[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0_W8TaEAltZMiHy8lhZfqc8DbcGIAKGDyYBCHvfy4LI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":150,"fingerprints":205},"ninjascanner","NinjaScanner – Virus & Malware scan","3.2.8","nintechnet","https:\u002F\u002Fprofiles.wordpress.org\u002Fnintechnet\u002F","\u003Ch4>A lightweight, fast and powerful virus scanner for WordPress.\u003C\u002Fh4>\n\u003Cp>NinjaScanner is a lightweight, fast and powerful virus scanner for WordPress which includes many features to help you scan your blog for malware and virus.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>File integrity checker.\u003C\u002Fli>\n\u003Cli>File comparison viewer.\u003C\u002Fli>\n\u003Cli>Exclusion filters.\u003C\u002Fli>\n\u003Cli>File snapshot.\u003C\u002Fli>\n\u003Cli>Database snapshot.\u003C\u002Fli>\n\u003Cli>Anti-malware\u002FAntivirus.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fnin.link\u002Fnssandbox\u002F\" title=\"NinjaScanner sandbox\" rel=\"nofollow ugc\">Sandbox for quarantined files\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Ignored files list.\u003C\u002Fli>\n\u003Cli>Google’s Safe Browsing Lookup API.\u003C\u002Fli>\n\u003Cli>Background scans.\u003C\u002Fli>\n\u003Cli>Scheduled scans (Premium).\u003C\u002Fli>\n\u003Cli>WP-CLI integration (Premium).\u003C\u002Fli>\n\u003Cli>Debugging log.\u003C\u002Fli>\n\u003Cli>Email report.\u003C\u002Fli>\n\u003Cli>Integration with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninjafirewall\u002F\" title=\"Download NinjaFirewall\" rel=\"ugc\">NinjaFirewall (WP and WP+ Edition)\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Multi-site support.\u003C\u002Fli>\n\u003Cli>Contextual help.\u003C\u002Fli>\n\u003Cli>And many more…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>File Integrity Checker\u003C\u002Fh4>\n\u003Cp>The File Integrity Checker will compare your WordPress core files as well as your plugin and theme files to their original package. Its File Comparison Viewer will show you the differences between any modified file and the original. You can also \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjascanner-powerful-antivirus-scanner-for-wordpress\u002F#integrity\" title=\"\" rel=\"nofollow ugc\">add your Premium themes and plugins\u003C\u002Fa> to the File Integrity Checker. Infected or corrupted files can be easily restored with one click.\u003C\u002Fp>\n\u003Ch4>File Snapshot\u003C\u002Fh4>\n\u003Cp>The File Snapshot will show you which files were changed, added or deleted since the previous scan.\u003C\u002Fp>\n\u003Ch4>Database Snapshot\u003C\u002Fh4>\n\u003Cp>NinjaScanner will compare all published posts and pages in the database with the previous scan and will report if any of them were changed, added or deleted.\u003C\u002Fp>\n\u003Ch4>Anti-Malware Signatures\u003C\u002Fh4>\n\u003Cp>You can scan your blog for potential malware and virus using the built-in signatures. The scanning engine is compatible with \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frfxn\u002Flinux-malware-detect\" title=\"\" rel=\"nofollow ugc\">Linux Malware Detect LMD\u003C\u002Fa> (whose anti-malware signatures are included) and with some \u003Ca href=\"https:\u002F\u002Fwww.clamav.net\u002F\" title=\"\" rel=\"nofollow ugc\">ClamAV\u003C\u002Fa> signatures as well. You can even \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjascanner-powerful-antivirus-scanner-for-wordpress\u002F#signatures\" title=\"\" rel=\"nofollow ugc\">write your own anti-malware signatures\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>NinjaFirewall Integration\u003C\u002Fh4>\n\u003Cp>If you are running our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninjafirewall\u002F\" title=\"Download NinjaFirewall\" rel=\"ugc\">NinjaFirewall (WP or WP+ Edition)\u003C\u002Fa> web application firewall plugin, you can use this option to integrate NinjaScanner into its menu.\u003C\u002Fp>\n\u003Ch4>Fast and Lightweight Scanner\u003C\u002Fh4>\n\u003Cp>NinjaScanner has strictly no impact on your database. It only uses it to store its configuration (less than 1Kb). It saves the scan data, report, logs etc on disk only, makes use of caching to save bandwidth and server resources. It also includes a Garbage Collector that will clean up its cache on a regular basis.\u003C\u002Fp>\n\u003Ch4>Background Scans\u003C\u002Fh4>\n\u003Cp>Another great NinjaScanner feature is that it runs in the background: start a scan, let it run and keep working on your blog as usual. You can even log out of the WordPress dashboard while a scanning process is running! You don’t have to wait patiently until the scan has finished. Additionally, a scan report can be sent to one or more email addresses.\u003C\u002Fp>\n\u003Ch4>Sandbox for quarantined files\u003C\u002Fh4>\n\u003Cp>When moving a file to the quarantine folder, NinjaScanner can use a testing environment (a.k.a. sandbox) to make sure that this action does not crash your blog with a fatal error. If it does, it will warn you and will not quarantine the file. It is possible (but not recommended) to disable the sandbox.\u003C\u002Fp>\n\u003Ch4>Advanced Settings\u003C\u002Fh4>\n\u003Cp>NinjaScanner offers many advanced settings to finely tune it, such as exclusion filters, selection of the algorithm to use, a debugging log etc.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>Your website can run NinjaScanner and be 100% compliant with the \u003Cstrong>General Data Protection Regulation (GDPR)\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cp>We, the authors, do not collect, share or sell personal information. We don’t track or profile you. Our software does not collect any private data from you or your visitors.\u003C\u002Fp>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cp>Check out our \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjascanner\u002F\" title=\"NinjaScanner Premium Edition\" rel=\"nofollow ugc\">NinjaScanner Premium Edition\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Scheduled Scans\u003C\u002Fstrong>: Don’t leave your blog at risk. With the scheduled scan option, NinjaScanner will run automatically hourly, twice daily or daily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration\u003C\u002Fstrong>: Do you own several blogs and prefer to manage them from the command line? NinjaScanner can nicely integrate with WP-CLI, using the \u003Ccode>ninjascanner\u003C\u002Fcode> command. You can use it to start or stop a scanning process, view its status, its report or log from your favourite terminal, without having to log in to the WordPress Admin Dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dedicated Help Desk with Priority Support\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight, fast and powerful virus scanner for WordPress.",30000,921392,86,33,"2025-11-29T09:53:00.000Z","6.9.4","4.7.0","7.1",[20,21,22,23,24],"malware","protection","scanner","security","virus","https:\u002F\u002Fnintechnet.com\u002Fninjascanner\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fninjascanner.3.2.8.zip",98,1,0,"2025-07-30 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-8213","ninjascanner-virus-malware-scan-authenticated-administrator-arbitrary-file-deletion","NinjaScanner – Virus & Malware scan \u003C= 3.2.5 - Authenticated (Administrator+) Arbitrary File Deletion","The NinjaScanner – Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'nscan_ajax_quarantine' and 'nscan_quarantine_select' functions in all versions up to, and including, 3.2.5. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, including files outside the WordPress root directory.",null,"\u003C=3.2.5","3.2.6","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Absolute Path Traversal","2025-07-31 12:24:46",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6b1da345-ddbb-48ad-b0c1-bb0cb3b0fc69?source=api-prod",2,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},3,130010,99,619,78,"2026-04-03T20:04:56.588Z",[57,74,97,119,136],{"slug":58,"name":59,"version":60,"author":7,"author_profile":8,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":27,"num_ratings":65,"last_updated":66,"tested_up_to":16,"requires_at_least":67,"requires_php":18,"tags":68,"homepage":70,"download_link":71,"security_score":72,"vuln_count":28,"unpatched_count":29,"last_vuln_date":73,"fetched_at":31},"ninjafirewall","NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall","4.8.4","\u003Ch4>A true Web Application Firewall\u003C\u002Fh4>\n\u003Cp>NinjaFirewall (WP Edition) is a true Web Application Firewall. Although it can be installed and configured just like a plugin, it is a stand-alone firewall that stands in front of WordPress.\u003C\u002Fp>\n\u003Cp>It allows any blog administrator to benefit from very advanced and powerful security features that usually aren’t available at the WordPress level, but only in security applications such as the Apache \u003Ca href=\"http:\u002F\u002Fwww.modsecurity.org\u002F\" title=\"\" rel=\"nofollow ugc\">ModSecurity\u003C\u002Fa> module or the PHP \u003Ca href=\"http:\u002F\u002Fsuhosin.org\u002F\" title=\"\" rel=\"nofollow ugc\">Suhosin\u003C\u002Fa> extension.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>NinjaFirewall requires at least PHP 7.1, MySQLi extension and is only compatible with Unix-like OS (Linux, BSD). It is \u003Cstrong>not compatible with Microsoft Windows\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>NinjaFirewall can hook, scan, sanitise or reject any HTTP\u002FHTTPS request sent to a PHP script before it reaches WordPress or any of its plugins. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren’t part of the WordPress package. Even encoded PHP scripts, hackers shell scripts and backdoors will be filtered by NinjaFirewall.\u003C\u002Fp>\n\u003Ch4>Powerful filtering engine\u003C\u002Fh4>\n\u003Cp>NinjaFirewall includes the most powerful filtering engine available in a WordPress plugin. Its most important feature is its ability to normalize and transform data from incoming HTTP requests which allows it to detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as to support and decode a large set of encodings. See our blog for a full description: \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fintroduction-to-ninjafirewall-filtering-engine\u002F\" title=\"\" rel=\"nofollow ugc\">An introduction to NinjaFirewall filtering engine\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Fastest and most efficient brute-force attack protection for WordPress\u003C\u002Fh4>\n\u003Cp>By processing incoming HTTP requests before your blog and any of its plugins, NinjaFirewall is the only plugin for WordPress able to protect it against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.\u003C\u002Fp>\n\u003Cp>See our benchmarks and stress-tests: \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fwordpress-brute-force-attack-detection-plugins-comparison-2015\u002F\" title=\"\" rel=\"nofollow ugc\">Brute-force attack detection plugins comparison\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The protection applies to the \u003Ccode>wp-login.php\u003C\u002Fcode> script but can be extended to the \u003Ccode>xmlrpc.php\u003C\u002Fcode> one. The incident can also be written to the server \u003Ccode>AUTH\u003C\u002Fcode> log, which can be useful to the system administrator for monitoring purposes or banning IPs at the server level (e.g., Fail2ban).\u003C\u002Fp>\n\u003Ch4>Real-time detection\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>File Guard\u003C\u002Fstrong> real-time detection is a totally unique feature provided by NinjaFirewall: it can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this. If a hacker uploaded a shell script to your site (or injected a backdoor into an already existing file) and tried to directly access that file using his browser or a script, NinjaFirewall would hook the HTTP request and immediately detect that the file was recently modified or created. It would send you an alert with all details (script name, IP, request, date and time).\u003C\u002Fp>\n\u003Ch4>File integrity monitoring\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>File Check\u003C\u002Fstrong> lets you perform file integrity monitoring by scanning your website hourly, twicedaily or daily. Any modification made to a file will be detected: file content, file permissions, file ownership, timestamp as well as file creation and deletion.\u003C\u002Fp>\n\u003Ch4>Watch your website traffic in real time\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Live Log\u003C\u002Fstrong> lets you watch your website traffic in real time. It displays connections in a format similar to the one used by the \u003Ccode>tail -f\u003C\u002Fcode> Unix command. Because it communicates directly with the firewall, i.e., without loading WordPress, \u003Cstrong>Live Log\u003C\u002Fstrong> is fast, lightweight and it will not affect your server load, even if you set its refresh rate to the lowest value.\u003C\u002Fp>\n\u003Ch4>Event Notifications\u003C\u002Fh4>\n\u003Cp>NinjaFirewall can alert you by email on specific events triggered within your blog. Some of those alerts are enabled by default and it is highly recommended to keep them enabled. It is not unusual for a hacker, after breaking into your WordPress admin console, to install or just to upload a backdoored plugin or theme in order to take full control of your website. NinjaFirewall can also \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-wp-edition-adds-php-backtrace-to-email-notifications\u002F\" title=\"NinjaFirewall adds PHP backtrace to email notifications\" rel=\"nofollow ugc\">attach a PHP backtrace\u003C\u002Fa> to important notifications.\u003C\u002Fp>\n\u003Cp>Monitored events:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Administrator login.\u003C\u002Fli>\n\u003Cli>Modification of any administrator account in the database.\u003C\u002Fli>\n\u003Cli>Plugins upload, installation, (de)activation, update, deletion.\u003C\u002Fli>\n\u003Cli>Themes upload, installation, activation, deletion.\u003C\u002Fli>\n\u003Cli>WordPress update.\u003C\u002Fli>\n\u003Cli>Pending security update in your plugins and themes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Stay protected against the latest WordPress security vulnerabilities\u003C\u002Fh4>\n\u003Cp>To get the most efficient protection, NinjaFirewall can automatically update its security rules daily, twice daily or even hourly. Each time a new vulnerability is found in WordPress or one of its plugins\u002Fthemes, a new set of security rules will be made available to protect your blog immediately.\u003C\u002Fp>\n\u003Ch4>Strong Privacy\u003C\u002Fh4>\n\u003Cp>Unlike a Cloud Web Application Firewall, or Cloud WAF, NinjaFirewall works and filters the traffic on your own server and infrastructure. That means that your sensitive data (contact form messages, customers credit card number, login credentials etc) remains on your server and is not routed through a third-party company’s servers, which could pose unnecessary risks (e.g., decryption of your HTTPS traffic in order to inspect it, employees accessing your data or logs in plain text, theft of private information, man-in-the-middle attack etc).\u003C\u002Fp>\n\u003Cp>Your website can run NinjaFirewall and be \u003Cstrong>compliant with the General Data Protection Regulation (GDPR)\u003C\u002Fstrong>. \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-general-data-protection-regulation-compliance\u002F\" title=\"GDPR Compliance\" rel=\"nofollow ugc\">See our blog for more details\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>IPv6 compatibility\u003C\u002Fh4>\n\u003Cp>IPv6 compatibility is a mandatory feature for a security plugin: if it supports only IPv4, hackers can easily bypass the plugin by using an IPv6. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both public and private addresses.\u003C\u002Fp>\n\u003Ch4>Multi-site support\u003C\u002Fh4>\n\u003Cp>NinjaFirewall is multi-site compatible. It will protect all sites from your network and its configuration interface will be accessible only to the Super Admin from the network main site.\u003C\u002Fp>\n\u003Ch4>Possibility to prepend your own PHP code to the firewall\u003C\u002Fh4>\n\u003Cp>You can prepend your own PHP code to the firewall with the help of an \u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fninjafirewall-wp-edition-the-htninja-configuration-file\u002F\" rel=\"nofollow ugc\">optional distributed configuration file\u003C\u002Fa>. It will be processed before WordPress and all its plugins are loaded. This is a very powerful feature, and there is almost no limit to what you can do: add your own security rules, manipulate HTTP requests, variables etc.\u003C\u002Fp>\n\u003Ch4>Low Footprint Firewall\u003C\u002Fh4>\n\u003Cp>NinjaFirewall is very fast, optimised, compact, and requires very low system resource.\u003Cbr \u002F>\nSee for yourself: download and install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcode-profiler\u002F\" title=\"\" rel=\"ugc\">Code Profiler\u003C\u002Fa> plugin and compare NinjaFirewall’s performance with other security plugins.\u003C\u002Fp>\n\u003Ch4>Non-Intrusive User Interface\u003C\u002Fh4>\n\u003Cp>NinjaFirewall looks and feels like a built-in WordPress feature. It does not contain intrusive banners, warnings or flashy colors. It uses the WordPress simple and clean interface and is also smartphone-friendly.\u003C\u002Fp>\n\u003Ch4>Contextual Help\u003C\u002Fh4>\n\u003Cp>Each NinjaFirewall menu page has a contextual help screen with useful information about how to use and configure it.\u003Cbr \u002F>\nIf you need help, click on the \u003Cem>Help\u003C\u002Fem> menu tab located in the upper right corner of each page in your admin panel.\u003C\u002Fp>\n\u003Ch4>Need more security ?\u003C\u002Fh4>\n\u003Cp>Check out our new supercharged edition: \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F\" title=\"NinjaFirewall WP+ Edition\" rel=\"nofollow ugc\">NinjaFirewall WP+ Edition\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unix shared memory use for inter-process communication and blazing fast performances.\u003C\u002Fli>\n\u003Cli>IP-based Access Control.\u003C\u002Fli>\n\u003Cli>Role-based Access Control.\u003C\u002Fli>\n\u003Cli>Country-based Access Control via geolocation.\u003C\u002Fli>\n\u003Cli>URL-based Access Control.\u003C\u002Fli>\n\u003Cli>Bot-based Access Control.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fcentralized-logging-with-ninjafirewall\u002F\" title=\"Centralized Logging\" rel=\"nofollow ugc\">Centralized Logging\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Antispam for comment and user regisration forms.\u003C\u002Fli>\n\u003Cli>Rate limiting option to block aggressive bots, crawlers, web scrapers and HTTP attacks.\u003C\u002Fli>\n\u003Cli>Response body filter to scan the output of the HTML page right before it is sent to your visitors browser.\u003C\u002Fli>\n\u003Cli>Better File uploads management.\u003C\u002Fli>\n\u003Cli>Better logs management.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.nintechnet.com\u002Fsyslog-logging-with-ninjafirewall\u002F\" title=\"Syslog logging\" rel=\"nofollow ugc\">Syslog logging\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F\" title=\"\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa> about the WP+ Edition unique features. \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fninjafirewall\u002Fwp-edition\u002F?comparison\" title=\"\" rel=\"nofollow ugc\">Compare\u003C\u002Fa> the WP and WP+ Editions.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.9+\u003C\u002Fli>\n\u003Cli>Admin\u002FSuperadmin with \u003Ccode>manage_options\u003C\u002Fcode> + \u003Ccode>unfiltered_html capabilities\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>PHP 7.1+\u003C\u002Fli>\n\u003Cli>MySQL or MariaDB with MySQLi extension\u003C\u002Fli>\n\u003Cli>Apache \u002F Nginx \u002F LiteSpeed \u002F Openlitespeed compatible\u003C\u002Fli>\n\u003Cli>Unix-like operating systems only (Linux, BSD etc). NinjaFirewall is \u003Cstrong>NOT\u003C\u002Fstrong> compatible with Microsoft Windows.\u003C\u002Fli>\n\u003C\u002Ful>\n","A true Web Application Firewall to protect and secure WordPress.",100000,3089632,217,"2026-03-12T09:53:00.000Z","4.9",[69,20,21,23,24],"firewall","https:\u002F\u002Fnintechnet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fninjafirewall.4.8.4.zip",100,"2021-05-30 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":16,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":95,"vuln_count":50,"unpatched_count":29,"last_vuln_date":96,"fetched_at":31},"wp-malware-removal","Malcure Malware Shield — Removal, Repair, Monitor","19.8","Malcure Web Security","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalcure\u002F","\u003Cp>Is your website acting strangely? Seeing ‘Deceptive Site Ahead’ warnings, Japanese spam, SEO spam, or random redirects? Time to fix and monitor your site with \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Malcure Malware Shield: The Powerful Antivirus\u003C\u002Fh3>\n\u003Cp>Just as your computer requires antivirus, your website demands specialized \u003Cstrong>antivirus-grade protection\u003C\u002Fstrong>. Malcure Malware Shield delivers comprehensive, \u003Cstrong>antivirus-style\u003C\u002Fstrong> detection with advanced signatures to identify viruses, trojans, backdoors, adware, and ransomware. Unlike basic security plugins, it operates with the precision of an antivirus engine, scanning every layer of your site—from core files to the database—to ensure your website remains virus-free and secure.\u003C\u002Fp>\n\u003Ch3>Malware Removal, Hack Repair & SEO Spam Cleanup\u003C\u002Fh3>\n\u003Cp>Malware attacks are evolving. Standard scanners often miss hidden backdoors and database infections. If your current security plugin says “All Clear” but your site is still broken, you need \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong> is the intelligent, lightweight security solution. We believe security should be simple on the surface but deep under the hood. No complex settings. No bloat. Just activate and scan.\u003C\u002Fp>\n\u003Cp>Lightweight, API-driven scanning runs only on demand or on scheduled scans — no persistent background processes.\u003C\u002Fp>\n\u003Cp>Unlike scanners that delay new malware definitions for days, Malcure delivers real-time threat intelligence to every user so you’re protected against the latest threats as soon as they emerge.\u003C\u002Fp>\n\u003Ch3>What Our Users Say\u003C\u002Fh3>\n\u003Cp>Quotes are verbatim from WordPress.org support reviews, except for bracketed edits (for example, competitor names removed).\u003C\u002Fp>\n\u003Ch4>Best by far, better than [competitor name removed] and other giants\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“You can see it is a bunch of geeks that created this, with skill and visual creativity at that. I spent hours trying to find a plugin like this. So many options and such bad results until now. Great job guys. You deserve it. Simple and effective. (Disclaimer to other potential readers: there are many types of hacks\u002Fmalware out there, every scenario is different, but start with the Malcure scan and see how it goes. 9\u002F10 you won’t be disappointed, my guess)” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-by-far-better-than-wordfence-and-other-giants\u002F\" rel=\"ugc\">@dalingzaf\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>The ONLY plugin that scans files…\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“I am a web developer and have tried many malware removal plugins, including popular ones [competitor names removed]. However, none of them detected some unusual files that were actually malware causing regular attacks. Some of these files were in JPG format.” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-only-plugin-that-scans-files-in-real-time-2\u002F\" rel=\"ugc\">@devzeeshanx\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Best Malware Removal Plugin in just few minutes\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“Most security plugins that are free only scan the code, but Malcure Malware Removal Plugin scans the wordpress database and the code files in few minutes. Accurately shows which Database table row is infected and it helps resolve the hacking attempt instantly. Saves a lot of time for the developers. Thank You Team Malcure” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-malware-removal-plugin-in-just-few-minutes\u002F\" rel=\"ugc\">@s3630\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>It’s not just a “teaser”\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“This plugin really found the malware, and removed it. Really for free. Thanks guys, I’m going to donate now!” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fits-not-just-a-teaser\u002F\" rel=\"ugc\">@halucska\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Malware Removal & Hack Repair\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Checksum Verification:\u003C\u002Fstrong> We verify core, plugin, and theme file integrity against the official repository checksums served by our SaaS API endpoint.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deep Scan:\u003C\u002Fstrong> If checksums fail, Malcure runs a full scan against malware detection signatures detecting estimated 50,000+ variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inspect & Repair:\u003C\u002Fstrong> Inspect infected database records and files. Assists in cleaning compromised files and database entries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Specialist:\u003C\u002Fstrong> Detects and removes the notorious “Japanese Keyword Hack” and pharma spam from your files and database, helping restore your Google rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Virus Scanner & Threat Detection\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Database Scan:\u003C\u002Fstrong> Scans database tables for malicious injections and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors and obfuscated code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Detection:\u003C\u002Fstrong> Checks your core, plugins, and themes for known security flaws.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DeepScan™ Technology:\u003C\u002Fstrong> Scans backups, archives, images, and hidden files where malware hides.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra-High Precision:\u003C\u002Fstrong> Uses intelligent checksum verification (comparing your files to official core\u002Fplugin\u002Ftheme checksums) to dramatically reduce false alarms compared to heuristic-only scanners.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Intelligent Health Monitor\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always-On Guard:\u003C\u002Fstrong> Continuous monitoring via \u003Cstrong>Scheduled Scans\u003C\u002Fstrong> (daily\u002Fweekly\u002Fmonthly) configurable cadence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant Alerts:\u003C\u002Fstrong> Every time a scheduled scan completes, you get an instant email report telling you if your site is clean or infected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Event Log:\u003C\u002Fstrong> Track the events leading up to a malware incident for faster root-cause analysis.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Powered by Malcure API: Real-Time Threat Intelligence\u003C\u002Fh3>\n\u003Cp>Hackers don’t sleep, and neither do we. Malcure Malware Shield connects to our real-time API to fetch the latest threat definitions.\u003C\u002Fp>\n\u003Cp>This plugin relies on the Malcure API to provide real-time threat intelligence and checksum verification.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Data Transmission:\u003C\u002Fstrong> To perform scans, the plugin sends file checksums and your site’s domain to Malcure servers. No sensitive user data is transmitted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms & Privacy:\u003C\u002Fstrong> Use of the API is subject to our \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=1720&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=3&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero-Day Alerts:\u003C\u002Fstrong> Our API serves new threat-intelligence in real-time, ensuring the site is scanned against the latest vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Checksums:\u003C\u002Fstrong> We verify your core files, themes, and plugins against the official repository checksums using our API, ensuring absolute integrity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight:\u003C\u002Fstrong> The scanner only uses minimum resources to keep your server fast and responsive.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Keep Malcure Malware Shield Installed?\u003C\u002Fh3>\n\u003Ch4>Reinfection Risk & Continuous Monitoring\u003C\u002Fh4>\n\u003Cp>Malware cleanup is not a one-and-done task. New vulnerabilities and reinfections can appear without warning, so continuous monitoring and scheduled scans help catch issues early—before SEO damage, blacklists, or downtime. You get email notification with the results to rest assured that the site is clean or when immediate action is required.\u003C\u002Fp>\n\u003Cp>Cleaning your site is just step one. Malcure is your anti-malware health monitor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Continuous Monitoring:\u003C\u002Fstrong> Scheduled scans watch your site for changes so you don’t have to.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Event Log:\u003C\u002Fstrong> See exactly what’s happening on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Early Warning:\u003C\u002Fstrong> Catch new infections before Google blacklists you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Prevention:\u003C\u002Fstrong> Scheduled scans and integrity checks catch reinfections before they spread.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Bloat:\u003C\u002Fstrong> Designed to run on-demand or as per schedule without slowing down your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Who This Plugin Is For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Site owners\u003C\u002Fstrong> who want clear, actionable results (what was flagged and where).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agencies & developers\u003C\u002Fstrong> who need fast triage across multiple sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce \u002F membership \u002F lead-gen sites\u003C\u002Fstrong> where downtime, SEO brand-reputation damage are expensive.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants a scanner that cuts through the noise to focus on \u003Cem>signal\u003C\u002Fem>—real threats with practical remediation paths.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works (Scan \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Review \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Clean \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Monitor)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Scan\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Malcure Scanner\u003C\u002Fstrong> in your Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Run a scan to check your files and database for vulnerabilities, malware, backdoors, suspicious code, and integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Review\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Malcure reports findings with clear locations (file paths \u002F database records) so you can verify what changed and why it was flagged.\u003C\u002Fli>\n\u003Cli>Use the results to decide what should be repaired, deleted, or kept (for example, legitimate custom code).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean & Recover\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The free edition helps you identify issues, inspect data and understand what needs fixing.\u003C\u002Fli>\n\u003Cli>The Advanced Edition adds Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Monitor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set up scheduled scans to keep your site continuously monitored.\u003C\u002Fli>\n\u003Cli>Get email alerts for new infections or integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Is It Free?\u003C\u002Fh4>\n\u003Cp>We believe in 100% transparency.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Professional-grade Detection (Knowledge). You see every infected file and database row (exact file path & line number), so you can clean it yourself for free.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Real-time Threat Intelligence & Monitoring.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pro Upgrade:\u003C\u002Fstrong> Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>You are never forced to pay to \u003Cem>find\u003C\u002Fem> a hack.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEbSbxiTOc8k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Core Features (Free Forever)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Deep Malware Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and your entire database for vulnerabilities, viruses, trojans, backdoors, and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">malicious redirects\u003C\u002Fa>.\n\u003Cul>\n\u003Cli>\u003Cstrong>Files:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors, shells including variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database:\u003C\u002Fstrong> Scans database tables for malicious injections, recurring malware and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Detection:\u003C\u002Fstrong> Specifically checks page titles and database records for “Japanese Keyword Hack”, “Pharma Hack” and other SEO spam symptoms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Scanner:\u003C\u002Fstrong> Checks your installed plugins and themes against our real-time database of known security vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Checksum Verification:\u003C\u002Fstrong> Automatically verifies your core files, themes, and plugins against the official checksums. If a file has been tampered with, we know instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uncompromising Detection:\u003C\u002Fstrong> Detects variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attack Surface Hardening & Firewall:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Path Traversal:\u003C\u002Fstrong> Stops attackers from accessing sensitive system files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block PHP Uploads:\u003C\u002Fstrong> Prevents malicious scripts from being uploaded to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stop User Enumeration:\u003C\u002Fstrong> Blocks bots from fishing for your username.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Protection:\u003C\u002Fstrong> Prevents user data leakage via the WP REST API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1622&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Security Hardening\u003C\u002Fa>:\u003C\u002Fstrong> Learn more about securing your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Watchdog (Background Monitor):\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Set it and forget it:\u003C\u002Fstrong> Malcure runs silently in the background using scheduled scans (configurable cadence) + integrity baseline to monitor changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stay Ahead:\u003C\u002Fstrong> Automatically catch new infections before they spread or damage your SEO rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Incident Response Toolkit:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Nuke User Sessions:\u003C\u002Fstrong> Instantly force-logout every user on the site to kick out intruders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Salt Shuffler:\u003C\u002Fstrong> One-click rotation of \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">security keys (salts)\u003C\u002Fa> to invalidate all browser cookies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forensic Flight Recorder (Event Log):\u003C\u002Fstrong> Track every security event. Know exactly \u003Cem>when\u003C\u002Fem> and \u003Cem>how\u003C\u002Fem> a breach might have occurred with our 100-day event log.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Search Console Integration:\u003C\u002Fstrong> Connect directly to Google to fetch security warnings and blacklist status in real-time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time API Updates:\u003C\u002Fstrong> Connects to the Malcure Cloud to fetch the latest threats and vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to Advanced Edition\u003C\u002Fh4>\n\u003Cp>For mission-critical websites that demand comprehensive protection and recovery tools.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>1-Click Surgical Repair:\u003C\u002Fstrong> Inspect, Delete, or Repair infected files instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Whitelisting:\u003C\u002Fstrong> Stop false alarms. Supports files, folders, and \u003Cstrong>Database Records\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration:\u003C\u002Fstrong> Complete command-line control for automated scanning and reporting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Definition Updates:\u003C\u002Fstrong> Definitions update automatically in the background.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>On-Demand Background Scans:\u003C\u002Fstrong> Trigger deep scans immediately without keeping your browser open.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Scan Filters:\u003C\u002Fstrong> For when you are specifically looking for something in the files or database or want to include, exclude specific files & directories\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Operations:\u003C\u002Fstrong> Critical file operations like deletion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Client-Servicing Features:\u003C\u002Fstrong> Like copying scan results to generate report for clients.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Scan:\u003C\u002Fstrong> For when you want to trigger a scan and forget it. The scan continues and emails you upon completion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support (Expertise):\u003C\u002Fstrong> When you want to consult or want to exploit advanced features or need help troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High-Priority Support:\u003C\u002Fstrong> Direct access to our security analysts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Get Malcure Advanced Edition\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Additional Resources for Malware Removal\u003C\u002Fh4>\n\u003Cp>Follow these expert guides to remove malware, recover lost traffic, and restore your online reputation:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1540&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">A step by step guide to remove the malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=13946&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Japanese Keyword Hack: How to Remove SEO Spam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5728&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">What is the Pharma Hack & How to fix it\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14143&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix Google Ads Disapproved for Malicious Software\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14477&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent SQL Injection Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5265&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Live Malware Infection Removal & Analysis\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=7207&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix “This Site May Harm Your Computer” Warning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Comprehensive Guide to Removing JavaScript Redirect Malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5699&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix a Blank WP-Admin Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=9102&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure WP CLI Integration & Cheatsheet\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14375&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent Brute Force Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Change Salt Keys\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Expert Malware Removal Service\u003C\u002Fh4>\n\u003Cp>In over your head? Our security analysts are on standby. We offer a complete \u003Cstrong>Malware Removal Service\u003C\u002Fstrong> that includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% Removal Guarantee:\u003C\u002Fstrong> We guarantee to remove all malware from your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Same Day Service:\u003C\u002Fstrong> Fast turnaround time to get your business back online.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Inspection:\u003C\u002Fstrong> Our experts manually inspect critical files (htaccess, wp-config, index.php) and your database.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist Removal:\u003C\u002Fstrong> We handle the removal of your site from blacklists like Google, Norton, McAfee, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening:\u003C\u002Fstrong> We identify the root cause and patch vulnerabilities to prevent future infections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>15-Day Cover:\u003C\u002Fstrong> Security analysts available 24\u002F7\u002F365 to ensure your site stays clean.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Book Expert Malware Removal\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Some files are detected by Malcure Malware Shield as “suspicious”. What gives?\u003C\u002Fh4>\n\u003Cp>Malcure’s DeepScan checks each file for malware. However some files aren’t pure malware but may contain code that is suspicious and could potentially do nasty things. You should carefully review and analyse them to see if they indeed do anything nasty.\u003C\u002Fp>\n\u003Ch4>I can’t get Malcure Malware Shield to work. It hangs \u002F doesn’t complete the scan \u002F breaks for some reason.\u003C\u002Fh4>\n\u003Cp>If you think that the plugin is broken, \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Malcure Malware Shield (or for that matter other plugins) may break on malware affected \u002F broken websites. \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure Advanced Edition\u003C\u002Fa> integrates with WP CLI and allows you to complete the scan from WP CLI even when the site is blocked by the webhost or when you are unable to login to the website.\u003C\u002Fp>\n\u003Ch4>My site is infected however Malcure Malware Shield doesn’t detect the infection.\u003C\u002Fh4>\n\u003Cp>Malware keeps evolving. If you come across malware that Malcure Malware Shield is not able to identify, you may \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=157&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>The scan gets stuck midway. What should I do?\u003C\u002Fh4>\n\u003Cp>In case of such an event, please file a support request with us and we’ll be more than happy to troubleshoot the issue.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">this page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I cleaned my site but it got infected again. What should I do?\u003C\u002Fh4>\n\u003Cp>Malware cleanup is a waste of time and effort unless you find the root cause behind the malware infection and monitor for recurrence. How was someone able to infect your website? Have you plugged in that security hole?\u003C\u002Fp>\n\u003Cp>Please read \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002Fblog\u002Fsecurity\u002Fwhy-do-wordpress-websites-get-hacked\u002F?utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Why Do Websites Get Hacked\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Google Safe Browsing site status (or some other scanner) still shows my site as infected. What should I do?\u003C\u002Fh4>\n\u003Cp>First make sure you purge your site cache. Second, Google (and other scanners) cache the results for some time. You’ll need to force or refresh the scan. You can also file a request with us to \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=107&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">get your site off any blacklists\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I found a suspicious file, what now?\u003C\u002Fh4>\n\u003Cp>If Malcure flags it, it’s likely malicious. You can inspect the file content using our built-in inspector. If you’re unsure, consider our \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Expert Malware Removal Service\u003C\u002Fa>.\u003C\u002Fp>\n","Fast malware removal & security shield. Fix hacks, stop redirects, clean SEO spam. Real-time threat intelligence. No bloat.",10000,605372,88,69,"2026-02-13T05:45:00.000Z","3.7.4","5.6",[90,91,23,24,92],"antivirus","malware-scanner","vulnerability-scanner","https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=plugin-header&utm_medium=web&utm_campaign=wpmr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-malware-removal.19.8.zip",96,"2025-09-03 00:00:00",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":88,"tags":112,"homepage":114,"download_link":115,"security_score":116,"vuln_count":117,"unpatched_count":29,"last_vuln_date":118,"fetched_at":31},"virusdie","Virusdie – One-click website security","1.1.8","Virusdie","https:\u002F\u002Fprofiles.wordpress.org\u002Fvirusdie\u002F","\u003Cp>ONE-CLICK WEBSITE SECURITY WITH VIRUSDIE WORDPRESS PLUGIN\u003C\u002Fp>\n\u003Ch3>Welcome to the most anticipated website security plugin – Virusdie WordPress Plugin!\u003C\u002Fh3>\n\u003Cp>Managing website security like malware scanning and removal, website hardening, patch management, real-time website protection against online attacks, and blacklist monitoring – is an automatic pleasure and we can prove it!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>More than 3 million\u003C\u002Fstrong> connected websites!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>99.87% malware and vulnerabilities detection rate.\u003C\u002Fstrong> The best detection rate in the industry. Virusdie detects as many threats as possible, including new kinds of threats\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No false positives.\u003C\u002Fstrong> False positives rate — less than 0.0002%. You can always be sure that your antivirus won’t mislead you)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website cleanup in one click.\u003C\u002Fstrong> The industry’s safest automatic cleanup procedures ensure that your site will remain stable after cleanup (automatic malware removal)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time website protection\u003C\u002Fstrong> against attacks by Website Firewall (protection against bad bots, DoS, XSS, SQL injections, suspicious uploads and activities, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Virtual and real patch management\u003C\u002Fstrong> (website hardening). It makes a virtual patch automatically or updates your vulnerable plug-ins and other site components in seconds, minimizing the risk of future problems.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist monitoring and blacklisting tool\u003C\u002Fstrong> that help you save time for unblacklisting by an automated un-blacklist wizard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smooth onboarding:\u003C\u002Fstrong> only dashboard with all you need. Manage Virusdie tools in a click! Your website is in full view: entire web-security status on one page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Friendly and responsive Virusdie support team.\u003C\u002Fstrong> We are welcome to help you and answer your questions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To avoid interruptions to your business, you need to keep your site free of viruses. As they say, shit happens — but when it does, you have to clean it up, and fast. Today, Virusdie makes it possible to resolve 100% of the security issues most businesses face, either fully or partially automatically. We’ve taken powerful website security tools and made them friendly and automatic in WordPress plugin format. Now, you can scan, clean, and protect your site from a single panel with just one click of the mouse. What’s more, you won’t need any help to use Virusdie. This means that you’ll save tons of time while keeping your site’s security under your control!\u003C\u002Fp>\n\u003Ch4>Free plan feature list:\u003C\u002Fh4>\n\u003Cp>1. Antivirus:\u003C\u002Fp>\n\u003Col>\n\u003Cli>No extreme server CPU load while scanning!\u003C\u002Fli>\n\u003Cli>Instant malware database update. The antivirus database is automatically updated in the background, so you won’t even have to think about doing anything manually to be sure you can eliminate as many viruses and vulnerabilities as possible.\u003C\u002Fli>\n\u003Cli>Scans once a month:\n\u003Cul>\n\u003Cli>Scanning website files for malware: all website files (not just CMS’ files), themes, plugins, PHP, JS, HTML, images, files with no type, any binary files and system files, .htaccess, and files with custom types and archives.\u003C\u002Fli>\n\u003Cli>Scanning website database. Scan posts and comments for bad URLs and suspicious content, scan posts and comments for malware and injections.\u003C\u002Fli>\n\u003Cli>Scanning for malware types (threats): malware, malicious redirects, Trojans, backdoors, shell scripts, malicious codes, bad URLs and SEO spam, defaces, code injections, browser coin miners.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Detailed scan reports with malware and threats description and recommendations.\u003C\u002Fli>\n\u003Cli>Add files to the exclusion list to ignore them in future scans.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#3rdPage\" rel=\"nofollow ugc\">Virusdie Antivirus\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>2. WAF:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Don’t slow down your website while you’re using WAF!\u003C\u002Fli>\n\u003Cli>Instant Firewall rules database update.\u003C\u002Fli>\n\u003Cli>Bad requests, hacks attempts and attacks detection.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#6page\" rel=\"nofollow ugc\">Virusdie Firewall\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>3. Patch Management (website hardening)\u003C\u002Fp>\n\u003Col>\n\u003Cli>Instant vulnerabilities database update.\u003C\u002Fli>\n\u003Cli>Check site (files, themes, plugins and components) for known security vulnerabilities and alerts you if found.\u003C\u002Fli>\n\u003Cli>Scan once a month.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#4rdPage\" rel=\"nofollow ugc\">Virusdie Patch Manager\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>4. Blacklists Monitoring\u003C\u002Fp>\n\u003Col>\n\u003Cli>Checking your website more than 60+ blacklists automatically.\u003C\u002Fli>\n\u003Cli>One-click to un-blacklist.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#7page\" rel=\"nofollow ugc\">Virusdie Blacklist Monitoring\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Premium plan feature list:\u003C\u002Fh4>\n\u003Cp>(In addition to the free plan’ feature list)\u003C\u002Fp>\n\u003Cp>1. Antivirus:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Daily scans and Unlimited scans.\u003C\u002Fli>\n\u003Cli>Automatic malware removal: The safest in the industry automatic malware removal – Your website continues to run stably after the automated cleanup.\u003C\u002Fli>\n\u003Cli>Unlimited site cleanups.\u003C\u002Fli>\n\u003Cli>File editor.\u003C\u002Fli>\n\u003Cli>Malicious code highlighting in the file editor.\u003C\u002Fli>\n\u003Cli>Pre-cleanup file backups.\u003C\u002Fli>\n\u003Cli>Exclusion list to add files and ignore them in future scans.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#3rdPage\" rel=\"nofollow ugc\">Virusdie Antivirus\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>1. Firewall:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Basic bad request protection.\u003C\u002Fli>\n\u003Cli>XSS and SQL injection protection.\u003C\u002Fli>\n\u003Cli>DoS-attacks protection.\u003C\u002Fli>\n\u003Cli>Brute force protection by limiting login attempts.\u003C\u002Fli>\n\u003Cli>Content scraping protection.\u003C\u002Fli>\n\u003Cli>Malicious uploads prevention.\u003C\u002Fli>\n\u003Cli>IP whitelisting\u002Fblacklisting.\u003C\u002Fli>\n\u003Cli>URL blocking.\u003C\u002Fli>\n\u003Cli>Country blocking.\u003C\u002Fli>\n\u003Cli>History of blocked requests.\u003C\u002Fli>\n\u003Cli>Make custom rules to block requests based by: IP Range, Hostname, User Agent and Referrer.\u003C\u002Fli>\n\u003Cli>Make custom rules generic type for POST\u002FGET requests.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#6page\" rel=\"nofollow ugc\">Virusdie Firewall\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Patch Management:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Daily and Unlimited scans.\u003C\u002Fli>\n\u003Cli>Automatic virtual vulnerability patching (website hardening).\u003C\u002Fli>\n\u003Cli>Automatic real patch management.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Find out more about \u003Ca href=\"https:\u002F\u002Fvirusdie.com\u002Ftools\u002F#4rdPage\" rel=\"nofollow ugc\">Virusdie Patch Manager\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Coming soon:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Teamwork:\u003C\u002Fstrong> you will be able to share access to your site with your team. Simple and secure!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website sharing.\u003C\u002Fstrong> You’ll be able to share your website access with your digital agency who manage your website security – with one click!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website insurance and security expert marketplace:\u003C\u002Fstrong> for being confident that in the event of a complex website infection or damage to your site, getting help from third-party security experts to restore your site won’t cost you any more than the minimum cost in your insurance policy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Firewall statistics and attack attempts reports will be available on the free tier plan!\u003C\u002Fstrong> Keep your finger on the website pulse even for free!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Join us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWebSecCommunityVirusdie\" rel=\"nofollow ugc\">Facebook Community\u003C\u002Fa> and find out more about Virusdie cloud security tools.\u003C\u002Fp>\n","Malware scanning & removal, website hardening, patching vulnerabilities, real-time protection against online attacks, blacklist monitoring in a click!",2000,34436,80,9,"2026-01-30T22:05:00.000Z","6.8.5","5.0",[90,69,91,23,113],"security-plugin","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvirusdie.1.1.8.zip",95,4,"2026-02-18 00:00:00",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":107,"num_ratings":129,"last_updated":130,"tested_up_to":16,"requires_at_least":131,"requires_php":114,"tags":132,"homepage":134,"download_link":135,"security_score":72,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"cwis-antivirus-malware-detected","WebDefender Security – Protection & AntiSpam","5.0.2.1","CobWeb Security Ltd.","https:\u002F\u002Fprofiles.wordpress.org\u002Fcwis\u002F","\u003Ch4>A Professional Security Protection Plugin for WP\u003C\u002Fh4>\n\u003Cp>The WebDefender was developed by a team of security experts and it incorporates professional security tools for the best all around WordPress website protection and prevention of threats. Includes GDPR compline module.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Smart Protection \u002F Website Hide Function (Prevent Hacker Attack \u002F Security) \u002F Anti-Spam Protection \u002F Brute Force Bot Attack Prevention \u002F Smart Firewall\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detection \u002F Antivirus Scanner \u002F Database Malware \u002F Adware, Spyware, Spam Links\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Diagnostic \u002F Vulnerabilities Detection \u002F Blacklist Monitoring\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built-in Malware Removal Tool \u002F Security Cleaning Tool\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening \u002F Hosting Hardening Check \u002F Automatic Updating Function\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Tools \u002F GDPR Compliance Function\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All of these solution make the WebDefender one of the best all around security protection tools for your WordPress resource.\u003C\u002Fp>\n\u003Ch3>The WebDefender offers the following tools and protection measures\u003C\u002Fh3>\n\u003Ch4>Primary Protection Function\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Website Hide function\u003C\u002Fstrong> that hides your WP site from crawlers spiders and bots.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hides website from bots, hides the core WP website components, plugins and themes.\u003C\u002Fli>\n\u003Cli>Fully automatic encryption of your website components.\u003C\u002Fli>\n\u003Cli>Coding website without use of the .htaccess file.\u003C\u002Fli>\n\u003Cli>One click installation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Protection Functions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Smart Firewall\u003C\u002Fstrong> that detects and blocks bot traffic. This is a perfect and powerful prevention tool.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anti-Bot Protection\u003C\u002Fstrong> – Monitors web traffic, filters out, and blocks bad bot traffic to a website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anti-SPAM Protection\u003C\u002Fstrong> – Automatic detection of all comments insert by bots and their filtration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute Force Bot Attack Prevention\u003C\u002Fstrong> – Bots detection system to prevent attempts to crack a password (login security).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Antivirus Security Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>A professional \u003Cstrong>Antivirus Scanner\u003C\u002Fstrong> that will scan your website from external threats. Designed to detect adware and malware, backdoors, exploits, phishing code, trojans and viruses, include built-in \u003Cstrong>malware removal tool\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Malware Scanning\u003C\u002Fstrong> – A unique ability of our algorithm is scanning the website’s database. This function crucial as more and more hackers use SQL injection to infect the websites with malware.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Adware, Spyware and SPAM links detection\u003C\u002Fstrong> – Protect you website from attached code attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerabilities Detection\u003C\u002Fstrong> – Plugins and themes security vulnerabilities, SQL, XSS injections, vulnerable and insecure scripts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist Monitoring\u003C\u002Fstrong> – Check your website reputation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Updater\u003C\u002Fstrong> – an automatic functional tool for updating your WordPress Core versions, plugins and themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hardening\u003C\u002Fstrong> – Detect the hosting configuration security parameter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Malware Removal Tool\u003C\u002Fh4>\n\u003Cp>Built-in file viewer and editor is an easy to use security cleaning tool for the removal of infected codes or its part depending on the type of infection.\u003C\u002Fp>\n\u003Ch4>GDPR Compliance Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>GDPR Consent management\u003C\u002Fli>\n\u003Cli>Cookies and data collection privacy management\u003C\u002Fli>\n\u003Cli>User data management\u003C\u002Fli>\n\u003Cli>Privacy information should we provide to user\u003C\u002Fli>\n\u003Cli>Personal data breaches\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Companies that collect data on citizens in European Union (EU) countries will need to comply with strict new rules around protecting customer data by May 25, 2018. The General Data Protection Regulation (GDPR) is expected to set a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in place to comply.\u003C\u002Fp>\n\u003Cp>Compliance will cause some concerns and new expectations of security teams. For example, the GDPR takes a wide view of what constitutes personal identification information. Companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.\u003C\u002Fp>\n\u003Cp>This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE:\u003C\u002Fstrong> Installing this plugin does not guarantee a full compliment with the GDPR. Please contact a GDPR consultant or a law firm to assess the necessary measures.\u003C\u002Fp>\n\u003Ch3>Technical Description\u003C\u002Fh3>\n\u003Ch4>Hide Function – Perfect Security and Protection solution\u003C\u002Fh4>\n\u003Cp>A passive security mechanism for hack protection against crawlers spiders and bots. A fullprof function – one click and your website will become hidden from bots.\u003C\u002Fp>\n\u003Cp>The Hider algorithm encrypts all layers of a website, thus hiding it from hackers by making existing vulnerabilities and other security risks invisible when searched and does not require manual configuration. Our encoding algorithm does not use the .htaccess file therefore there is no disruption to the operation of your website. This function will make your WordPress website totally invisible! A crucial step in improving your website security.\u003C\u002Fp>\n\u003Ch4>Smart Protection\u003C\u002Fh4>\n\u003Cp>A web application firewall filters, monitors, and blocks bad bot traffic to a website. It is deployed in “front” of a website and analyzes traffic – detecting and blocking anything malicious.\u003C\u002Fp>\n\u003Ch4>Anti SPAM\u003C\u002Fh4>\n\u003Cp>WebDefender includes a unique automatic algorithm for diagnosing the text entered on your website (forum, forms, comments and etc,) where made by a human or a bot. Bots won’t be allowed to enter text on your website. This is a unique algorithm, providing a unique solution to our clients.\u003Cbr \u002F>\nThe crisis is a time when almost every site is faced with a flurry of unwanted emails from reverse forms, posts and comments. Robots literally attack corporate e-mails, because of which sometimes valuable applications can be missed. But putting a captcha on the site you risk losing customer loyalty, as poorly readable images annoy 90% of users. Therefore, we offer a solution developed by WEbdefender specialists to protect the site from spam robots .\u003C\u002Fp>\n\u003Ch4>Brute Force Attack Protection\u003C\u002Fh4>\n\u003Cp>Hackers frequently use automatic bot systems to Brute force a website. Our algorithm detects those bots and prevents attempts of a password crack.\u003C\u002Fp>\n\u003Ch4>The “WebDefender” Antivirus Scanner\u003C\u002Fh4>\n\u003Cp>The builtin professional and multi-functional antivirus scanner offers top of the line security features and advanced functions for viruses and vulnerabilities detection. The scanner incorporates a user friendly malware removal tool. The diagnostic is performed by using a known database of virus signatures as well as Cobweb-Security’s Heuristic algorithm that can detected previously unknown virus signatures and zero-day vulnerabilities thus providing enterprise-level security capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WebDefender Antivirus Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Virus and malware antivirus scanner\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database security scanning (exclusive function)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ZIP file scanning (exclusive function)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Adware, Spyware and SPAM links detection\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful and easy to use malware removal tool\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security hardening analytics and recommendations\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time malware signature updates (Professional or Premium)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scanner scheduler’s settings (Professional or Premium)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database Malware Scanning\u003C\u002Fh4>\n\u003Cp>An unique ability of our algorithm is scanning the website’s database. This function crucial as more and more hackers use SQL injection to infect the websites with malware.\u003C\u002Fp>\n\u003Ch4>Adware, Spyware and SPAM links detection\u003C\u002Fh4>\n\u003Cp>The WebDefender Scanner successfully detects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SEO & SPAM links\u003C\u002Fli>\n\u003Cli>Doorway pages (SEO)\u003C\u002Fli>\n\u003Cli>iFrame injections\u003C\u002Fli>\n\u003Cli>Black-hat SEO infections\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vulnerabilities Detection\u003C\u002Fh4>\n\u003Cp>One of the most important parts of your website security and protection is a well-timed analysis for plugin, CMS and database vulnerabilities. These security vulnerabilities are an easy way for a hacker to crawl into your website. That’s why a well-timed diagnosis and update are vital for hardening the protection of the website.\u003C\u002Fp>\n\u003Cp>Our security scanner is able to find:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plugins and themes vulnerabilities\u003C\u002Fli>\n\u003Cli>SQL, XSS malicious injections\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Blacklist Monitoring\u003C\u002Fh4>\n\u003Cp>The WebDefenders’ Blacklist Monitoring scanner checks IP addresses and website domains in the 10  most popular security blacklists and safe browsing databases.\u003C\u002Fp>\n\u003Cp>Real-time Blacklists or Blackhole lists – also called DNS-based Blackhole Lists – are lists of IP addresses published through DNS. Often there are listed computers or networks that may spam or consist malware in such lists. Many secure corporate mail servers are configured to reject or flag messages which have been sent from IP addresses listed in one of these security blacklists.\u003C\u002Fp>\n\u003Cp>Leading email systems like Gmail, Yahoo and Hotmail also use security blacklists to filter emails by addresses. If your network’s IP addresses end up in a blacklist, you and your customers can experience problems sending and receiving emails. It can significantly damage your business.\u003C\u002Fp>\n\u003Cp>WebDefender Blacklist Monitoring scanner will automatically alert you if your website addresses or domains become listed in any of the widely used URL blacklists.\u003C\u002Fp>\n\u003Ch4>The Updater – WP Core, plugin and theme automatic update\u003C\u002Fh4>\n\u003Cp>The importance of using the latest updated version of the WP core, plugins and themes is understandable to everyone and not only for the increase in functionality but in no small degree for the security of the website.\u003C\u002Fp>\n\u003Cp>To make it easier to keep track of update releases for WordPress Core, plugins and themes and installing them automatically, CobWeb-Security has introduced the Security Updater to the functionality of the WebDefender plugin.\u003C\u002Fp>\n\u003Cp>The Updater will enable you to keep track of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Core Updates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Plugin Updates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Theme Updates\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The Updater has three separate blocks for managing themes, plugins, and WordPress core settings.\u003C\u002Fp>\n\u003Cp>You can choose to update only individual plugins or themes or you can choose to update all of the installed themes and plugins. The Updater will also mark with different colors the importance of an update ( red to green)\u003C\u002Fp>\n\u003Ch4>Security Hardening\u003C\u002Fh4>\n\u003Cp>This function detects the hosting configuration security parameters.\u003C\u002Fp>\n\u003Ch4>Malware Removal Tool, Powerful & Easy To Use\u003C\u002Fh4>\n\u003Cp>The WebDefender Security Scanner will not only help you find all of the viruses and malicious code on your website but we will also help you remove the malware easily. Our built-in file viewer and editor is an easy to use security cleaning tool for the removal of infected codes or its part depending on the type of infection. The cleaning process is fairly simple, but it requires some knowledge in coding.\u003C\u002Fp>\n\u003Ch4>Preparing you website for the General Data Protection Regulation (GDPR)\u003C\u002Fh4>\n\u003Cp>This extension for our security plugin helps the website owner or company Data Protection Officer (DPO), Controller, Data Processor employees to fit the web application with the obligations and rights enacted under the GDPR requirement.\u003C\u002Fp>\n\u003Ch4>Professional Upgrade\u003C\u002Fh4>\n\u003Cp>Enhance the security of your website with our Professional upgrade. The Professional package will provide our clients with these additional features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>FireWall:\n\u003Cul>\n\u003Cli>Real-time firewall rules updates\u003C\u002Fli>\n\u003Cli>Real-time IP Blacklists\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Hide Function:\n\u003Cul>\n\u003Cli>New mask codes for updating the Hide function online\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Scanner:\n\u003Cul>\n\u003Cli>Real-time malware signature updates\u003C\u002Fli>\n\u003Cli>Scanner scheduler settings (Professional or Premium)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Premium Program\u003C\u002Fh4>\n\u003Cp>We also offer a Professional WebDefender key that will give you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Scanner scheduler’s settings\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upgrade to Premium support\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database malware scan (WebDefender exclusive function)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scanner report export function\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A 100% protection – your website’s security in our hands. Our team will monitor your website online 24\u002F7, in case of a hacker attack or malware injection, we will clean and repair you website.\u003C\u002Fp>\n\u003Cp>You can \u003Ca href=\"http:\u002F\u002Fcobweb-security.com\u002Four-product\u002F\" title=\"Fix and protect your site\" rel=\"nofollow ugc\">click here to sign-up\u003C\u002Fa> for WebDefender Professional or Premium now.\u003C\u002Fp>\n\u003Ch4>Cookies set by the Plugin and WordPress\u003C\u002Fh4>\n\u003Cp>This plugin keeps track of user consent by saving them to the database. We can only do that for logged in users. For visitors, however, we track their concent by creating a cookie and storing their preferences there. The same logic applies for cookies. We set a cookie named \u003Cstrong>gdpr\u003C\u002Fstrong> that stores that information.\u003C\u002Fp>\n\u003Cp>WordPress also stores cookies on log in or commenting on a post. You can learn more about \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FWordPress_Cookies\" rel=\"nofollow ugc\">WordPress cookies here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to several external services provided by Cobweb Security in order to deliver antivirus and malware scanning functionality.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>CWIS Version Check Service\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fupdate.cobweb-security.com\u002Freleases\u002Fversion.json\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Used to check the latest plugin version and update information.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> Only the plugin version installed is sent.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service & Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.cobweb-security.com\u002Fprivacy\" rel=\"nofollow ugc\">Cobweb Security Terms & Privacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>CWIS Licensing API\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fclients.cobweb-security.com\u002Fmodules\u002Fservers\u002Fcwislicensing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Validates the plugin license and ensures legitimate usage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> Plugin license key and site domain.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service & Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.cobweb-security.com\u002Fprivacy\" rel=\"nofollow ugc\">Cobweb Security Terms & Privacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>CWIS Host Check Service\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fcheck.cobweb-security.com\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Performs security checks and retrieves signature updates.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> Site domain and plugin environment info.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service & Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.cobweb-security.com\u002Fprivacy\" rel=\"nofollow ugc\">Cobweb Security Terms & Privacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>CWIS Signature Updates\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> https:\u002F\u002Fupdate.cobweb-security.com\u002Freleases\u002Fcwis-signatures.json\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> Retrieves malware signature updates for scanning.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> No personal data is sent; only plugin requests for the latest signatures.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service & Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.cobweb-security.com\u002Fprivacy\" rel=\"nofollow ugc\">Cobweb Security Terms & Privacy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>These services are necessary for the proper operation of the plugin. No sensitive user data is sent without consent, and all external connections are limited to the above services.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdownload\u002F\" title=\"Download WordPress\" rel=\"ugc\">WordPress\u003C\u002Fa> version \u003Cstrong>2.8\u003C\u002Fstrong> or higher\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsecure.php.net\u002F\" title=\"PHP scripting language\" rel=\"nofollow ugc\">PHP\u003C\u002Fa> version \u003Cstrong>4.1.0\u003C\u002Fstrong> or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Final Notes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>We’re greatly appreciate for any references in the social networks, forums or blogs to our security scanner \u003Ca href=\"https:\u002F\u002Fcobweb-security.com\u002Fpages\u002Ffree-website-antivirus\u002F\" title=\"CobWeb Security Ltd.\" rel=\"nofollow ugc\">https:\u002F\u002Fcobweb-security.com\u002Fpages\u002Ffree-website-antivirus\u002F\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you have any suggestions, ideas, or comments, or if you found a bug, write us \u003Ca href=\"mailto:cwis@cobweb-security.com\" title=\"Email us\" rel=\"nofollow ugc\">cwis@cobweb-security.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","PRO Security – Antivirus Scanner, 2-Layer Protection Hide Security, Brute Force Security  & Antispam, Security Website and Security Hardening.",1000,273166,18,"2026-01-20T06:00:00.000Z","2.8",[91,21,23,113,133],"wordpress-security","https:\u002F\u002Fcobweb-security.com\u002Fpages\u002Ffree-website-antivirus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcwis-antivirus-malware-detected.zip",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":144,"downloaded":145,"rating":72,"num_ratings":48,"last_updated":146,"tested_up_to":16,"requires_at_least":111,"requires_php":114,"tags":147,"homepage":148,"download_link":149,"security_score":72,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"moesec","MoeSec Security – Comprehensive Malware Scanner & Security Suite","2.1","MoeSec","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoesec\u002F","\u003Cp>MoeSec.com is a comprehensive Website Security Platform to protect your website against Hackers, Malware, Vulnerabilities and various threats.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fm6FcDT6NMNQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>The Free MoeSec Security plugin is a powerful security plugin designed to safeguard your WordPress website against a wide range of security threats. With its comprehensive set of features, MoeSec offers Malware Scanning, Malware Detection, Integrity, Logging, Backups, Brute Force & Login Protection and much more. You can visit MoeSec.com to learn more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>File and Database Malware Scanner:\u003C\u002Fstrong> Detect malicious code injections in your files or database and check for known malicious admin users with options to edit, delete, quarantine, whitelist or report a suspicious file for further investigation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Security Scan:\u003C\u002Fstrong> Remote Scanning to quickly Check your website for Malware infections, Hack signs, Redirects, Abnormal behaviors and more by scanning it using our external website malware scan engine \u003Ca href=\"https:\u002F\u002Fscan.moesec.com\" rel=\"nofollow ugc\">MoeSec Website Scanner\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Core Integrity Check:\u003C\u002Fstrong> Ensure your WordPress installation hasn’t been tampered with. Scheduled Checks and Email notifications! You can whitelist any customized files or changes!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Protection:\u003C\u002Fstrong> Prevent brute force attacks and implement \u003Cem>2FA – Two-Factor authentication\u003C\u002Fem> via Email or Auth Apps such as Google Authenticator.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Firewall:\u003C\u002Fstrong> Block requests & traffic from specific IPs, IP ranges, Geo-Blocking entire selected countries, user agents and bad bots.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Hardening:\u003C\u002Fstrong> Implement best practices to secure your WordPress installation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Admin URL:\u003C\u002Fstrong> You can change wp-admin to any custom admin URL for extra protection against automated attacks and bot requests!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bad Bot Blocking:\u003C\u002Fstrong> Prevent malicious bots from accessing your site. You can block Bots, Crawlers & User Agents!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup System:\u003C\u002Fstrong> Generate Website Backups, Database Backups, Schedule Automated backups for your website! \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scheduled Scans:\u003C\u002Fstrong> Automate security checks at regular intervals.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications:\u003C\u002Fstrong> Stay informed about security events and scan results.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Much More!\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>MoeSec is regularly updated to address the latest security threats and WordPress vulnerabilities, ensuring that your website remains protected against emerging risks.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>You can integrate your website with \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\" rel=\"nofollow ugc\">Recaptcha\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwww.hcaptcha.com\" rel=\"nofollow ugc\">hCaptcha\u003C\u002Fa> to help mitigating spam visits or fake login attempts. Once this option is enabled, The plugin will communicate to their respected APIs using your own keys that you have created directly with the services and agreed to their terms and privacy policies.\u003C\u002Fp>\n\u003Cp>Also, This plugin is connecting and communicating to our \u003Ca href=\"https:\u002F\u002Fscan.moesec.com\" rel=\"nofollow ugc\">MoeSec Website Scanner Engine\u003C\u002Fa> to perform external website security scans for your website. We don’t send or store anything other than the website URL\u002FDomain during scans and processing the requests or showing scan results.\u003C\u002Fp>\n\u003Cp>Also, This plugin is fetching our update servers on \u003Ca href=\"https:\u002F\u002FMoeSec.com\" rel=\"nofollow ugc\">MoeSec\u003C\u002Fa> everyday to look for new signature updates.\u003C\u002Fp>\n\u003Cp>Also, For Creating QR codes, The plugin is communicating with \u003Ca href=\"https:\u002F\u002Fapi.qrserver.com\" rel=\"nofollow ugc\">qrserver\u003C\u002Fa> just for creating the needed QR codes.\u003C\u002Fp>\n\u003Ch3>Additional Info\u003C\u002Fh3>\n\u003Cp>For more information, please visit \u003Ca href=\"https:\u002F\u002Fmoesec.com\" rel=\"nofollow ugc\">MoeSec\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you need professional assistance with malware removal or advanced security protection for your website, please visit our \u003Ca href=\"https:\u002F\u002Fmoesec.com\" rel=\"nofollow ugc\">Professional Services\u003C\u002Fa> .\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>MoeSec is committed to protecting your privacy. The plugin does not collect any personal data from your website visitors. It only processes data within your WordPress installation to perform security scans and implement protective measures.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002FMoeSec.com\" rel=\"nofollow ugc\">MoeSec\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin’s other home\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002FMoeSec.com\u002Fwordpress-security-plugin\u002F\" rel=\"nofollow ugc\">MoeSec Security Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","MoeSec Security is a comprehensive plugin for Malware Scanning, Monitoring, Integrity, Security Hardening and Protection.",30,1384,"2025-12-09T09:28:00.000Z",[90,69,20,22,23],"https:\u002F\u002FMoeSec.com\u002Fwordpress-security-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmoesec.2.1.zip",{"attackSurface":151,"codeSignals":186,"taintFlows":195,"riskAssessment":196,"analyzedAt":204},{"hooks":152,"ajaxHandlers":182,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":29,"unprotectedCount":29},[153,159,163,168,171,175,178],{"type":154,"name":155,"callback":156,"file":157,"line":158},"action","nscan_garbage_collector","nscan_gc","index.php",144,{"type":154,"name":160,"callback":161,"file":157,"line":162},"admin_init","nscan_init",240,{"type":154,"name":164,"callback":165,"priority":166,"file":157,"line":167},"admin_menu","nscan_admin_menu",11,331,{"type":154,"name":169,"callback":165,"priority":166,"file":157,"line":170},"network_admin_menu",333,{"type":154,"name":172,"callback":173,"file":157,"line":174},"admin_footer","nscan_insert_jscss",419,{"type":154,"name":172,"callback":176,"file":157,"line":177},"nscan_status_ajax_all",425,{"type":154,"name":179,"callback":180,"file":157,"line":181},"nscan_scheduled_scan","nscan_sched_cron",471,[],[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":48,"externalRequests":29,"nonceChecks":28,"capabilityChecks":193,"bundledLibraries":194},[],{"prepared":29,"raw":29,"locations":189},[],{"escaped":191,"rawEcho":29,"locations":192},6,[],5,[],[],{"summary":197,"deductions":198},"The static analysis of ninjascanner v3.2.8 reveals a generally strong security posture. The plugin demonstrates excellent adherence to secure coding practices by having no unprotected AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the code signals show a complete absence of dangerous functions, raw SQL queries, and unescaped output. The presence of nonce and capability checks indicates a thoughtful approach to access control.  However, the analysis does not include taint analysis, leaving a gap in understanding potential data flow vulnerabilities.  The vulnerability history, while showing no currently unpatched CVEs, does indicate a past high-severity vulnerability related to Absolute Path Traversal. The fact that this was resolved and is no longer unpatched is positive, but the nature of the vulnerability is a concern and suggests past potential weaknesses that could resurface if not continuously monitored.\n\nOverall, ninjascanner v3.2.8 appears to be developed with security in mind, particularly in its handling of entry points and data output. The lack of critical or high-severity issues in the current static analysis is commendable.  The primary area for caution stems from the past vulnerability history, which highlights a specific type of risk that, while addressed, warrants continued vigilance.  The absence of taint analysis means that while no immediate critical flaws are apparent from static code review, the potential for complex, data-dependent vulnerabilities cannot be entirely ruled out without further dynamic analysis.",[199,202],{"reason":200,"points":201},"Past high severity vulnerability",15,{"reason":203,"points":193},"Taint analysis not performed","2026-03-16T17:23:17.215Z",{"wat":206,"direct":223},{"assetPaths":207,"generatorPatterns":214,"scriptPaths":215,"versionParams":216},[208,209,210,211,212,213],"\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fcss\u002Fnscan-style.css","\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fcss\u002Fnscan-fonticon.css","\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fcss\u002Fnscan-animate.css","\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fjs\u002Fnscan-bootstrap.min.js","\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fjs\u002Fnscan-dataTables.min.js","\u002Fwp-content\u002Fplugins\u002Fninjascanner\u002Fasset\u002Fjs\u002Fnscan-script.js",[],[211,212,213],[217,218,219,220,221,222],"ninjascanner\u002Fasset\u002Fcss\u002Fnscan-style.css?ver=","ninjascanner\u002Fasset\u002Fcss\u002Fnscan-fonticon.css?ver=","ninjascanner\u002Fasset\u002Fcss\u002Fnscan-animate.css?ver=","ninjascanner\u002Fasset\u002Fjs\u002Fnscan-bootstrap.min.js?ver=","ninjascanner\u002Fasset\u002Fjs\u002Fnscan-dataTables.min.js?ver=","ninjascanner\u002Fasset\u002Fjs\u002Fnscan-script.js?ver=",{"cssClasses":224,"htmlComments":236,"htmlAttributes":266,"restEndpoints":281,"jsGlobals":290,"shortcodeOutput":293},[225,226,227,228,229,230,231,232,233,234,235],"nscan-section-body","nscan-form-content","nscan-menu-item-icon","nscan-btn-default","nscan-settings-content","nscan-main-content","nscan-row","nscan-col","nscan-scan-status-running","nscan-scan-status-completed","nscan-scan-status-failed",[237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265],"\u003C!-- (c) NinTechNet ~ https:\u002F\u002Fnintechnet.com\u002F -->","\u003C!-- Both constants are used by NinjaFirewall:","\u003C!-- Load (force) our translation files.","\u003C!-- Helpers","\u003C!-- AJAX hooks","\u003C!-- User interface functions","\u003C!-- Activation: make sure the blog meets the requirements.","\u003C!-- This is not the first time we run:","\u003C!-- First run: get and save default settings:","\u003C!-- Setup the garbage collector (via WP-cron):","\u003C!-- Deactivation: stop any cron.","\u003C!-- Run the garbage collector to clean-up the cached folder.","\u003C!-- View the file or compare it to the original one. Applies to WordPress","\u003C!-- core files or to themes\u002Fplugins available in the wordpress.org repo.","\u003C!-- Additionally, adjust options if we just update the plugin to a newer","\u003C!-- version.","\u003C!-- Admin\u002FSuperadmin only:","\u003C!-- Load the selected file(s) in the pop-up window:","\u003C!-- Verify security nonce:","\u003C!-- File must exist:","\u003C!-- File must be readable:","\u003C!-- File must be in the ABSPATH or DOCUMENT_ROOT (or the folder above them):","\u003C!-- Make sure the file was flagged as suspicious by the scanner.","\u003C!-- View file:","\u003C!-- Compare the file to the original one:","\u003C!-- Updates may require to adjust the current configuration:","\u003C!-- Display settings link in the \"Plugins\" page.","\u003C!-- If a scanning process is running, we remove","\u003C!-- the \"Deactivate\" link and add a warning instead:",[267,268,269,270,271,272,273,274,275,276,277,278,279,280],"data-toggle","data-target","data-controls-modal","data-backdrop","data-keyboard","data-controls-text","data-placement","data-original-title","aria-labelledby","aria-hidden","role","data-id","data-action","data-value",[282,283,284,285,286,287,288,289],"\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Fscan\u002Fstart","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Fscan\u002Fstatus","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Fscan\u002Fstop","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Ffiles\u002Flist","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Ffiles\u002Fget","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Ffiles\u002Frestore","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Fsettings\u002Fget","\u002Fwp-json\u002Fninjascanner\u002Fv1\u002Fsettings\u002Fupdate",[291,292],"nscan_data","nscan_scan_running",[]]