to maintain a single WordPress profile.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Use Multi-Email Login?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Flexibility\u003C\u002Fstrong>: Users can login with whichever email address they have handy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account Consolidation\u003C\u002Fstrong>: No need to create separate accounts for different email addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smooth Transitions\u003C\u002Fstrong>: When changing primary email addresses, users can keep both active for seamless access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Business Use\u003C\u002Fstrong>: Perfect for team members who use multiple email addresses across different departments or clients\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero Friction\u003C\u002Fstrong>: Works transparently with WordPress authentication—no special configuration needed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Multiple email addresses per user (unlimited)\u003Cbr \u002F>\n* Login with any associated email address\u003Cbr \u002F>\n* Seamless WordPress authentication integration\u003Cbr \u002F>\n* Unique email enforcement\u003Cbr \u002F>\n* User-friendly interface\u003Cbr \u002F>\n* No configuration needed\u003Cbr \u002F>\n* No WordPress core modifications\u003Cbr \u002F>\n* Developer-friendly API for finding users by any email address\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Email format validation\u003Cbr \u002F>\n* Input sanitization\u003Cbr \u002F>\n* AJAX nonce protection\u003Cbr \u002F>\n* User capability checks\u003Cbr \u002F>\n* Password verification\u003Cbr \u002F>\n* Duplicate prevention\u003C\u002Fp>\n\u003Ch3>Developer Usage\u003C\u002Fh3>\n\u003Cp>The plugin provides a simple API for developers to work with multiple email addresses:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Find a user by any email address (primary or secondary):\u003C\u002Fstrong>\u003Cbr \u002F>\n    $user = melog_get_user_by( ’email’, ‘user@example.com’ );\u003C\u002Fp>\n\u003Cp>This function works just like WordPress’s \u003Ccode>get_user_by()\u003C\u002Fcode> but automatically checks both primary and secondary email addresses.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Instead of:\u003C\u002Fstrong>\u003Cbr \u002F>\n    $user = get_user_by( ’email’, ‘user@example.com’ );\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use:\u003C\u002Fstrong>\u003Cbr \u002F>\n    $user = melog_get_user_by( ’email’, ‘user@example.com’ );\u003C\u002Fp>\n\u003Cp>For other field types (login, ID, slug), it behaves identically to the standard WordPress function.\u003C\u002Fp>\n","Allow users to login with multiple email addresses on a single WordPress account.",0,116,"2026-01-05T21:30:00.000Z","6.9.4","5.0","7.2",[18,19,20,21,22],"authentication","email","login","multiple-emails","user-management","https:\u002F\u002Fmburnette.com\u002Fmulti-email-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-email-login.1.0.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},6,2120,30,94,"2026-04-04T14:41:34.313Z",[36,55,77,94,115],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":11,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":52,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"force-login-with-email","Force Login With Email","1.0.5","MarcosAlexandre","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcosalexandre\u002F","\u003Cp>Force Login With Email is a fork of the Email Login Auth plugin. It is a very simple WordPress plugin, which allows users to login with their account email address. Just install, activate it and try to re-login! You can also disable login with username for all users or for ‘admin’ only.\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>After installation, enable the plugin.\u003C\u002Fli>\n\u003Cli>Now you and your users will be able to login using their account e-mail address!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>This version of the \u003Cstrong>Force Login With Email\u003C\u002Fstrong> plugin was developed without any connection with the previous developer and we count on your help to improve the code and operation of this plugin.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>Compatible since version 4.0.x of WordPress.\u003Cbr \u002F>\nCompatible since version 3.0.x of WooCommerce.\u003C\u002Fp>\n\u003Ch3>Doubts?\u003C\u002Fh3>\n\u003Cp>You can ask questions by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email\u002Fissues\u002F\" rel=\"nofollow ugc\">forum on Github\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Creating a topic in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fforce-login-with-email\u002F\" rel=\"ugc\">WordPress help forum\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is a fork that implements internationalization and continues the excellent plugin developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmikk_cz\u002F\" rel=\"nofollow ugc\">Michal Stanke\u003C\u002Fa> in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-login-auth\u002F\" rel=\"ugc\">Email Login Auth\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Banner:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbr.freepik.com\u002Ffotos-vetores-gratis\u002Ffundo\u002F\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Icon:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbr.freepik.com\u002Ffotos-vetores-gratis\u002Fnegocio\u002F\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>You can contribute source code on our page at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email\u002Fissues\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Enable login in WordPress only with user e-mail address.",200,8775,"2020-07-13T23:52:00.000Z","5.4.19","4.0","5.6",[18,19,20,51],"username","https:\u002F\u002Fgithub.com\u002Fmarcos-alexandre82\u002Fforce-login-with-email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforce-login-with-email.1.0.5.zip",85,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":32,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"email-otp-login","Email OTP Login","1.0.0","Tushar Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fricheal\u002F","\u003Cp>Email OTP Login adds an additional layer of security to your WordPress site by requiring users to verify an OTP sent to their email after entering their username and password. This ensures that only users with access to the registered email can log in.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email OTP verification during \u003Cstrong>login\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>OTP expires in 5 minutes (configurable).\u003C\u002Fli>\n\u003Cli>OTP stored securely using WordPress password hashing.\u003C\u002Fli>\n\u003Cli>Works with the default WordPress login form.\u003C\u002Fli>\n\u003Cli>Uses WordPress built-in \u003Ccode>wp_mail()\u003C\u002Fcode> function (works with SMTP plugins).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin does \u003Cstrong>not modify WordPress core files\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 or later.\u003C\u002Fp>\n\u003Cp>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n","Adds OTP (One-Time Password) verification after login for enhanced security in WordPress. OTP is sent to the user's email.",403,60,1,"2025-08-29T18:30:00.000Z","6.8.5","6.3","7.4",[71,20,72,73,74],"email-verification","otp","security","two-factor-authentication","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-otp-login.1.0.0.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":11,"num_ratings":11,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":75,"tags":90,"homepage":75,"download_link":93,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gp-user-login-with-email-id","Gp user Login With EMail-ID","1.0.1","Ganesh Paygude","https:\u002F\u002Fprofiles.wordpress.org\u002Fganeshpaygude\u002F","\u003Cp>Allow user to login with their Email ID OR Username.\u003C\u002Fp>\n\u003Cp>Major features in Gp user Login With EMail-ID include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setting option checkbox allow to Login with Email ID associated with the user account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","Allow user to login with their Email ID.",10,1565,"2020-12-28T10:21:00.000Z","5.6.17","4.9",[91,18,19,92],"auth","email-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-user-login-with-email-id.1.0.1.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":85,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":49,"tags":108,"homepage":113,"download_link":114,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"mojoauth","MojoAuth Passwordless Authentication","2.7","MojoAuth","https:\u002F\u002Fprofiles.wordpress.org\u002Fmojoauth\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fmojoauth.com\" rel=\"nofollow ugc\">MojoAuth\u003C\u002Fa> Passwordless Authentication WordPress plugin replaces standard WordPress login forms with the passwordless authentication method. It provides a robust and secure passwordless authentication mechanism to your WordPress site that offers the users a way to verify themselves while not having to remember or manually type passwords, which in turn provides stronger security and fewer breaches.\u003C\u002Fp>\n\u003Cp>Adding a passwordless authentication mechanism will help to create additional barriers to secure accounts of users. We updated the conventional password method of login with a safer authentication method, for example, log in through Email OTP, Magic Link, Social Login, Phone SMS and WebAuthn. This likewise cuts the additional progression of you fumbling over your failed to remember password.\u003C\u002Fp>\n\u003Ch3>KEY FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Magic Link\u003C\u002Fstrong>: A unique link sent directly to your email which allows you to authenticate once and becomes invalid automatically once you are logged in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OTP\u003C\u002Fstrong>: A unique OTP sent directly to your email which allows you to authenticate once and becomes invalid automatically once you are logged in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WebAuthn\u003C\u002Fstrong>: Allow users to authenticate with built-in authenticators like fingerprint, pin, or using security keys like YubiKey.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Login\u003C\u002Fstrong>: Allow your users to log in using Social login like Google, Facebook, Apple, etc., and increase sign-ups by removing the friction of passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SMS Authentication\u003C\u002Fstrong>: Authenticate and verify your users using SMS OTP across all your applications and enable a secure, frictionless and customizable login experience for everyone.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>You can contribute or see sources to this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMojoAuth\u002Fmojoauth-wordpress\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We offer 24\u002F7 support, reach out to our support team, or refer our product documents\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Live chat\u003C\u002Fli>\n\u003Cli>Email Support mailto:support@mojoauth.com\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmojoauth.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Support documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","MojoAuth provides a secure and delightful experience to your customer with passwordless. Here, you'll find comprehensive guides and documentation &hellip;",2761,74,3,"2022-12-13T11:58:00.000Z","6.1.10","3.4",[18,109,110,111,112],"email-magic-link","email-otp","sms-authentication","social-login","https:\u002F\u002Fgithub.com\u002FMojoAuth\u002Fmojoauth-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmojoauth.2.7.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":85,"downloaded":123,"rating":11,"num_ratings":11,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":75,"tags":127,"homepage":129,"download_link":130,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"second-factor","Second Factor","1.0","apokalyptik","https:\u002F\u002Fprofiles.wordpress.org\u002Fapokalyptik\u002F","\u003Cp>This plugin prevents logged in users from doing anything on your wordpress.org blog until they have verified their second factor of authentication.  The process goes like this:\u003C\u002Fp>\n\u003Col>\n\u003Cli>A user logs into your blog.\n\u003Cul>\n\u003Cli>Behind the scenes a bunch of cryptographic stuff happens and a key is generated and attached to that user. The key is overwritten with a new one every single time they log in. This key is emailed to that user (via the email address the user is registered under.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>The user gets the email with the code.\u003C\u002Fli>\n\u003Cli>The user then enters the code at the page which is now presented to them when they are trying to access your blog\n\u003Cul>\n\u003Cli>Behind the scenes the token is checked for validity, and a cookie is added to the users session.  They are now allowed access to your blog.  If the key changes (the user logs out, or is required to log in again) the cookie that they may have been using will no longer be valid and they will be asked to enter the new one that they get via email.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Require secondary authentication for registered user access",1996,"2010-11-18T22:29:00.000Z","3.1.4","3.0.1",[128],"authentication-security-email-login-notification-factor","http:\u002F\u002Fwordpress.org\u002F#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecond-factor.1.0.zip",{"attackSurface":132,"codeSignals":181,"taintFlows":189,"riskAssessment":190,"analyzedAt":193},{"hooks":133,"ajaxHandlers":167,"restRoutes":177,"shortcodes":178,"cronEvents":179,"entryPointCount":180,"unprotectedCount":11},[134,139,143,148,151,155,158,162],{"type":135,"name":136,"callback":136,"priority":85,"file":137,"line":138},"filter","authenticate","includes\\class-mel-authentication.php",51,{"type":135,"name":140,"callback":141,"priority":85,"file":137,"line":142},"pre_get_user_by_email","extend_get_user_by_email",54,{"type":144,"name":145,"callback":146,"file":147,"line":138},"action","show_user_profile","display_secondary_emails","includes\\class-mel-user-profile.php",{"type":144,"name":149,"callback":146,"file":147,"line":150},"edit_user_profile",52,{"type":144,"name":152,"callback":153,"file":147,"line":154},"personal_options_update","save_secondary_emails",55,{"type":144,"name":156,"callback":153,"file":147,"line":157},"edit_user_profile_update",56,{"type":144,"name":159,"callback":160,"file":147,"line":161},"admin_enqueue_scripts","enqueue_admin_assets",63,{"type":144,"name":163,"callback":164,"file":165,"line":166},"plugins_loaded","melog_init","multi-email-login.php",53,[168,174],{"action":169,"nopriv":170,"callback":171,"hasNonce":172,"hasCapCheck":172,"file":147,"line":173},"melog_add_email",false,"ajax_add_email",true,59,{"action":175,"nopriv":170,"callback":176,"hasNonce":172,"hasCapCheck":172,"file":147,"line":64},"melog_remove_email","ajax_remove_email",[],[],[],2,{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":11,"externalRequests":11,"nonceChecks":180,"capabilityChecks":180,"bundledLibraries":188},[],{"prepared":11,"raw":11,"locations":184},[],{"escaped":186,"rawEcho":11,"locations":187},21,[],[],[],{"summary":191,"deductions":192},"The \"multi-email-login\" v1.0.2 plugin demonstrates a strong security posture based on the provided static analysis. All identified entry points (two AJAX handlers) are protected with both nonce and capability checks, indicating good development practices. The code utilizes prepared statements for all SQL queries, ensuring protection against SQL injection. Furthermore, all output is properly escaped, mitigating cross-site scripting (XSS) vulnerabilities. The absence of file operations and external HTTP requests reduces the potential attack surface. The plugin also benefits from a clean vulnerability history with no recorded CVEs, suggesting a history of secure development or prompt patching by developers.",[],"2026-03-17T07:15:22.458Z",{"wat":195,"direct":202},{"assetPaths":196,"generatorPatterns":199,"scriptPaths":200,"versionParams":201},[197,198],"\u002Fwp-content\u002Fplugins\u002Fmulti-email-login\u002Fassets\u002Fcss\u002Fmelog-admin.css","\u002Fwp-content\u002Fplugins\u002Fmulti-email-login\u002Fassets\u002Fjs\u002Fmelog-admin.js",[],[],[],{"cssClasses":203,"htmlComments":210,"htmlAttributes":211,"restEndpoints":216,"jsGlobals":217,"shortcodeOutput":219},[204,205,206,207,208,209],"melog-email-item","melog-email-text","melog-remove-email","melog-add-email-form","melog-add-email","melog-inline-message",[],[212,213,214,215],"data-email","data-user-id","id=\"melog_secondary_email\"","placeholder=\"Enter additional email address\"",[],[218],"melog_ajax_object",[]]