[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fh2PqahzMwz_Q6kyF_72GSWBjCd_VDYvSXXJ1rp1l5Qw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":150,"fingerprints":638},"otp-authenticator","OTP Authenticator","1.1","Alexandre Froger","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrogerme\u002F","\u003Cp>Add Two-Factor Authentication, Passwordless Authentication and Account Validation to your WordPress website.\u003C\u002Fp>\n\u003Ch3>Overview\u003C\u002Fh3>\n\u003Cp>This plugin adds the following major features to WordPress:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>3 One-Time Password modes\u003C\u002Fstrong>: Two-Factor Authentication, Passwordless Authentication and Account Validation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>3 Authentication Gateways for OTP Verification Codes:\u003C\u002Fstrong> WordPress Email, Twilio SMS, Alibaba Cloud SMS ; all with option to use a sandbox mode.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two-Factor Authentication:\u003C\u002Fstrong> allow (or force) users to authenticate with a second factor on top of their password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Passwordless Authentication:\u003C\u002Fstrong> allow users to login simply with their username, an identifier, and an OTP Verification Code (identifier depending on the Authentication Gateway – email or phone number supported with the default gateways).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Account Validation:\u003C\u002Fstrong> force users to validate their account by entering an OTP Verification Code at first login, on a set regular basis at login, or at each login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Synchronize OTP identifiers with existing data:\u003C\u002Fstrong> wish to use Twilio SMS, but already have a phone number field saved in database? Perhaps with the “Billing Phone” in WooCommerce? Use this field by indicating its user meta key in the gateway settings (Note: duplicate identifiers will require users to choose a different one on update).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple yet customizable appearance:\u003C\u002Fstrong> forms used to request OTP Verification Codes use a neutral dedicated style compatible with most themes, with customizable logo and call-to-action colors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Logs:\u003C\u002Fstrong> when enabled, administrators can follow the activity of the enabled gateway. Critical messages regarding gateway malfunction are always logged.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable for developers:\u003C\u002Fstrong> developers can add their own gateways or add custom One-Time Password modes using action and filter hooks, and more – see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffroger-me\u002Fotp-authenticator\" rel=\"nofollow ugc\">developers documentation\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integration-friendly:\u003C\u002Fstrong> specific integration with Ultimate Member and WooCommerce is included by default ; developers can easily plug into OTP Authenticator with a multitude of functions, filter hooks and action hooks – see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffroger-me\u002Fotp-authenticator\" rel=\"nofollow ugc\">developers documentation\u003C\u002Fa> – contributions to integrations are welcome.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited features:\u003C\u002Fstrong> there are no premium version feature restrictions shenanigans – OTP Authenticator is fully-featured right out of the box.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Cp>OTP Authenticator is regularly updated, and bug reports are welcome, preferably on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffroger-me\u002Fotp-authenticator\u002Fissues\" rel=\"nofollow ugc\">Github\u003C\u002Fa>, especially for advanced troubleshooting.\u003C\u002Fp>\n\u003Cp>Each \u003Cstrong>bug\u003C\u002Fstrong> report will be addressed in a timely manner, but general inquiries and issues reported on the WordPress forum may take significantly longer to receive a response.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Only issues occurring with included integrated plugins (or plugin features), core WordPress and default WordPress themes (incl. WooCommerce Storefront) will be considered without compensation.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Troubleshooting involving 3rd-party plugins or themes will require compensation in any case, and will not be addressed on the WordPress support forum\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Integrations\u003C\u002Fh3>\n\u003Cp>Although OTP Authenticator is designed to work out of the box with most combinations of WordPress plugins and themes, there are some edge cases necessitating integration, with code included in the core files of OTP Authenticator executing under certain conditions.\u003C\u002Fp>\n\u003Cp>Integrations added to core are limited to popular plugins and themes: any extra code specific to a handful of installations require a separate custom integration plugin not shared with the community (decision at the discretion of the OTP Authenticator plugin author).\u003C\u002Fp>\n\u003Cp>If such need for plugin integration arises, website administrators may contact the author of OTP Authenticator to become a patron.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>All integrations are to be funded by plugin users, with downpayment and delivery payment, at the plugin author’s discretion, without exception\u003C\u002Fstrong>.\u003Cbr \u002F>\nThe patron in return may be credited with their name (or company name) and a link to a page of their choice in the plugin’s Changelog.\u003C\u002Fp>\n","One-Time Password Authentication for WordPress",60,4372,94,3,"2022-04-03T04:09:00.000Z","5.5.18","4.9.5","7.0",[20,21,22],"2fa","otp","passwordless-login","https:\u002F\u002Fgithub.com\u002Ffroger-me\u002Fotp-authenticator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotp-authenticator.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"frogerme",11,8130,88,110,71,"2026-04-05T01:51:41.864Z",[39,63,88,111,133],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":60,"download_link":61,"security_score":62,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"two-factor","Two Factor","0.15.0","WordPress.org","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordpressdotorg\u002F","\u003Cp>The Two-Factor plugin adds an extra layer of security to your WordPress login by requiring users to provide a second form of authentication in addition to their password.  This helps protect against unauthorized access even if passwords are compromised.\u003C\u002Fp>\n\u003Ch3>Setup Instructions\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: Each user must individually configure their two-factor authentication settings.  There are no site-wide settings for this plugin.\u003C\u002Fp>\n\u003Ch3>For Individual Users\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Navigate to your profile\u003C\u002Fstrong>: Go to “Users” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> “Your Profile” in the WordPress admin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Find Two-Factor Options\u003C\u002Fstrong>: Scroll down to the “Two-Factor Options” section\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose your methods\u003C\u002Fstrong>: Enable one or more authentication providers (noting a site admin may have hidden one or more so what is available could vary):\n\u003Cul>\n\u003Cli>\u003Cstrong>Authenticator App (TOTP)\u003C\u002Fstrong> – Use apps like Google Authenticator, Authy, or 1Password\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Codes\u003C\u002Fstrong> – Receive one-time codes via email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FIDO U2F Security Keys\u003C\u002Fstrong> – Use physical security keys (requires HTTPS)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup Codes\u003C\u002Fstrong> – Generate one-time backup codes for emergencies\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dummy Method\u003C\u002Fstrong> – For testing purposes only (requires WP_DEBUG)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configure each method\u003C\u002Fstrong>: Follow the setup instructions for each enabled provider\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Set primary method\u003C\u002Fstrong>: Choose which method to use as your default authentication\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save changes\u003C\u002Fstrong>: Click “Update Profile” to save your settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>For Site Administrators\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>No global settings\u003C\u002Fstrong>: This plugin operates on a per-user basis only. For more, see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002Ftwo-factor\u002Fissues\u002F249\" rel=\"nofollow ugc\">GH#249\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User management\u003C\u002Fstrong>: Administrators can configure 2FA for other users by editing their profiles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security recommendations\u003C\u002Fstrong>: Encourage users to enable backup methods to prevent account lockouts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Available Authentication Methods\u003C\u002Fh3>\n\u003Ch3>Authenticator App (TOTP) – Recommended\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: High – Time-based one-time passwords\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup\u003C\u002Fstrong>: Scan QR code with authenticator app\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatibility\u003C\u002Fstrong>: Works with Google Authenticator, Authy, 1Password, and other TOTP apps\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best for\u003C\u002Fstrong>: Most users, provides excellent security with good usability\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Backup Codes – Recommended\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: Medium – One-time use codes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup\u003C\u002Fstrong>: Generate 10 backup codes for emergency access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatibility\u003C\u002Fstrong>: Works everywhere, no special hardware needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best for\u003C\u002Fstrong>: Emergency access when other methods are unavailable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Email Codes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: Medium – One-time codes sent via email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup\u003C\u002Fstrong>: Automatic – uses your WordPress email address\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatibility\u003C\u002Fstrong>: Works with any email-capable device\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best for\u003C\u002Fstrong>: Users who prefer email-based authentication\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>FIDO U2F Security Keys\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: High – Hardware-based authentication\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup\u003C\u002Fstrong>: Register physical security keys (USB, NFC, or Bluetooth)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Requirements\u003C\u002Fstrong>: HTTPS connection required, compatible browser needed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser Support\u003C\u002Fstrong>: Chrome, Firefox, Edge (varies by key type)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best for\u003C\u002Fstrong>: Users with security keys who want maximum security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Dummy Method\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong>: None – Always succeeds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup\u003C\u002Fstrong>: Only available when WP_DEBUG is enabled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Testing and development only\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best for\u003C\u002Fstrong>: Developers testing the plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Important Notes\u003C\u002Fh3>\n\u003Ch3>HTTPS Requirement\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>FIDO U2F Security Keys require an HTTPS connection to function\u003C\u002Fli>\n\u003Cli>Other methods work on both HTTP and HTTPS sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Browser Compatibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>FIDO U2F requires a compatible browser and may not work on all devices\u003C\u002Fli>\n\u003Cli>TOTP and email methods work on all devices and browsers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Account Recovery\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Always enable backup codes to prevent being locked out of your account\u003C\u002Fli>\n\u003Cli>If you lose access to all authentication methods, contact your site administrator\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Best Practices\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use multiple authentication methods when possible\u003C\u002Fli>\n\u003Cli>Keep backup codes in a secure location\u003C\u002Fli>\n\u003Cli>Regularly review and update your authentication settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information about two-factor authentication in WordPress, see the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fadvanced-administration\u002Fsecurity\u002Fmfa\u002F\" rel=\"nofollow ugc\">WordPress Advanced Administration Security Guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For more history, see \u003Ca href=\"https:\u002F\u002Fgeorgestephanis.wordpress.com\u002F2013\u002F08\u002F14\u002Ftwo-cents-on-two-factor\u002F\" rel=\"nofollow ugc\">this post\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Actions & Filters\u003C\u002Fh4>\n\u003Cp>Here is a list of action and filter hooks provided by the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>two_factor_providers\u003C\u002Fcode> filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_providers_for_user\u003C\u002Fcode> filter overrides the available two-factor providers for a specific user. Array values are instances of provider classes and the user object \u003Ccode>WP_User\u003C\u002Fcode> is available as the second argument.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_enabled_providers_for_user\u003C\u002Fcode> filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_user_authenticated\u003C\u002Fcode> action which receives the logged in \u003Ccode>WP_User\u003C\u002Fcode> object as the first argument for determining the logged in user right after the authentication workflow.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_user_api_login_enable\u003C\u002Fcode> filter restricts authentication for REST API and XML-RPC to application passwords only. Provides the user ID as the second argument.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_email_token_ttl\u003C\u002Fcode> filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the \u003Ccode>WP_User\u003C\u002Fcode> object being authenticated.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_email_token_length\u003C\u002Fcode> filter overrides the default 8 character count for email tokens.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_backup_code_length\u003C\u002Fcode> filter overrides the default 8 character count for backup codes. Provides the \u003Ccode>WP_User\u003C\u002Fcode> of the associated user as the second argument.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_rest_api_can_edit_user\u003C\u002Fcode> filter overrides whether a user’s Two-Factor settings can be edited via the REST API. First argument is the current \u003Ccode>$can_edit\u003C\u002Fcode> boolean, the second argument is the user ID.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_before_authentication_prompt\u003C\u002Fcode> action which receives the provider object and fires prior to the prompt shown on the authentication input form.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_after_authentication_prompt\u003C\u002Fcode> action which receives the provider object and fires after the prompt shown on the authentication input form.\u003C\u002Fli>\n\u003Cli>\u003Ccode>two_factor_after_authentication_input\u003C\u002Fcode>action which receives the provider object and fires after the input shown on the authentication input form (if form contains no input, action fires immediately after \u003Ccode>two_factor_after_authentication_prompt\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n","Enable Two-Factor Authentication (2FA) using time-based one-time passwords (TOTP), Universal 2nd Factor (U2F), email, and backup verification codes.",100000,1526344,96,199,"2026-02-17T13:21:00.000Z","6.9.4","6.8","7.2",[20,56,57,58,59],"authentication","mfa","security","totp","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftwo-factor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwo-factor.0.15.0.zip",100,{"slug":64,"name":65,"version":54,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":52,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":83,"download_link":84,"security_score":85,"vuln_count":86,"unpatched_count":26,"last_vuln_date":87,"fetched_at":28},"wp-sms","WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce","VeronaLabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fveronalabs\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwsms.io\u002F?utm_source=wporg&utm_medium=link&utm_campaign=website\" rel=\"nofollow ugc\">WSMS\u003C\u002Fa> lets you send SMS\u002FMMS notifications, one-time passwords (OTP), and two-factor authentication (2FA) messages straight from WordPress. It supports a wide range of SMS gateways and integrates with popular e-commerce and form builder plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use WSMS to:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Keep customers updated on WooCommerce orders\u003Cbr \u002F>\n– Collect subscribers with SMS newsletter forms\u003Cbr \u002F>\n– Secure logins with OTP & 2FA\u003Cbr \u002F>\n– Alert admins about new users, logins, or updates\u003Cbr \u002F>\n– Run marketing campaigns with scheduled or bulk SMS\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fdemo.wsms.io\u002Fwp-login.php\" rel=\"nofollow ugc\">Check out the demo\u003C\u002Fa> | \u003Ca href=\"#screenshots\" rel=\"nofollow ugc\">View screenshots\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fgateways?utm_source=wporg&utm_medium=link&utm_campaign=gateways\" rel=\"nofollow ugc\">See supported gateways\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fintegrations?utm_source=wporg&utm_medium=link&utm_campaign=integrations\" rel=\"nofollow ugc\">Explore integrations\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Send SMS\u002FMMS:\u003C\u002Fstrong> Send messages through your choice of supported SMS gateways.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-Commerce & Form Integration:\u003C\u002Fstrong> Seamlessly integrates with popular e-commerce platforms and form builders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OTP & 2FA:\u003C\u002Fstrong> Add extra login security with one-time passwords and two-factor authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile Login:\u003C\u002Fstrong> Let users log in with their mobile number.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Alerts:\u003C\u002Fstrong> Get notified when new users register, posts are published, or WordPress updates are available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Newsletters & Widgets:\u003C\u002Fstrong> Build SMS newsletter forms with shortcodes, widgets, or Gutenberg blocks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two-Way SMS (All-in-One):\u003C\u002Fstrong> Receive and reply to SMS messages inside WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk & Scheduled SMS:\u003C\u002Fstrong> Send to multiple recipients at once, immediately or on schedule.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third-Party Integration:\u003C\u002Fstrong> Connect with external services and automation platforms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Messaging Button:\u003C\u002Fstrong> Let visitors reach you instantly via messaging channels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant:\u003C\u002Fstrong> Built with privacy and compliance in mind.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to WSMS All-in-One\u003C\u002Fh3>\n\u003Cp>Unlock additional features with \u003Cstrong>All-in-One\u003C\u002Fstrong> — the plan that gives you access to all premium add-ons in one package.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With All-in-One you get:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Secure login & registration with OTP & 2FA\u003Cbr \u002F>\n– Scheduled & recurring SMS\u002FMMS\u003Cbr \u002F>\n– Two-way SMS inbox\u003Cbr \u002F>\n– Enhanced e-commerce features (login, checkout verification, order updates)\u003Cbr \u002F>\n– Membership platform integrations\u003Cbr \u002F>\n– Advanced form builder SMS capabilities\u003Cbr \u002F>\n– Marketing automation integrations\u003Cbr \u002F>\n– Booking system compatibility\u003Cbr \u002F>\n– URL shortening service integration\u003Cbr \u002F>\n– All future add-ons included\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fpricing\u002F?utm_source=wporg&utm_medium=link&utm_campaign=pricing\" rel=\"nofollow ugc\">See All-in-One details & compare features\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🐞 Report Bugs & Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Found a bug? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">Open an issue on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Security concerns? Report them via the \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fwordpress\u002Fplugin\u002Fwp-sms\u002Fvdp\" rel=\"nofollow ugc\">Patchstack VDP program\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📝 Trademark Notice\u003C\u002Fh3>\n\u003Cp>WooCommerce, GravityForms, Elementor, Contact Form 7, Twilio, WhatsApp, Clickatell, BulkSMS, Plivo, Zapier, Bitly, and other product names mentioned are trademarks of their respective owners. WSMS is not affiliated with, endorsed by, or sponsored by these companies.\u003C\u002Fp>\n\u003Ch3>Source Code and Build Instructions\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> The plugin works out of the box — no build steps required for regular users. This section is for developers who want to modify or contribute to the source code. See the \u003Ca href=\"https:\u002F\u002Fwsms.io\u002Fdocs\u002F\" rel=\"nofollow ugc\">full documentation\u003C\u002Fa> for user guides.\u003C\u002Fp>\n\u003Cp>All source code for minified JavaScript and CSS is included in the plugin under the \u003Ccode>resources\u002F\u003C\u002Fcode> directory. Build instructions and full source are available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Third-Party Libraries\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fchartjs\u002FChart.js\" rel=\"nofollow ugc\">Chart.js\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fflatpickr\u002Fflatpickr\" rel=\"nofollow ugc\">flatpickr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjackocnr\u002Fintl-tel-input\" rel=\"nofollow ugc\">intlTelInput\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDubFriend\u002Fjquery.repeater\" rel=\"nofollow ugc\">jquery.repeater\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqwertypants\u002FjQuery-Word-and-Character-Counter-Plugin\" rel=\"nofollow ugc\">jQuery Word and Character Counter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffacebook\u002Freact\" rel=\"nofollow ugc\">React\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fselect2\u002Fselect2\" rel=\"nofollow ugc\">Select2\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftailwindlabs\u002Ftailwindcss\" rel=\"nofollow ugc\">Tailwind CSS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcalebjacob\u002Ftooltipster\" rel=\"nofollow ugc\">Tooltipster\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fveronalabs\u002Fwp-scoper\" rel=\"nofollow ugc\">WP Scoper\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Repository\u003C\u002Fh4>\n\u003Cp>Full source code: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-sms\u002Fwp-sms\" rel=\"nofollow ugc\">github.com\u002Fwp-sms\u002Fwp-sms\u003C\u002Fa>\u003C\u002Fp>\n","Send SMS\u002FMMS notifications, OTP & 2FA messages, and WooCommerce updates with support for multiple gateways and plugin integrations.",9000,730389,82,105,"2026-03-08T08:32:00.000Z","4.1","7.4",[78,79,80,81,82],"2fa-authentication","bulk-sms","otp-login","sms-notifications","woocommerce-sms","https:\u002F\u002Fwsms.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sms.7.2.zip",95,15,"2026-02-10 00:00:00",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":52,"requires_at_least":75,"requires_php":101,"tags":102,"homepage":107,"download_link":108,"security_score":109,"vuln_count":14,"unpatched_count":26,"last_vuln_date":110,"fetched_at":28},"user-verification","User Verification by PickPlugins","2.0.46","PickPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fpickplugins\u002F","\u003Cp>User Verification – Complete WordPress User Authentication & Security Plugin\u003C\u002Fp>\n\u003Ch3>User Verification by \u003Ca href=\"http:\u002F\u002Fwww.pickplugins.com\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.pickplugins.com\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fitem\u002Fuser-verification\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fsupport\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpickplugins.com\u002Fdocumentation\u002Fuser-verification\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Secure Your WordPress Site with Advanced User Verification & Authentication\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>User Verification\u003C\u002Fstrong> is a comprehensive WordPress security plugin that provides multiple layers of user authentication and spam protection to safeguard your website from unauthorized access and malicious registrations.\u003C\u002Fp>\n\u003Ch3>🔐 Key Features\u003C\u002Fh3>\n\u003Ch4>\u003Cstrong>Email Verification System\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mandatory Email Verification\u003C\u002Fstrong>: Ensure all new users verify their email addresses before accessing your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Verification Pages\u003C\u002Fstrong>: Choose custom redirect pages for successful and failed verifications  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Login\u003C\u002Fstrong>: Seamlessly log users in after successful email verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Control\u003C\u002Fstrong>: Exclude specific user roles (like Administrators) from verification requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Configuration\u003C\u002Fstrong>: Enable\u002Fdisable email verification with simple toggle controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Magic Login (Passwordless Authentication)\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>🆕 NEW Feature\u003C\u002Fstrong>: Enable secure passwordless login for enhanced user experience\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email-Based Authentication\u003C\u002Fstrong>: Users receive login links directly in their inbox\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Key Length\u003C\u002Fstrong>: Set secure authentication key length (default: 6 characters)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attempt Limits\u003C\u002Fstrong>: Configure maximum login attempts for security (default: 3 attempts)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Redirect Pages\u003C\u002Fstrong>: Set specific pages for successful logins, failures, and magic login forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Verification Integration\u003C\u002Fstrong>: Require verified emails for magic login access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Implementation\u003C\u002Fstrong>: Simple shortcode \u003Ccode>[user_verification_magic_login_form]\u003C\u002Fcode> for frontend display\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>OTP (One-Time Password) Login\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>SMS\u002FEmail OTP\u003C\u002Fstrong>: Secure one-time password authentication system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable OTP Length\u003C\u002Fstrong>: Customize OTP length (default: 6 digits)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Character Flexibility\u003C\u002Fstrong>: Support for numbers, uppercase, lowercase, and special characters\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Success\u002FError Messages\u003C\u002Fstrong>: Personalized user feedback for OTP processes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post-Login Redirects\u003C\u002Fstrong>: Direct users to specific pages after successful authentication\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Integration\u003C\u002Fstrong>: Simple shortcode \u003Ccode>[user_verification_otp_login_form]\u003C\u002Fcode> implementation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Advanced Spam Protection\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Domain Blocking\u003C\u002Fstrong>: Block registrations from specific email domains\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Domain Allowlist\u003C\u002Fstrong>: Allow only approved email domains for registration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Username Protection\u003C\u002Fstrong>: Block specific usernames from registration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Domain Management\u003C\u002Fstrong>: Easy-to-use interface for managing blocked\u002Fallowed domains\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>reCAPTCHA Integration\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google reCAPTCHA v2\u003C\u002Fstrong>: Complete bot protection with checkbox verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Implementation Points\u003C\u002Fstrong>: Add reCAPTCHA to login, registration, password reset, and comment forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Ready\u003C\u002Fstrong>: Full integration with WooCommerce forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong>: Simple setup with site key and secret key\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>User Management Tools\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unverified User Cleanup\u003C\u002Fstrong>: Automatically delete unverified user accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Existing User Verification\u003C\u002Fstrong>: Mark existing users as verified with customizable intervals\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Status Monitoring\u003C\u002Fstrong>: Track verification status across your user base\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Email Customization\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Email Templates\u003C\u002Fstrong>: Personalize verification and notification emails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPAutoP Support\u003C\u002Fstrong>: Enable\u002Fdisable automatic paragraph formatting in emails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Branded Communications\u003C\u002Fstrong>: Add your logo and customize email appearance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Email Types\u003C\u002Fstrong>: Templates for registration, verification, OTP, magic login, and activation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>WooCommerce Compatibility\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>E-commerce Ready\u003C\u002Fstrong>: Full integration with WooCommerce login, registration, and password reset forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer Protection\u003C\u002Fstrong>: Prevent fake customer registrations and protect customer data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Experience\u003C\u002Fstrong>: Maintain smooth checkout process while ensuring security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎯 Perfect For:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Membership Sites\u003C\u002Fstrong>: Protect exclusive content with verified users only\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-commerce Stores\u003C\u002Fstrong>: Prevent fake customer accounts and fraudulent orders  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Corporate Websites\u003C\u002Fstrong>: Ensure legitimate user registrations for business platforms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Community Forums\u003C\u002Fstrong>: Maintain quality user base with verified members\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Educational Platforms\u003C\u002Fstrong>: Secure student and instructor account creation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Any WordPress Site\u003C\u002Fstrong>: Enhance security for blogs, portfolios, and business websites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚡ Easy Setup & Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>User-Friendly Interface\u003C\u002Fstrong>: Intuitive admin dashboard for all configurations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Ready\u003C\u002Fstrong>: Simple shortcodes for frontend form implementation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Configuration\u003C\u002Fstrong>: Enable\u002Fdisable features with simple toggle switches\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Documentation\u003C\u002Fstrong>: Detailed setup guides and troubleshooting support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 Technical Specifications\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Compatibility\u003C\u002Fstrong>: Works with latest WordPress versions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP 7.4+ Support\u003C\u002Fstrong>: Modern PHP compatibility for optimal performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile Responsive\u003C\u002Fstrong>: All forms and interfaces work perfectly on mobile devices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong>: Multi-language support for global websites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong>: Clean code structure with hooks and filters for customization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📧 Default Email Configuration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Professional Setup\u003C\u002Fstrong>: Comes with pre-configured professional email settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom From Address\u003C\u002Fstrong>: Set your preferred sender email (e.g., public.nurhasan@gmail.com)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Branded Sender Name\u003C\u002Fstrong>: Customize sender name (default: wordpress)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template Variety\u003C\u002Fstrong>: Multiple email templates for different verification scenarios\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Why Choose User Verification?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Complete Security Solution\u003C\u002Fstrong>: Multiple authentication methods in one plugin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero Spam Guarantee\u003C\u002Fstrong>: Advanced filtering eliminates fake registrations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Experience Focused\u003C\u002Fstrong>: Smooth verification process that doesn’t frustrate legitimate users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly Customizable\u003C\u002Fstrong>: Adapt every aspect to match your site’s needs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regular Updates\u003C\u002Fstrong>: Continuously updated with new features and security improvements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional Support\u003C\u002Fstrong>: Dedicated support for setup and troubleshooting\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Installation & Usage\u003C\u002Fh3>\n\u003Cp>Simply install the plugin, configure your preferred verification methods, and add the provided shortcodes to your pages. The plugin integrates seamlessly with WordPress default forms and popular plugins like WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Transform your WordPress site security today with User Verification – the most comprehensive user authentication plugin available.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Ch3>Spam Protection by [https:\u002F\u002Fisspammy.com](http:\u002F\u002Fisspammy.com)\u003C\u002Fh3>\n\u003Cp>isspammy.com is owned by PickPlugins and it’s used to protect spam users from login in, registering, commenting, posting reviews and etc. Once you mark a comment as spam it will send a request to isspammy.com and it will create a record for this mail and marked as spam, so later when the same email is used to post a comment it will block them as a spammer. isspammy.com is commited to keep user email private and only accessible when requested.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fisspammy.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">isspammy.com\u002Fprivacy-policy\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fisspammy.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">isspammy.com\u002FAbout Us\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Email verification for user registration to protect spam.",5000,330832,90,63,"2026-02-14T03:45:00.000Z","",[103,104,105,106,22],"email-otp","email-validation","email-verification","hide-login","http:\u002F\u002Fpickplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-verification.zip",87,"2026-03-23 00:00:00",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":121,"num_ratings":122,"last_updated":123,"tested_up_to":52,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":130,"download_link":131,"security_score":49,"vuln_count":14,"unpatched_count":26,"last_vuln_date":132,"fetched_at":28},"mobile-login-woocommerce","OTP Login & Register Woocommerce","2.7.2","xootix","https:\u002F\u002Fprofiles.wordpress.org\u002Fxootix\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo.xootix.com\u002Fmobile-login-for-woocommerce\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003Cbr \u002F>\nAllow users to login\u002Fsignup with one time password(OTP) sent on your mobile device.\u003C\u002Fp>\n\u003Ch3>Features And Options:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds a phone number field to the signup form\u003C\u002Fli>\n\u003Cli>No need to remember email\u002Fpassword, login with OTP\u003C\u002Fli>\n\u003Cli>Fully customizable\u003C\u002Fli>\n\u003Cli>Woocommerce  Compatible\u003C\u002Fli>\n\u003Cli>Fully Ajaxed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Third Party Services\u003C\u002Fh4>\n\u003Cp>This plugin uses third party services to send SMSs\u003C\u002Fp>\n\u003Ch3>SMS Operators available:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffirebase.google.com\u002F\" rel=\"nofollow ugc\">Firebase ( Free messages )\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.twilio.com\u002F\" rel=\"nofollow ugc\">Twilio\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faws.amazon.com\u002Fsns\u002F\" rel=\"nofollow ugc\">Amazon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>SMS Alert, MSG91, Textlocal, Unifonic and others..\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For detecting country code, plugin uses API endpoints for looking up user IP address. This is optional and can be disabled from the settings\u003Cbr \u002F>\nOptions available\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fapi.ipify.org\" rel=\"nofollow ugc\">ipify\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fipecho.net\u002Fplain\" rel=\"nofollow ugc\">ipecho\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fident.me\" rel=\"nofollow ugc\">ident\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fbot.whatismyipaddress.com\" rel=\"nofollow ugc\">whatismyipaddress\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Pro Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Login with Email OTP.\u003C\u002Fli>\n\u003Cli>Two Factor Authentication – SMS\u002FEmail\u003C\u002Fli>\n\u003Cli>Validate and verify phone number in checkout form before customer places an order.\u003C\u002Fli>\n\u003Cli>Register with a single click. Email & Password less registration.\u003C\u002Fli>\n\u003Cli>Manage registration fields.\u003C\u002Fli>\n\u003Cli>Popup & inline form design ( Try here)\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-login-woocommerce\u002F\u003C\u002Fli>\n\u003Cli>Show the countries’ flags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.xootix.com\u002Fmobile-login-for-woocommerce\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Allow users to log in\u002Fsign up with a one-time password (OTP) sent to their mobile device.",2000,94416,92,44,"2026-03-07T09:02:00.000Z","3.0.1","5.2.4",[20,127,128,129],"login-with-otp","one-time-password","woocommerce-login","http:\u002F\u002Fxootix.com\u002Fmobile-login-woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmobile-login-woocommerce.2.7.2.zip","2024-06-05 13:11:37",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":62,"downloaded":141,"rating":62,"num_ratings":32,"last_updated":142,"tested_up_to":143,"requires_at_least":101,"requires_php":144,"tags":145,"homepage":148,"download_link":149,"security_score":62,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"email-otp-authenticator","Email OTP Authenticator – for Login, Registration or 2FA, RWL, RWA Services","6.3.4","cs7.in","https:\u002F\u002Fprofiles.wordpress.org\u002Filvchandan\u002F","\u003Cp>\u003Cstrong>Services :-\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>SIGNIN :\u003C\u002Fstrong> Login with an OTP.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SIGNUP :\u003C\u002Fstrong> Register with an OTP.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>2FA :\u003C\u002Fstrong> Two Factor Authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RWL :\u003C\u002Fstrong> Ratify (users) Without Login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RWA :\u003C\u002Fstrong> Ratify (guests) Without Account.\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Seamless OTP Login, Registration & Session\u003C\u002Fstrong>\u003Cbr \u002F>\nEnhance your website’s user experience with this powerful and easy-to-use plugin. Let users \u003Cstrong>login or register\u003C\u002Fstrong> using a secure \u003Cstrong>One-Time Password (OTP)\u003C\u002Fstrong> sent directly to their \u003Cstrong>email\u003C\u002Fstrong>—no password required!\u003C\u002Fp>\n\u003Cp>You can also enable \u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong> for an extra layer of security during login or registration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>KEY HIGHLIGHTS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>OTP via Email\u003C\u002Fstrong> – Send quick, secure, and your own server-based emails.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Quick Signin & Signup\u003C\u002Fstrong> – Instant, easy, and password-free; Login & signup with OTP.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong> – Add advanced protection to Login or Registration.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Guest Access (RWA)\u003C\u002Fstrong> – Allow visitors temporary or premium access without registration.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Verified Access (RWL)\u003C\u002Fstrong> – Allow registered users temporary or premium access without login.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Zero External Dependency\u003C\u002Fstrong> – Works independently, no Google\u002FFacebook\u002FB2B API required.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why Choose This Plugin ?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>FAST\u003C\u002Fstrong> – Lightning-quick OTP delivery and smooth user experience\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>FRIENDLY\u003C\u002Fstrong> – Simple and intuitive for both users and admins\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SMART\u003C\u002Fstrong> – Intelligent access handling and user behavior adaptation\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SMOOTH\u003C\u002Fstrong> – Clean UI integration for a frictionless flow\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SECURED\u003C\u002Fstrong> – Robust protection using email verification and secure tokens\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is ideal for \u003Cstrong>membership sites, e-commerce platforms, SaaS applications,\u003C\u002Fstrong> and \u003Cstrong>content-based websites\u003C\u002Fstrong> looking to offer seamless, secure, and flexible user access.\u003Cbr \u002F>\n.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>F E A T U R E S :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features For Registered Users :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login with OTP.\u003C\u002Fli>\n\u003Cli>Verify email to grant actions even without Login. (RWL)\u003C\u002Fli>\n\u003Cli>Lock specific pages or URLs for verified users. (RWL)\u003C\u002Fli>\n\u003Cli>Re-verify logged-in users for sensitive actions.\u003C\u002Fli>\n\u003Cli>Auto Log-out after limited wrong OTP attempts.\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features For Visitors (Guests):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Serve facilities even without account.\u003C\u002Fli>\n\u003Cli>Quick registration with an email and OTP only.\u003C\u002Fli>\n\u003Cli>Lock specific pages or URLs for verified visitors. (RWA)\u003C\u002Fli>\n\u003Cli>Verify email to grant actions even without registration. (RWA)\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features For All :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set 2FA Lock for all.\u003C\u002Fli>\n\u003Cli>Set the OTP expiry time.\u003C\u002Fli>\n\u003Cli>Set the OTP sending Limit.\u003C\u002Fli>\n\u003Cli>Set max wrong attempts Limit.\u003C\u002Fli>\n\u003Cli>Block unwanted email addresses.\u003C\u002Fli>\n\u003Cli>Block unwanted email providers.\u003C\u002Fli>\n\u003Cli>Allow specific email providers.\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Operational Features :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Manage complete form CSS.\u003C\u002Fli>\n\u003Cli>Customize email to send OTP.\u003C\u002Fli>\n\u003Cli>Supportcode to change the language.\u003C\u002Fli>\n\u003Cli>Generate OTP attempts log for review.\u003C\u002Fli>\n\u003Cli>Customize popup and inline form layout.\u003C\u002Fli>\n\u003Cli>Create Menus, Links or auto-popup the form.\u003C\u002Fli>\n\u003Cli>Manage complete form template without CSS.\u003C\u002Fli>\n\u003Cli>Use or customize from 27 ready-made templates.\u003C\u002Fli>\n\u003Cli>Use multiple inline or popup forms on a single page.\u003C\u002Fli>\n\u003Cli>Integrate external functions and custom support code.\u003C\u002Fli>\n\u003Cli>Operate through Menu editor, Shortcode or HTML code.\u003C\u002Fli>\n\u003Cli>Zero dependency on other APIs as Google\u002FFacebook\u002FB2B etc.\u003C\u002Fli>\n\u003Cli>Provide EASY and SECURE Login\u002FRegister\u002FVerification features.\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Additional Features :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add multiple layers of security and access control.\u003C\u002Fli>\n\u003Cli>Re-verify logged-in users before sensitive actions.\u003C\u002Fli>\n\u003Cli>Provide subscriber\u002Fmember access without login or registration.\u003C\u002Fli>\n\u003Cli>Lock user accounts to re-verify OTP without logout or session loss.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Compatible With :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Youzify\u003C\u002Fli>\n\u003Cli>Profilegrid\u003C\u002Fli>\n\u003Cli>Forminator\u003C\u002Fli>\n\u003Cli>ARMember\u003C\u002Fli>\n\u003Cli>ProfilePress\u003C\u002Fli>\n\u003Cli>Buddypress\u003C\u002Fli>\n\u003Cli>Profile Builder\u003C\u002Fli>\n\u003Cli>MemberPress\u003C\u002Fli>\n\u003Cli>User Meta Lite\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>Ultimate Member\u003C\u002Fli>\n\u003Cli>User Registration\u003C\u002Fli>\n\u003Cli>RegistrationMagic\u003C\u002Fli>\n\u003Cli>WP User Manager\u003C\u002Fli>\n\u003Cli>Pie Register–Basic\u003C\u002Fli>\n\u003Cli>Login\u002FSignup Popup\u003C\u002Fli>\n\u003Cli>Paid Memberships Pro\u003C\u002Fli>\n\u003Cli>Paid Member Subscriptions\u003C\u002Fli>\n\u003Cli>N-Media WP Member Registration\u003C\u002Fli>\n\u003Cli>And Many More . . .\u003Cbr \u002F>\n.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin can act as \u003Cstrong>a standalone authentication system\u003C\u002Fstrong> or integrate smoothly with your favorite membership and user management tools\u002Fplugins.\u003C\u002Fp>\n\u003Cp>The facilities of this plugin will put your website far ahead of everyone else. Install it, and use its features to check out the effects.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This free version includes all Addon+Prime features. Premium access is exclusive.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FuxmdxKb2vTI\" rel=\"nofollow ugc\">See the plugin intro video (version:5.2.6)\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FuxmdxKb2vTI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Feedback & Support\u003C\u002Fh3>\n\u003Cp>Your feedback helps make this plugin even better.\u003Cbr \u002F>\nShare your suggestions or report issues directly\u003Cbr \u002F>\nto the \u003Cstrong>plugin author\u003C\u002Fstrong> : \u003Ca href=\"mailto:Mr.Chandan.Shrivastava@gmail.com\" rel=\"nofollow ugc\">Mr.Chandan.Shrivastava@gmail.com\u003C\u002Fa>\u003C\u002Fp>\n","Use an OTP to Login, Register, 2FA OR allow interim premium access WITHOUT Login, even WITHOUT Account. It is FAST, FRIENDLY, SMART, SMOOTH & SECURED.",8713,"2025-11-11T02:45:00.000Z","6.8.5","7.3",[20,103,146,147],"login-registration","passwordless-operation","https:\u002F\u002Feotpa.cs7.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-otp-authenticator.6.3.4.zip",{"attackSurface":151,"codeSignals":543,"taintFlows":629,"riskAssessment":630,"analyzedAt":637},{"hooks":152,"ajaxHandlers":519,"restRoutes":534,"shortcodes":535,"cronEvents":539,"entryPointCount":402,"unprotectedCount":542},[153,160,164,167,171,175,179,183,187,191,195,199,203,207,211,215,218,221,224,227,231,234,235,236,238,240,242,244,246,250,253,256,258,261,265,268,272,275,279,284,287,290,292,294,296,298,300,303,305,308,311,314,317,320,324,326,328,330,332,334,337,338,341,343,345,347,350,354,356,361,364,367,370,373,376,379,382,384,387,388,391,393,395,398,401,404,406,409,412,415,418,421,424,427,429,432,435,437,441,442,445,447,450,452,453,454,455,457,458,460,464,468,471,474,476,478,481,484,487,490,493,496,499,502,505,508,510,515],{"type":154,"name":155,"callback":156,"priority":157,"file":158,"line":159},"action","init","add_2fa_button_switch_editor_block",10,"inc\\class-otpa-2fa.php",24,{"type":154,"name":161,"callback":162,"priority":157,"file":158,"line":163},"admin_init","admin_redirect",27,{"type":154,"name":155,"callback":165,"priority":157,"file":158,"line":166},"check_2fa",28,{"type":154,"name":168,"callback":169,"priority":157,"file":158,"line":170},"wp_login","set_need_2fa_check",29,{"type":154,"name":172,"callback":173,"priority":157,"file":158,"line":174},"otpa_otp_code_verified","do_2fa",30,{"type":154,"name":176,"callback":177,"priority":157,"file":158,"line":178},"wp_enqueue_scripts","add_current_user_2fa_button_switch_scripts",31,{"type":154,"name":180,"callback":181,"priority":157,"file":158,"line":182},"otpa_api_2fa","handle_api_request",32,{"type":184,"name":185,"callback":185,"priority":157,"file":158,"line":186},"filter","login_redirect",34,{"type":184,"name":188,"callback":189,"file":158,"line":190},"show_admin_bar","hide_admin_bar",35,{"type":184,"name":192,"callback":193,"priority":157,"file":158,"line":194},"otpa_api_endpoints","add_api_endpoints",36,{"type":154,"name":196,"callback":197,"file":158,"line":198},"template_redirect","otp_form_page",140,{"type":184,"name":200,"callback":201,"priority":157,"file":158,"line":202},"rest_post_dispatch","deny_rest",142,{"type":184,"name":204,"callback":205,"priority":157,"file":158,"line":206},"otpa_otp_form_vars","set_otp_form_vars",143,{"type":184,"name":208,"callback":209,"priority":157,"file":158,"line":210},"otpa_otp_api_valid_callback","otp_api_valid_callback",144,{"type":184,"name":212,"callback":213,"priority":157,"file":158,"line":214},"otpa_otp_api_callback","otp_api_callback",145,{"type":154,"name":161,"callback":162,"priority":157,"file":216,"line":217},"inc\\class-otpa-account-validation.php",19,{"type":154,"name":155,"callback":219,"priority":157,"file":216,"line":220},"account_validation",20,{"type":154,"name":168,"callback":222,"priority":157,"file":216,"line":223},"set_need_account_validation",21,{"type":154,"name":172,"callback":225,"priority":157,"file":216,"line":226},"validate_account",22,{"type":154,"name":228,"callback":229,"priority":157,"file":216,"line":230},"otpa_identifier_updated","set_force_validation",23,{"type":154,"name":232,"callback":222,"priority":157,"file":216,"line":233},"clear_auth_cookie",26,{"type":184,"name":185,"callback":185,"priority":157,"file":216,"line":170},{"type":184,"name":188,"callback":189,"file":216,"line":174},{"type":154,"name":196,"callback":197,"file":216,"line":237},73,{"type":184,"name":200,"callback":201,"priority":157,"file":216,"line":239},75,{"type":184,"name":204,"callback":205,"priority":157,"file":216,"line":241},76,{"type":184,"name":208,"callback":209,"priority":157,"file":216,"line":243},77,{"type":184,"name":212,"callback":213,"priority":157,"file":216,"line":245},78,{"type":154,"name":247,"callback":248,"file":249,"line":233},"wp","register_logs_cleanup","inc\\class-otpa-logger.php",{"type":154,"name":251,"callback":252,"file":249,"line":163},"otpa_logs_cleanup","clear_logs",{"type":154,"name":254,"callback":255,"priority":157,"file":249,"line":174},"admin_menu","register_settings",{"type":154,"name":257,"callback":257,"priority":157,"file":249,"line":178},"admin_enqueue_scripts",{"type":154,"name":259,"callback":260,"priority":157,"file":249,"line":182},"otpa_after_main_settings","print_logs_settings",{"type":154,"name":262,"callback":263,"priority":157,"file":249,"line":264},"otpa_after_main_tab_settings","print_logs_settings_tab",33,{"type":154,"name":266,"callback":267,"priority":157,"file":249,"line":186},"otpa_wp_error","log_otpa_wp_error",{"type":154,"name":155,"callback":269,"priority":157,"file":270,"line":271},"register_otp_api_callback","inc\\class-otpa-passwordless.php",14,{"type":154,"name":273,"callback":274,"priority":157,"file":270,"line":86},"otpa_page_passwordless_login","login_page",{"type":154,"name":276,"callback":277,"priority":157,"file":270,"line":278},"login_footer","auth_link",16,{"type":154,"name":280,"callback":281,"priority":282,"file":270,"line":283},"login_enqueue_scripts","add_login_scripts",99,17,{"type":184,"name":285,"callback":286,"priority":157,"file":270,"line":217},"otpa_page_endpoints","add_page_endpoint",{"type":184,"name":288,"callback":289,"priority":157,"file":270,"line":220},"nonce_user_logged_out","noncefield_from_ip",{"type":184,"name":208,"callback":209,"priority":157,"file":270,"line":291},37,{"type":184,"name":212,"callback":213,"priority":157,"file":270,"line":293},38,{"type":154,"name":196,"callback":197,"file":270,"line":295},45,{"type":184,"name":204,"callback":205,"priority":157,"file":270,"line":297},46,{"type":154,"name":257,"callback":257,"priority":157,"file":299,"line":73},"inc\\class-otpa-settings-renderer.php",{"type":154,"name":155,"callback":301,"priority":26,"file":302,"line":230},"load_textdomain","inc\\class-otpa-settings.php",{"type":154,"name":155,"callback":304,"priority":26,"file":302,"line":159},"set_cache_policy",{"type":154,"name":254,"callback":306,"priority":157,"file":302,"line":307},"plugin_options_menu_main",25,{"type":154,"name":309,"callback":310,"priority":157,"file":302,"line":233},"wp_loaded","init_settings_definition",{"type":184,"name":312,"callback":313,"priority":157,"file":302,"line":163},"plugin_action_links_otp-authenticator\u002Fotp-authenticator.php","plugin_action_links",{"type":184,"name":315,"callback":316,"priority":157,"file":302,"line":170},"pre_update_option_otpa_settings","sanitize_settings",{"type":184,"name":318,"callback":319,"priority":157,"file":302,"line":174},"default_option_otpa_settings","maybe_init_settings",{"type":154,"name":321,"callback":322,"file":302,"line":323},"admin_notices","settings_error",103,{"type":154,"name":257,"callback":257,"priority":157,"file":302,"line":325},138,{"type":184,"name":318,"callback":319,"priority":157,"file":302,"line":327},203,{"type":154,"name":309,"callback":310,"priority":157,"file":329,"line":220},"inc\\class-otpa-style-settings.php",{"type":154,"name":254,"callback":331,"priority":157,"file":329,"line":223},"register_style_settings",{"type":154,"name":259,"callback":333,"priority":157,"file":329,"line":226},"print_style_settings",{"type":154,"name":262,"callback":335,"priority":336,"file":329,"line":230},"print_style_settings_tab",6,{"type":184,"name":285,"callback":286,"priority":157,"file":329,"line":159},{"type":154,"name":339,"callback":340,"priority":157,"file":329,"line":307},"otpa_page_form_preview","form_preview",{"type":184,"name":342,"callback":316,"priority":157,"file":329,"line":163},"pre_update_option_otpa_style_settings",{"type":184,"name":344,"callback":319,"priority":157,"file":329,"line":166},"default_option_otpa_style_settings",{"type":154,"name":196,"callback":346,"file":329,"line":98},"form_preview_page",{"type":154,"name":348,"callback":349,"priority":220,"file":329,"line":49},"wp_footer","wp_print_footer_scripts",{"type":184,"name":351,"callback":352,"priority":282,"file":329,"line":353},"template_include","form_preview_template",111,{"type":184,"name":344,"callback":319,"priority":157,"file":329,"line":355},172,{"type":154,"name":357,"callback":358,"priority":157,"file":359,"line":360},"user_new_form","admin_registration_form_alter","inc\\class-otpa-user-info.php",18,{"type":154,"name":362,"callback":363,"priority":157,"file":359,"line":217},"user_profile_update_errors","user_info_form_validate",{"type":184,"name":365,"callback":366,"priority":157,"file":359,"line":223},"registration_errors","registration_form_validate",{"type":154,"name":368,"callback":369,"priority":157,"file":359,"line":307},"pre_user_query","alter_user_sort_query",{"type":184,"name":371,"callback":372,"priority":157,"file":359,"line":163},"manage_users_columns","alter_user_table_columns",{"type":184,"name":374,"callback":375,"priority":157,"file":359,"line":166},"manage_users_custom_column","alter_user_table_rows",{"type":184,"name":377,"callback":378,"priority":157,"file":359,"line":170},"manage_users_sortable_columns","alter_user_sortable_columns",{"type":154,"name":380,"callback":381,"priority":157,"file":359,"line":182},"show_user_profile","user_profile_form_alter",{"type":154,"name":383,"callback":381,"priority":157,"file":359,"line":264},"edit_user_profile",{"type":154,"name":385,"callback":386,"priority":157,"file":359,"line":186},"profile_update","save_user_info",{"type":154,"name":257,"callback":257,"priority":157,"file":359,"line":190},{"type":154,"name":155,"callback":389,"priority":26,"file":390,"line":170},"add_endpoints","inc\\class-otpa.php",{"type":154,"name":392,"callback":392,"priority":157,"file":390,"line":174},"parse_request",{"type":154,"name":394,"callback":181,"priority":157,"file":390,"line":178},"otpa_api_otp",{"type":184,"name":396,"callback":397,"priority":157,"file":390,"line":264},"query_vars","add_query_vars",{"type":184,"name":399,"callback":400,"priority":157,"file":390,"line":186},"otpa_api_error_data","filter_authorized_error_data",{"type":154,"name":161,"callback":162,"priority":402,"file":390,"line":403},5,40,{"type":184,"name":185,"callback":185,"priority":402,"file":390,"line":405},41,{"type":154,"name":155,"callback":407,"priority":402,"file":390,"line":408},"check_otp_identifier",42,{"type":184,"name":351,"callback":410,"priority":282,"file":390,"line":411},"otp_form_template",303,{"type":184,"name":351,"callback":413,"priority":282,"file":390,"line":414},"set_otp_identifier_form_template",346,{"type":154,"name":196,"callback":416,"file":390,"line":417},"set_otp_identifier_form_page",454,{"type":154,"name":309,"callback":310,"priority":157,"file":419,"line":420},"inc\\gateways\\class-otpa-abstract-gateway.php",68,{"type":154,"name":254,"callback":422,"priority":157,"file":419,"line":423},"register_gateway_settings",69,{"type":154,"name":259,"callback":425,"priority":157,"file":419,"line":426},"print_gateway_settings",70,{"type":154,"name":262,"callback":428,"priority":402,"file":419,"line":36},"print_gateway_settings_tab",{"type":184,"name":430,"callback":431,"priority":157,"file":419,"line":237},"otpa_settings_valid","validate_settings",{"type":184,"name":433,"callback":434,"priority":157,"file":419,"line":245},"update_user_metadata","sync_meta",{"type":184,"name":433,"callback":434,"priority":157,"file":419,"line":436},484,{"type":154,"name":438,"callback":439,"priority":157,"file":440,"line":226},"otpa_before_otp_form","print_form_hint","inc\\gateways\\class-otpa-alibaba-cloud-sms-gateway.php",{"type":154,"name":257,"callback":257,"priority":157,"file":440,"line":230},{"type":184,"name":443,"callback":444,"priority":157,"file":440,"line":307},"otpa_otp_widget_identifier_placeholder","identifier_name",{"type":184,"name":446,"callback":444,"priority":157,"file":440,"line":233},"otpa_otp_identifier_field_label",{"type":184,"name":448,"callback":449,"priority":157,"file":440,"line":163},"otpa_wp_error_message","error_message_alter",{"type":154,"name":438,"callback":439,"priority":157,"file":451,"line":223},"inc\\gateways\\class-otpa-twilio-gateway.php",{"type":184,"name":443,"callback":444,"priority":157,"file":451,"line":230},{"type":184,"name":446,"callback":444,"priority":157,"file":451,"line":159},{"type":184,"name":448,"callback":449,"priority":157,"file":451,"line":307},{"type":154,"name":438,"callback":439,"priority":157,"file":456,"line":217},"inc\\gateways\\class-otpa-wp-email-gateway.php",{"type":154,"name":385,"callback":385,"priority":157,"file":456,"line":220},{"type":184,"name":443,"callback":459,"priority":157,"file":456,"line":226},"otp_widget_identifier_placeholder",{"type":154,"name":461,"callback":462,"priority":157,"file":456,"line":463},"wp_mail_failed","set_error",234,{"type":154,"name":465,"callback":466,"priority":157,"file":467,"line":170},"otpa_ready","run","inc\\integration\\class-otpa-integration.php",{"type":154,"name":469,"callback":277,"priority":26,"file":470,"line":86},"um_after_form","inc\\integration\\ultimate-member\\class-otpa-um-integration.php",{"type":184,"name":472,"callback":473,"priority":157,"file":470,"line":278},"um_get_option_filter__accessible","um_allow_access",{"type":154,"name":475,"callback":475,"priority":157,"file":470,"line":223},"um_submit_form_errors_hook",{"type":154,"name":477,"callback":475,"priority":157,"file":470,"line":307},"um_submit_account_errors_hook",{"type":154,"name":479,"callback":480,"priority":157,"file":470,"line":233},"um_after_user_account_updated","save_account_details",{"type":154,"name":482,"callback":483,"priority":157,"file":470,"line":163},"um_custom_error_message_handler","account_identifier_error",{"type":154,"name":485,"callback":486,"priority":157,"file":470,"line":174},"um_after_account_general","account_form_alter",{"type":154,"name":488,"callback":277,"priority":26,"file":489,"line":86},"woocommerce_login_form_end","inc\\integration\\woocommerce\\class-otpa-woocommerce-integration.php",{"type":184,"name":491,"callback":492,"priority":157,"file":489,"line":220},"woocommerce_form_field","alter_synced_field",{"type":184,"name":494,"callback":495,"priority":282,"file":489,"line":223},"woocommerce_customer_meta_fields","alter_admin_synced_field",{"type":184,"name":497,"callback":498,"priority":157,"file":489,"line":226},"otpa_woocommerce_account_validation_otp_identifier_description","alter_identifier_description",{"type":184,"name":500,"callback":501,"priority":157,"file":489,"line":230},"woocommerce_registration_errors","validate_account_registration",{"type":154,"name":503,"callback":504,"priority":157,"file":489,"line":159},"woocommerce_after_save_address_validation","validate_address_update",{"type":184,"name":506,"callback":507,"priority":157,"file":489,"line":163},"woocommerce_save_account_details_errors","validate_account_update",{"type":154,"name":509,"callback":486,"priority":157,"file":489,"line":166},"woocommerce_edit_account_form",{"type":184,"name":511,"callback":512,"priority":157,"file":513,"line":514},"otpa_authentication_gateways","register_authentication_gateway","otp-authenticator.php",59,{"type":154,"name":516,"callback":517,"priority":157,"file":513,"line":518},"plugins_loaded","otpa_run",122,[520,524,527,531],{"action":521,"nopriv":522,"callback":523,"hasNonce":522,"hasCapCheck":522,"file":249,"line":166},"otpa_refresh_logs",false,"refresh_logs_async",{"action":525,"nopriv":522,"callback":526,"hasNonce":522,"hasCapCheck":522,"file":249,"line":170},"otpa_clear_logs","clear_logs_async",{"action":528,"nopriv":522,"callback":529,"hasNonce":530,"hasCapCheck":522,"file":359,"line":194},"otpa_toggle_user_validation","toggle_user_validation",true,{"action":532,"nopriv":522,"callback":533,"hasNonce":530,"hasCapCheck":522,"file":359,"line":291},"otpa_toggle_user_2fa_active","toggle_user_2fa_active",[],[536],{"tag":537,"callback":538,"file":158,"line":230},"otpa_2fa_switch","add_2fa_button_switch_shortcode",[540],{"hook":251,"callback":251,"file":249,"line":541},104,2,{"dangerousFunctions":544,"sqlUsage":549,"outputEscaping":560,"fileOperations":26,"externalRequests":26,"nonceChecks":624,"capabilityChecks":624,"bundledLibraries":625},[545],{"fn":546,"file":470,"line":547,"context":548},"unserialize",107,"$fields   = isset( $args['custom_fields'] ) ? unserialize( $args['custom_fields'] ) : false; \u002F\u002F @cod",{"prepared":550,"raw":14,"locations":551},12,[552,555,557],{"file":249,"line":553,"context":554},91,"$wpdb->get_var() with variable interpolation",{"file":249,"line":556,"context":554},149,{"file":249,"line":558,"context":559},200,"$wpdb->query() with variable interpolation",{"escaped":561,"rawEcho":178,"locations":562},146,[563,566,568,570,572,574,576,578,580,582,583,585,586,588,590,592,594,596,598,600,602,604,606,609,612,614,615,617,618,620,622],{"file":249,"line":564,"context":565},226,"raw output",{"file":249,"line":567,"context":565},238,{"file":270,"line":569,"context":565},84,{"file":299,"line":571,"context":565},325,{"file":299,"line":573,"context":565},338,{"file":299,"line":575,"context":565},342,{"file":299,"line":577,"context":565},357,{"file":299,"line":579,"context":565},361,{"file":302,"line":581,"context":565},192,{"file":329,"line":556,"context":565},{"file":329,"line":584,"context":565},161,{"file":359,"line":297,"context":565},{"file":359,"line":587,"context":565},72,{"file":419,"line":589,"context":565},250,{"file":419,"line":591,"context":565},267,{"file":440,"line":593,"context":565},333,{"file":451,"line":595,"context":565},239,{"file":456,"line":597,"context":565},101,{"file":470,"line":599,"context":565},242,{"file":470,"line":601,"context":565},264,{"file":489,"line":603,"context":565},273,{"file":489,"line":605,"context":565},293,{"file":607,"line":608,"context":565},"inc\\templates\\admin\\log-row.php",9,{"file":610,"line":611,"context":565},"inc\\templates\\admin\\logs-settings-page.php",47,{"file":613,"line":226,"context":565},"inc\\templates\\admin\\otpa-form-preview-page.php",{"file":613,"line":264,"context":565},{"file":616,"line":230,"context":565},"inc\\templates\\otpa-otp-form-page.php",{"file":616,"line":190,"context":565},{"file":619,"line":226,"context":565},"inc\\templates\\otpa-otp-info.php",{"file":621,"line":283,"context":565},"inc\\templates\\otpa-set-otp-identifier-form-page.php",{"file":621,"line":623,"context":565},79,4,[626],{"name":627,"version":27,"knownCves":628},"Guzzle",[],[],{"summary":631,"deductions":632},"The 'otp-authenticator' v1.1 plugin exhibits a mixed security posture.  On the positive side, it has a clean vulnerability history with no recorded CVEs and demonstrates good practices in SQL query preparation and output escaping. The plugin also correctly implements nonce and capability checks for most of its entry points.  However, there are notable concerns stemming from the static analysis.  The presence of two unprotected AJAX handlers represents a significant attack surface that could be exploited by unauthenticated users, potentially leading to unauthorized actions or data manipulation. Additionally, the use of the `unserialize` function, even if not directly tied to an exploit in the current analysis, is a well-known source of vulnerabilities when dealing with untrusted input.  The absence of taint analysis data might indicate thoroughness or simply a lack of reported flows, but it's a gap in understanding potential risks.",[633,635],{"reason":634,"points":157},"Unprotected AJAX handlers",{"reason":636,"points":402},"Dangerous function (unserialize)","2026-03-16T21:48:11.256Z",{"wat":639,"direct":650},{"assetPaths":640,"generatorPatterns":645,"scriptPaths":646,"versionParams":647},[641,642,643,644],"\u002Fwp-content\u002Fplugins\u002Fotp-authenticator\u002Finc\u002Fassets\u002Fjs\u002Fotp-authenticator-2fa-user.js","\u002Fwp-content\u002Fplugins\u002Fotp-authenticator\u002Finc\u002Fassets\u002Fjs\u002Fotp-authenticator-2fa-user.min.js","\u002Fwp-content\u002Fplugins\u002Fotp-authenticator\u002Finc\u002Fassets\u002Fcss\u002Fotp-authenticator-2fa.css","\u002Fwp-content\u002Fplugins\u002Fotp-authenticator\u002Finc\u002Fassets\u002Fcss\u002Fotp-authenticator-2fa.min.css",[],[],[648,649],"otp-authenticator\u002Finc\u002Fassets\u002Fjs\u002Fotp-authenticator-2fa-user.js?ver=","otp-authenticator\u002Finc\u002Fassets\u002Fcss\u002Fotp-authenticator-2fa.css?ver=",{"cssClasses":651,"htmlComments":653,"htmlAttributes":654,"restEndpoints":656,"jsGlobals":658,"shortcodeOutput":660},[652],"otpa-2fa-switch-button",[],[655],"data-otpa-2fa-nonce",[657],"\u002Fwp-json\u002Fotpa\u002Fv1\u002F2fa",[659],"otpa_2fa_data",[661],"[otpa_2fa_switch]"]