[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSfRrAu1ZT3hfJYbF7oI5SnXGtGgyrwxSv2owqdpL-Q0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":50,"analysis":156,"fingerprints":284},"password-for-wp","Password for WP","1.6.1","get3code","https:\u002F\u002Fprofiles.wordpress.org\u002Fget3code\u002F","\u003Cp>Add a password for the entire WordPress website in a simple and quick way. You can edit the background and add a message to the user. The plugin is completely free.\u003C\u002Fp>\n\u003Ch3>Upgrading\u003C\u002Fh3>\n\u003Cp>For manual upgrades via FTP, deactivate and reactivate the plugin to ensure it works correctly.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>Plugin translations will be added in future versions.\u003C\u002Fp>\n","Add a password for the entire WordPress website. Edit the background and message. Free and simple to use.",200,3721,0,"2025-01-03T12:40:00.000Z","6.7.5","4.9","5.6",[19,20,21,22,23],"maintenance-mode","password","password-protect","restrict-content","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-for-wp.1.6.1.zip",91,1,"2024-12-11 15:10:43","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-11419","password-for-wp-cross-site-request-forgery-to-stored-cross-site-scripting","Password for WP \u003C= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the get3_init_admin_page() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.5","1.6","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-01-20 21:47:28",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9a5eb090-2dfb-4b30-bfc6-38061b94b87a?source=api-prod",40,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":48,"computed_at":49},82,"2026-04-04T02:14:28.592Z",[51,74,94,117,137],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":69,"download_link":70,"security_score":71,"vuln_count":72,"unpatched_count":13,"last_vuln_date":73,"fetched_at":29},"password-protected","Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content","2.7.12","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">👑 Get Pro\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ftastewp.com\u002Fnew\u002F?pre-installed-plugin-slug=password-protected\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fdocumentation\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you want to secure your WordPress site, to password protect pages, posts, WooCommerce categories, etc.❓ If so, then you need to install ✨\u003Cstrong>the Password Protected plugin\u003C\u002Fstrong>✨.\u003C\u002Fp>\n\u003Cp>Password Protected is a robust password protection plugin for WordPress that empowers you to password protect entire posts, pages, WordPress categories, WooCommerce products, the WordPress login (wp-admin) page, and even partial content with ease.\u003C\u002Fp>\n\u003Cp>Additionally, you can secure the password protected screen from WordPress attacks such as a WordPress brute force attack with the limit login feature.\u003C\u002Fp>\n\u003Cp>Therefore, the \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002F\" rel=\"nofollow ugc\">Password Protected WordPress plugin\u003C\u002Fa> ensures comprehensive security, covering everything from WordPress pages to WooCommerce products, all with a user-friendly interface.\u003C\u002Fp>\n\u003Ch3>Why Do You Need to Password Protect WordPress Site?\u003C\u002Fh3>\n\u003Cp>With the rapidly rising number of cyber threats, having an effective WordPress security system for your website is essential.\u003C\u002Fp>\n\u003Cp>Whether you’re a blogger, a business owner, or a developer, protecting sensitive information and controlling who can access the content you have created is essential. This is where the Password Protected plugin comes in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For example\u003C\u002Fstrong>, imagine you’re a photographer showcasing your portfolio. By using the Password Protect WordPress plugin, you can share your work securely with potential clients.\u003Cbr \u002F>\nYou can either password protect your entire portfolio page or use partial content protection to lock only certain sections, such as high-resolution images or download links. This way, you can display teasers publicly while keeping your premium work private until you’re ready to share it.\u003C\u002Fp>\n\u003Ch3>What Makes the Password Protected Plugin Stand Out! 😎\u003C\u002Fh3>\n\u003Cp>Wouldn’t you like to have WordPress password protection that gives you peace of mind and immense security for your WordPress site❓\u003C\u002Fp>\n\u003Cp>Here are some of the features of the password protect WordPress plugin that gives so much control over your WordPress content protection while protecting your site from unauthorized access.\u003C\u002Fp>\n\u003Ch3>⚡ Password Protect Entire WordPress Site With These Features:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>✅ Complete Site Protection —💯% FREE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to protect your entire WordPress site? Password Protected plugin makes it easy!\u003C\u002Fp>\n\u003Cp>With a single master password, password protect entire WordPress site to prevent unauthorized access. Also, set how long you want to use the password, define protected permission, and much more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Passwordless Admin Access\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>As an admin, you probably don’t want the hassle of entering additional passwords to access your site. Right?\u003C\u002Fp>\n\u003Cp>Don’t worry. With the Password Protected plugin, you can simplify the login process for administrators with Passwordless Admin Access. This time-saving functionality enhances efficiency and security by eliminating the need for administrators to manage passwords or risk exposure to unauthorized access attempts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Google reCAPTCHA\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add an extra layer of protection to your password screen with Google reCAPTCHA (v2 & v3). It blocks automated bots and spam by requiring human verification through simple challenges like image selection or puzzle solving.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ hCaptcha [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Secure your password form with hCaptcha, a privacy-focused alternative to Google reCAPTCHA. It verifies human users while keeping data collection minimal, helping you block bots effectively without sacrificing user privacy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Cloudflare Turnstile [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Protect your password entry with Cloudflare Turnstile, a lightweight, user-friendly CAPTCHA solution. Unlike traditional captchas, Turnstile verifies visitors in the background, offering strong bot protection without interrupting the user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ IP Address Whitelisting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can specify which IP addresses can access password protected content with IP Address Whitelisting.\u003C\u002Fp>\n\u003Cp>This feature adds an extra layer of security by preventing unauthorized access from IP addresses not included on the whitelist so that only approved users can access protected content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Specific Post\u002FPage Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Do you have premium content or sensitive information that you want to restrict access to? With the Password Protected plugin, you can easily password protect pages or posts so that only authorized users can view them. This feature allows you to offer exclusive content to subscribers or conduct private testing before publication.\u003C\u002Fp>\n\u003Cp>Check out our guide on how to \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fwordpress-password-protect-page\u002F\" rel=\"nofollow ugc\">password protect WordPress page\u003C\u002Fa> the right way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ User Role Whitelisting [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you are looking for simplified access control based on user roles. The User Role Whitelisting is the solution you need. By whitelisting certain user roles for your WordPress site, such as administrators, editors, or subscribers, you can ensure that authorized users can view protected content without entering a password.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Partial Content Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily protect specific sections of your WordPress pages or posts with shortcodes. Show free previews while locking premium text, media, or downloads behind a password. Fully compatible with Elementor, Gutenberg, and Beaver Builder, letting you restrict content blocks, widgets, or sections without breaking your design. Perfect for membership sites, gated resources, and premium WordPress content protection.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Page Builder Support: Elementor, Gutenberg & Beaver Builder [Pro]\u003C\u002Fstrong>\u003Cbr \u002F>\nProtect content directly inside Elementor, Gutenberg, or Beaver Builder. Restrict sections, blocks, or widgets without breaking layouts—ideal for WordPress content protection within page builders.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ WP-Admin Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Password protect wp-login (WordPress admin login page) against unauthorized access. This feature adds an extra layer of security by requiring a password to access the WP-admin dashboard, giving you greater protection against unauthorized login attempts and a \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fwordpress-brute-force-attack\u002F\" rel=\"nofollow ugc\">WordPress brute force attack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>When you password protect WordPress login page (WP-admin area), it prevents unauthorized users from accessing sensitive site settings, user data, and administrative functions. This is particularly important for sites with multiple administrators or contributors, as it helps prevent unauthorized changes to site settings or content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Password Attempt Activity Report (Weekly)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Gain valuable insights into user interactions with your protected content (e.g., password protect pages, posts, etc.) through our exclusive Password Attempt Activity Report. This report will provide a comprehensive overview of login attempts, including successful and failed tries, browsers utilized, and recent activity logs. Whether using the Free or Pro version, this report enables you to track login attempts and user activity efficiently.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Custom Post Type Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Extend your site’s security beyond standard posts and pages. The Password Protected plugin allows you to protect any custom post type, such as portfolios or testimonials, or you can even password protect WooCommerce products. The feature is extremely useful for businesses or creatives looking to share proprietary content or restrict content access to certain areas of their site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Category\u002FTaxonomy Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Password protect categories to take control of your site’s organization and access. Using single or multiple passwords, you can lock specific WordPress categories or taxonomies, along with related post tags.\u003C\u002Fp>\n\u003Cp>This functionality is ideal for websites with diverse content categories or membership tiers. By restricting access to certain categories, you can create exclusive areas for different user groups or offer premium\u002Frestricted content to subscribers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Certain Page\u002FPosts Exclusions [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maintain flexibility in your WordPress site’s accessibility by excluding specific pages, posts, and post types from password protection. Whether it’s your homepage, contact page, or landing page, you can ensure that certain content remains accessible to all visitors while securing entire website content with a password.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Limit Login Attempts [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set up a limit for login attempts to protect your WordPress password protected screen against the most common WordPress attacks, such as brute force attacks. The Password Protected \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Flimit-login-attempts\u002F\" rel=\"nofollow ugc\">limit login attempts\u003C\u002Fa> feature is a proactive measure that mitigates the risk of unauthorized access and strengthens overall site security.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Password Expiration and Usage Limit [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you want to password protect WordPress pages\u002Fposts for a certain period, set expiration dates and impose usage limits to restrict the number of times a user can use the password. This will make your site more secure and make it easier to manage user access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅Bypass Links for Quick Access [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For passwordless access, easily create unique bypass links for each password protected post, page, WooCommerce product, or category, along with a master bypass URL for the entire site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Detailed Activity Logs\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stay informed and vigilant with detailed activity logs for every password attempt. This feature provides comprehensive insights into site activity, including IP addresses, dates, times, and login statuses, so you can easily monitor and review user interactions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Lock Screen Customization [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Make a lasting impression on visitors with a personalized and professional lock screen. With our Login Designer plugin, you can customize the appearance of your password-protected screen to align with your brand identity and aesthetics.\u003C\u002Fp>\n\u003Cp>With options to customize the background, logo, and other elements of the lock screen, you can create a cohesive and visually appealing experience for users seeking access to your protected\u002Frestricted content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Multiple Password Management [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Experience unmatched flexibility and control over access permissions with Multiple Password Management. You can create unlimited passwords for any lock screen. It is also easy to activate or deactivate multiple passwords for various purposes, from testing to membership management.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Import & Export Passwords [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For quick easy password management, import or export passwords in bulk using a CSV file, complete with usage limits, expiry, status, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Request Password [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily request access to protected content. Simply submit your email, the request is sent to the admin for review. The admin can then approve or reject the request directly from the WordPress dashboard. Upon approval, the user will receive the password to access the protected content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get ✨\u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org+&utm_medium=password_protected_product_page\" rel=\"nofollow ugc\">Password Protected Pro\u003C\u002Fa>✨ Now!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🎉 5 Key Reasons Why You Should Opt for Password Protected Pro\u003C\u002Fh3>\n\u003Cp>⚡ \u003Cstrong>Reason #1: Boost Your WordPress Site’s Security With Ease\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Upgrade your site’s security with \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Password Protected Pro\u003C\u002Fa> and get comprehensive password protection.\u003C\u002Fp>\n\u003Cp>Easily password protect WordPress website. From specific page\u002Fpost protection to WP-Admin protection and user role whitelisting, Password Protected Pro empowers you to easily secure your site against unauthorized access.\u003C\u002Fp>\n\u003Cp>With intuitive password management features like multiple password management and detailed activity logs, maintaining security protocols becomes a seamless task, allowing you to focus on your core business objectives without compromising on protection.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #2: Better User Experience and Accessibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlock unparalleled flexibility in access control with Password Protected Pro’s advanced features. Whether you’re offering exclusive\u002Frestricted content to subscribers or conducting private testing before publication, specific page\u002Fpost protection ensures that only authorized users can access sensitive information.\u003C\u002Fp>\n\u003Cp>Meanwhile, features like Bypass URLs and certain page\u002Fpost exclusions allow you to maintain accessibility for public-facing content, striking the perfect balance between security and user experience.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #3: Gain Valuable Insights and Oversight\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stay informed and vigilant with Password Protected Pro’s weekly comprehensive activity reporting and logging capabilities. With the password attempt activity report, including detailed activity logs, you gain valuable insights into user interactions, login attempts, and site activity.\u003C\u002Fp>\n\u003Cp>This actionable data enables you to monitor access patterns, detect potential security threats, and optimize your access control strategy accordingly.\u003C\u002Fp>\n\u003Cp>By leveraging this insight, you can proactively enhance site security, mitigate risks, and ensure compliance with privacy regulations, fostering trust and confidence among your user base.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #4: Simplified Password Management and Administration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Automate password management with Password Protected Pro’s user-friendly interface and intuitive tools.\u003C\u002Fp>\n\u003Cp>With features like password expiration and usage limits, limit login attempts, and passwordless admin access, you can automate routine tasks, reduce administrative overhead, and ensure a smooth user experience.\u003C\u002Fp>\n\u003Cp>With simplified access control and administration, Password Protected Pro frees up your valuable time and resources so you can focus on your core business objectives while maintaining the highest standards of security and compliance.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #5: Easy Membership Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you manage a membership site or subscription-based platform, Password Protected Pro offers the features you need to provide exclusive access to your users to maximize revenue.\u003C\u002Fp>\n\u003Cp>With features like user role whitelisting and multiple password management, you can conveniently control access permissions for your WordPress restricted content. By simplifying \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fcontent-locking-in-wordpress\u002F\" rel=\"nofollow ugc\">WordPress content protection\u003C\u002Fa> and ensuring seamless access for paying members, you can enhance user experience, retain subscribers, and drive sustained revenue growth.\u003C\u002Fp>\n\u003Ch3>🎉 Use Cases for WordPress Password Protection\u003C\u002Fh3>\n\u003Cp>⚡ \u003Cstrong>Use Case #1: Offer Premium Content to Your Subscribers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlock the potential of your premium content by offering exclusive access to subscribers with Password Protected plugin. You can securely share articles, e-books, podcasts, and reports while tracking password usage and preventing unauthorized sharing.\u003C\u002Fp>\n\u003Cp>With the ability to generate multiple passwords, you can ensure that only paying subscribers enjoy your valuable content.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #2: Give Clients Exclusive Access to Your Portfolio\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Securely showcase your portfolio to clients with Password Protected, safeguarding your work from unauthorized access. Generate unique passwords for each client, ensuring personalized access while impressing them with a custom lock screen.\u003C\u002Fp>\n\u003Cp>With Password Protected, you can maintain confidentiality and professionalism while sharing your creative endeavors.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #3: Keep Under Maintenance Pages Private\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maintain confidentiality and control over your unfinished website pages with Password Protected plugin. If you are working on a new website or updating existing pages, you can password protect pages or the entire WordPress site to keep your work private.\u003C\u002Fp>\n\u003Cp>Generate temporary passwords with limited usage, providing secure access to administrators while keeping your work private until it’s ready for public viewing.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #4: Create a Private Family Blog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set up a secure and private space for your family to connect and share precious moments. Post family photos, videos, stories, and updates without worrying about unauthorized access.\u003C\u002Fp>\n\u003Cp>With the \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002F\" rel=\"nofollow ugc\">Password Protected\u003C\u002Fa> plugin, you can generate unique passwords for each family member and friend, ensuring that only those you trust can access your family blog.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #5: Provide Exclusive Access to Virtual Events\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Host exclusive virtual events and password-protect your site pages\u002Fposts with Password Protected. Generate unique passwords for each participant and customize the lock screen to enhance professionalism.\u003C\u002Fp>\n\u003Cp>By offering exclusive access to virtual events, you can increase membership and engagement while providing a secure and memorable experience for participants.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #6: Create Member-Only WooCommerce Products\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Get more sales and customer loyalty by offering member-only WooCommerce products with Password Protected. Securely password protect WooCommerce products or categories, assigning multiple passwords for different offerings.\u003C\u002Fp>\n\u003Cp>Whether it’s special deals, discounts, or bonuses, the plugin enables you to password protect any product so you can offer those exclusive products to your valued members, driving sales and fostering a sense of exclusivity.\u003C\u002Fp>\n\u003Cp>Check out our detailed guide on how to \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpassword-protect-woocommerce-products\u002F\" rel=\"nofollow ugc\">password protect WooCommerce products\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpassword-protect-woocommerce-shop-page\u002F\" rel=\"nofollow ugc\">WooCommerce shop page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Need Help? Get Expert Assistance\u003C\u002Fh3>\n\u003Cp>Can’t figure out how to implement password protection for your WordPress site? We’ve got you covered around the clock.\u003C\u002Fp>\n\u003Cp>Whether it’s troubleshooting technical issues, setting up password protection, or exploring advanced features, our dedicated support team is here to assist you every step of the way.\u003C\u002Fp>\n\u003Cp>So, don’t hesitate to \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">reach out for prompt and reliable guidance\u003C\u002Fa>. Contact us now to experience smooth and hassle-free service 😀.\u003C\u002Fp>\n\u003Ch3>Documentation and support\u003C\u002Fh3>\n\u003Cp>👉 To learn more, check out Password Protected \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fdocumentation\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Technical Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>👉 Open a support ticket \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Protect your WordPress site, pages, posts, WooCommerce products, and categories with single or multiple passwords.",300000,6892846,88,136,"2025-12-18T06:07:00.000Z","6.9.4","4.6",[19,21,67,68,22],"password-protect-page","password-protection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-protected\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-protected.2.7.12.zip",95,5,"2025-10-24 16:54:49",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":64,"requires_at_least":17,"requires_php":87,"tags":88,"homepage":91,"download_link":92,"security_score":93,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"smart-password-protect","Password Protect – Temporary Login Without Password & Password Protect Entire Site","1.2.4","Huzaifa Al Mesbah","https:\u002F\u002Fprofiles.wordpress.org\u002Fhuzaifaalmesbah\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Ftastewp.org\u002Fplugins\u002Fsmart-password-protect\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsmart-password-protect\u002F\" rel=\"ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Password Protect\u003C\u002Fstrong> is the most powerful and versatile security plugin for WordPress. It combines robust \u003Cstrong>site-wide password protection\u003C\u002Fstrong> with a modern \u003Cstrong>temporary login\u003C\u002Fstrong> system, giving you complete control over who accesses your website.\u003C\u002Fp>\n\u003Cp>Whether you are developing a site in a staging environment, putting your site in maintenance mode, or need to grant temporary admin access to a developer, Smart Password Protect has you covered.\u003C\u002Fp>\n\u003Cp>We analyzed the top security plugins in the market and built a better, all-in-one solution. Stop installing multiple plugins for “Maintenance Mode”, “Password Protection”, and “Temporary Logins”. Get it all in one lightweight, high-performance package.\u003C\u002Fp>\n\u003Ch3>🔥 Key Features Overview\u003C\u002Fh3>\n\u003Ch4>1. 🔐 Password Protect Entire Site (Maintenance Mode)\u003C\u002Fh4>\n\u003Cp>Lock your WordPress site instantly with a single password. This is perfect for staging sites, private portfolios, or maintenance mode.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-Click Protection\u003C\u002Fstrong>: Enable or disable protection instantly from the dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute-Force Protection\u003C\u002Fstrong>: Prevent dictionary attacks with built-in rate limiting that temporarily locks out users after too many incorrect password guesses.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Whitelisting\u003C\u002Fstrong>: Allow specific IP addresses (e.g., your office, home, or client) to bypass the password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Role Bypass\u003C\u002Fstrong>: Allow Administrators or logged-in users to access the site without a password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Friendly\u003C\u002Fstrong>: Automatically sends \u003Ccode>noindex\u003C\u002Fcode> headers to prevent Google from indexing your private\u002Fstaging content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Password Form\u003C\u002Fstrong>: A beautiful, responsive login page that looks great on all devices.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remember Me\u003C\u002Fstrong>: Users can choose to stay logged in for up to 7 days (configurable).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customization\u003C\u002Fstrong>: Easily customize the look and feel of the password page via CSS.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2. 🔗 Temporary Login Without Password (Magic Links)\u003C\u002Fh4>\n\u003Cp>Create secure, self-expiring login links to grant temporary admin access without sharing your real credentials.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Secure Developer Access\u003C\u002Fstrong>: Give developers or support agents admin access safely.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto-Expiration\u003C\u002Fstrong>: Set links to expire after 1 hour, 1 day, 7 days, or a custom date.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Credentials Needed\u003C\u002Fstrong>: Users log in simply by clicking the link. No username or password required.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role Management\u003C\u002Fstrong>: Assign any role (Admin, Editor, Subscriber) to the temporary user.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Options Toggle\u003C\u002Fstrong>: Show\u002Fhide advanced settings (Login Limits, User Role) with a simple click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect After Login\u003C\u002Fstrong>: Automatically redirect users to a specific page (e.g., Settings, Home, or Custom URL).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activity Logs\u003C\u002Fstrong>: Track exactly when a temporary user logs in, their IP address, and browser.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Limits\u003C\u002Fstrong>: Restrict the number of times a link can be used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Content Reassignment\u003C\u002Fstrong>: When a temporary user is deleted, any posts, pages, WooCommerce products, or other custom post types they created or modified are automatically reassigned to the admin — never trashed or lost.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Self-Preservation\u003C\u002Fstrong>: Temporary users cannot deactivate or delete the Smart Password Protect plugin itself.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Profile Lockdown\u003C\u002Fstrong>: Temporary users are blocked from editing their profile or creating\u002Fdeleting other users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Status Control\u003C\u002Fstrong>: Manually change Temporary Login status (Active, Inactive, Expired) directly from the dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Logout\u003C\u002Fstrong>: Users are immediately logged out when their token becomes inactive or expired.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Deactivation Protection\u003C\u002Fstrong>: All temporary users are automatically logged out when the plugin is deactivated.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security\u003C\u002Fstrong>: Multi-layer authentication validation prevents access with invalid tokens.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full Third-Party Compatibility\u003C\u002Fstrong>: Temporary users with admin role can access WooCommerce (products, orders, setup wizard), Elementor, and all other third-party plugin pages without any access issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3. 🛡️ Advanced Security & Logs\u003C\u002Fh4>\n\u003Cp>Keep a close eye on who is accessing your site and ensure maximum security.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Detailed Audit Trail\u003C\u002Fstrong>: View a history of every temporary login, including time, IP, and browser.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bot Protection\u003C\u002Fstrong>: Blocks search engine crawlers when protection is active.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Capability Controls\u003C\u002Fstrong>: Restrict temporary admins from deleting plugins or themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Validation\u003C\u002Fstrong>: Automatically checks for token expiration and usage limits before allowing access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Authentication Control\u003C\u002Fstrong>: Automatically logs out users when tokens are deactivated, expired, or deleted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Request-Level Validation\u003C\u002Fstrong>: Validates token status on every request to prevent unauthorized access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Cookie-Based Authentication\u003C\u002Fstrong>: Sets secure, httponly cookies that expire automatically after 1 day.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4. 🌍 Multi-Language Support\u003C\u002Fh4>\n\u003Cp>Use the plugin in your native language with complete translation support.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>20+ Languages\u003C\u002Fstrong>: German, French, Spanish, Italian, Portuguese, Russian, Chinese (Simplified & Traditional), Arabic, Hindi, Bengali, Dutch, Polish, Czech, Danish, Bulgarian, Catalan, Croatian, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RTL Support Ready\u003C\u002Fstrong>: Compatible with right-to-left languages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contribute\u003C\u002Fstrong>: Help us translate! Submit translations via \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fsmart-password-protect\u002F\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚡ Use Cases for Smart Password Protect\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>⚡ Use Case #1: Secure Staging & Development Environments\u003C\u002Fstrong>\u003Cbr \u002F>\nProtect your client’s site while it’s under development. Use the “Password Protection” feature to keep the site hidden from the public and search engines (noindex) while allowing you and your client to view progress. This is the professional way to handle staging sites without complex server configurations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Use Case #2: Grant Safe Temporary Access to Developers\u003C\u002Fstrong>\u003Cbr \u002F>\nNeed a developer to fix a bug? Don’t share your admin credentials. Instead, generate a “Temporary Login Link” with a specific role and expiration time. They get one-click access, and you get peace of mind knowing the access will auto-expire and they can’t delete your plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Use Case #3: Maintenance Mode Made Simple\u003C\u002Fstrong>\u003Cbr \u002F>\nUpdating your site or making design changes? Instantly lock the entire site with a single password. You can whitelist your own IP address to keep working while visitors see a professional password page. It’s faster and easier than installing a dedicated maintenance mode plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Use Case #4: Exclusive Client Portfolios\u003C\u002Fstrong>\u003Cbr \u002F>\nShowcase your work privately. Password protect your portfolio site and share the password only with prospective clients. This ensures your creative work remains exclusive and confidential until you are ready to show it to the world.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Use Case #5: Internal Company Documentation\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate a private hub for your team. Restrict access to internal tools, wikis, or resources. With “User Role Bypass”, your logged-in employees can access content seamlessly without entering a password every time, while outsiders remain blocked.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Use Case #6: Private Family & Personal Blogs\u003C\u002Fstrong>\u003Cbr \u002F>\nShare personal stories and photos with only those you trust. Set a simple site-wide password so family and friends can view your content while keeping it safe from strangers and bots. It’s the perfect solution for keeping personal memories private.\u003C\u002Fp>\n\u003Ch3>🚀 Explore Smart Password Protect Features\u003C\u002Fh3>\n\u003Cp>✅ \u003Cstrong>Complete Site Protection — 100% FREE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Instantly locks your entire WordPress site behind a secure password screen. Only visitors with the correct password can access your content.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Navigate to \u003Cstrong>Smart Password Protect > Password Protection\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Toggle “Enable Password Protection” to \u003Cstrong>On\u003C\u002Fstrong>.\u003Cbr \u002F>\n3.  Enter your desired password in the “Set Password” field.\u003Cbr \u002F>\n4.  (Optional) Adjust “Remember Me” duration to control how long users stay logged in.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Secure Temporary Login Links — No Credentials Needed\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Generates a unique “Magic Link” that logs a user in automatically with a specific role and expiration time. Perfect for developers or support agents.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Temporary Login\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Select an expiration time (e.g., 7 Days).\u003Cbr \u002F>\n3.  (Optional) Click “+ Show Advanced Options” to set a specific User Role or Login Limit.\u003Cbr \u002F>\n4.  Click \u003Cstrong>Generate Link\u003C\u002Fstrong> and copy the URL.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Passwordless Admin Access\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Allows administrators to access the site without entering the protection password, saving time and hassle.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Password Protection > Permissions\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Toggle “Allow Administrators” to \u003Cstrong>On\u003C\u002Fstrong>.\u003Cbr \u002F>\n3.  Now, if you are logged into WordPress as an admin, you will bypass the password screen automatically.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Allow RSS Feeds\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Ensures your RSS feeds remain accessible even when the site is password protected.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Password Protection > Permissions\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Toggle “Allow RSS Feeds” to \u003Cstrong>On\u003C\u002Fstrong>.\u003Cbr \u002F>\n3.  Your RSS feeds (e.g., \u002Ffeed) will now be publicly accessible without a password.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Allow REST API\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Allows external applications and mobile apps to access your site’s data via the WordPress REST API by bypassing the protection.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Password Protection > Permissions\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Toggle “Allow REST API” to \u003Cstrong>On\u003C\u002Fstrong>.\u003Cbr \u002F>\n3.  Your site’s REST API endpoints (e.g., \u002Fwp-json) will now be accessible.\u003Cbr \u002F>\n    *   \u003Cstrong>Note:\u003C\u002Fstrong> When disabled, API requests will return a \u003Ccode>401 Unauthorized\u003C\u002Fcode> error with the message “Password protection is enabled”.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Smart IP Whitelisting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Grants instant access to specific IP addresses (like your home or office) so you don’t have to enter a password.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Password Protection > IP Settings\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Click \u003Cstrong>Auto Fill Input\u003C\u002Fstrong> to detect your current IP address.\u003Cbr \u002F>\n3.  Click \u003Cstrong>Add IP\u003C\u002Fstrong> to whitelist it. You can add as many IPs as you need.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Temporary Login Log\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> View history of temporary login usage and user actions.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Temporary Login\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Click on the \u003Cstrong>Logs\u003C\u002Fstrong> tab.\u003Cbr \u002F>\n3.  View the list of all recent login attempts to ensure no unauthorized access has occurred.\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Auto-Cleanup : Expired Links and Temporary Login Log\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does:\u003C\u002Fstrong> Automatically deletes expired temporary login links and users from your database to keep your site clean and secure.\u003Cbr \u002F>\n\u003Cstrong>How to use:\u003C\u002Fstrong>\u003Cbr \u002F>\n1.  Go to \u003Cstrong>Smart Password Protect > Temporary Login > Settings\u003C\u002Fstrong>.\u003Cbr \u002F>\n2.  Find the \u003Cstrong>Expired Links Auto-cleanup\u003C\u002Fstrong> setting.\u003Cbr \u002F>\n3.  Set the number of days (e.g., 30 days) after which expired logs and users will be permanently deleted.\u003C\u002Fp>\n\u003Ch3>⚡ Reasons Why You Should Opt for Smart Password Protect\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>⚡ Reason #1: Uncompromising Security & Control\u003C\u002Fstrong>\u003Cbr \u002F>\nUpgrade your site’s defense mechanisms with ease. Smart Password Protect allows you to lock your entire website instantly with a single password, while offering granular controls like IP Whitelisting and User Role Bypass. Built with advanced encryption and “Self-Preservation” logic, it ensures that temporary users cannot disable the plugin or hijack your site, giving you total peace of mind.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #2: Eliminate the Risk of Sharing Credentials\u003C\u002Fstrong>\u003Cbr \u002F>\nNever share your admin username and password again. With our \u003Cstrong>Temporary Login (Magic Links)\u003C\u002Fstrong> feature, you can generate secure, self-expiring access links for developers or support agents. These links use cryptographically secure tokens and allow one-click access without requiring any credentials. Once the work is done, the access is automatically revoked, keeping your main admin account completely secure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #3: Automated & Hands-Free Management\u003C\u002Fstrong>\u003Cbr \u002F>\nSay goodbye to manual user cleanup. Set your temporary login links to expire automatically after 1 hour, 1 day, or 7 days. Our intelligent “Auto-Cleanup” system runs in the background to permanently remove expired links and temporary user accounts from your database. This “set it and forget it” approach keeps your site clean and reduces administrative overhead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #4: Gain Valuable Insights with Activity Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nKnowledge is power. Stay informed with our detailed \u003Cstrong>Activity Logs\u003C\u002Fstrong> that tracks every single temporary login event. Monitor exactly who accessed your site, when they logged in, their IP address, and even their browser information. This audit trail is essential for security monitoring and ensures you always have oversight of external access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #5: Optimized for Speed & SEO\u003C\u002Fstrong>\u003Cbr \u002F>\nDon’t let security slow you down. Smart Password Protect is engineered to be lightweight and bloat-free, ensuring zero impact on your site’s loading speed. It also automatically handles SEO best practices by sending \u003Ccode>noindex\u003C\u002Fcode> headers for protected content, preventing Google from indexing staging sites or private pages. Plus, it works seamlessly with major caching plugins like WP Rocket and W3 Total Cache.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #6: The Ultimate All-in-One Toolkit\u003C\u002Fstrong>\u003Cbr \u002F>\nStop cluttering your site with multiple plugins. Smart Password Protect combines robust \u003Cstrong>Maintenance Mode\u003C\u002Fstrong>, \u003Cstrong>Site-Wide Password Protection\u003C\u002Fstrong>, and \u003Cstrong>Temporary Login\u003C\u002Fstrong> functionality into a single, cohesive package. By consolidating these features, you reduce plugin conflicts, save server resources, and simplify your workflow.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #7: Intuitive & Modern User Experience\u003C\u002Fstrong>\u003Cbr \u002F>\nWe believe security shouldn’t be complicated. Our plugin features a modern, React-powered dashboard that is intuitive and easy to navigate. From generating links to toggling protection, every action is just a click away. The frontend password form is also fully responsive and customizable, ensuring a professional experience for your visitors on any device.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Reason #8: Built for Developers\u003C\u002Fstrong>\u003Cbr \u002F>\nNeed more control? We’ve got you covered. Smart Password Protect is packed with hooks and filters, allowing developers to customize functionality to fit specific needs. Whether you need to modify bypass rules, control REST API access, or integrate with other tools, our codebase is clean, documented, and developer-friendly.\u003C\u002Fp>\n\u003Ch3>Check out our other Plugins\u003C\u002Fh3>\n\u003Cp>Enhance your WordPress site with our other powerful plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faccess-defender\u002F\" rel=\"ugc\">Access Defender\u003C\u002Fa>\u003C\u002Fstrong> – Advanced security plugin to protect your WordPress site from unauthorized access and malicious attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontributors-gallery\u002F\" rel=\"ugc\">Contributors Gallery\u003C\u002Fa>\u003C\u002Fstrong> – Showcase your WordPress contributors in a beautiful and customizable gallery layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproduct-spotlight-badge\u002F\" rel=\"ugc\">Product Spotlight Badge\u003C\u002Fa>\u003C\u002Fstrong> – Highlight your WooCommerce products with eye-catching badges to boost sales.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fredirect-after-logout\u002F\" rel=\"ugc\">Redirect After Logout\u003C\u002Fa>\u003C\u002Fstrong> – Redirect users to a custom page after logging out for enhanced user experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-optimizer\u002F\" rel=\"ugc\">Smart Optimizer\u003C\u002Fa>\u003C\u002Fstrong> – Instantly Boost Page Speed with One-Click Optimization\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frandom-quote\u002F\" rel=\"ugc\">Random Quote\u003C\u002Fa>\u003C\u002Fstrong> – Daily Inspirational Quotes for WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n","Password Protect entire site & create Temporary Login Without Password links. Simple & secure access for developers or maintenance.",70,1695,74,3,"2026-03-12T17:15:00.000Z","7.4",[19,21,89,22,90],"passwordless-login","temporary-login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-password-protect\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-password-protect.1.2.4.zip",100,{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":64,"requires_at_least":107,"requires_php":87,"tags":108,"homepage":112,"download_link":113,"security_score":114,"vuln_count":115,"unpatched_count":13,"last_vuln_date":116,"fetched_at":29},"better-wp-security","Solid Security – Password, Two Factor Authentication, and Brute Force Protection","9.4.6","StellarWP","https:\u002F\u002Fprofiles.wordpress.org\u002Fstellarwp\u002F","\u003Ch4>Reduce your WordPress website’s risk to nearly zero with Solid Security\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fwporg-security-ithemes\" rel=\"nofollow ugc\">Formerly iThemes Security. Looking for iThemes? Learn more here.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>On average, 30,000 websites are hacked every day.* Cyberattacks in the US increased by 57% in 2022.** Bad actors who want to hack your site, steal your data, and cripple your business are a 24\u002F7\u002F365 threat.\u003C\u002Fp>\n\u003Cp>You need a proactive, strategic approach to WordPress website security that protects your site from brute force attacks, malware infections, and other cyber threats.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsolid-security-pro\" rel=\"nofollow ugc\">Solid Security\u003C\u002Fa> shields your site from cyberattacks and prevents security vulnerabilities. It automatically locks out bad users identified by our Brute Force Protection Network that is nearly 1 million sites strong and leverages your own blacklist. It secures and protects your most commonly attacked part of your WordPress website – user login authentication.\u003C\u002Fp>\n\u003Cp>With Patchstack integration (Pro) protects your site before you even have a chance to address vulnerabilities and before a plugin or theme vendor or developer can even issue a patch.\u003C\u002Fp>\n\u003Cp>That’s 24\u002F7\u002F365 always-on truly Solid Security.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Welcome to Solid Security, Part of the SolidWP Suite\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F863249227?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch4>🌐 Secure your Website in Minutes\u003C\u002Fh4>\n\u003Cp>The Solid Security setup and onboarding experience allows anyone to secure their WordPress website in under 10 minutes, regardless of technical acumen. Knowing that you have enabled all the right security settings for your website will leave you feeling like your site has never been more secure.\u003C\u002Fp>\n\u003Ch4>📚 Security Site Templates to Fit Your Type of Site\u003C\u002Fh4>\n\u003Cp>Enabling the correct security settings based on the type of website you are building or maintaining is essential for proper security. An eCommerce site requires a different level of security than a basic blog. Solid Security Site Templates make it quick and easy to apply the right security settings for your website.\u003C\u002Fp>\n\u003Cp>Choose from six different site templates to apply the type of security your site needs:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Ecommerce\u003C\u002Fstrong> – websites that sell products or services\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Network\u003C\u002Fstrong> – websites that connect people or communities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Non-Profit\u003C\u002Fstrong> – websites that promote your cause and collect donations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blog\u003C\u002Fstrong> – websites that share your thoughts or start a conversation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Portfolio\u003C\u002Fstrong> – websites that showcase your craft\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brochure\u003C\u002Fstrong> – simple websites that promote your business\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>⌚ Real-Time Website Security Dashboard\u003C\u002Fh4>\n\u003Cp>Every day, lots of activity is happening on your website that you can’t see. Many of these activities can be related to your site’s security, so monitoring these events is vital to keeping your site secure.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsolid-security-pro\" rel=\"nofollow ugc\">Solid Security Pro\u003C\u002Fa> plugin provides a real-time WordPress security dashboard that monitors security-related events on your site around the clock. The Solid Security Dashboard is a dynamic dashboard with all your WordPress website’s security activity stats in one place, including brute force attacks, banned users, active lockouts, site scan results, and user security stats (Pro).\u003C\u002Fp>\n\u003Ch4>🗝️ WordPress Login Security\u003C\u002Fh4>\n\u003Cp>Setting up and maintaining proper WordPress configurations and managing user account access are essential aspects of hardening your site against threats and vulnerabilities. Basic and Pro include features that address both of these factors.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Two Factor Authentication (2FA)\u003C\u002Fstrong> – Make your WordPress login nearly impenetrable to attack by requiring users to enter a security code along with a password to login. The Solid Security plugin allows you to add two-factor authentication to your WordPress login with several authentication methods, including mobile apps like Authy and Google Authenticator, email, and backup codes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Password Requirements\u003C\u002Fstrong> – Create and enforce a password policy for your users in less than a minute.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>reCAPTCHA\u003C\u002Fstrong> (Pro) – Stop bad bots from engaging in abusive activities on your website, such as attempting to break into your website using compromised passwords, posting spam, or even scraping your content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Passwordless Logins\u003C\u002Fstrong> (Pro) – WordPress security made easy. Secure your user accounts with 2fa & strong passwords while allowing real users login with a click of a mouse.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Trusted Devices\u003C\u002Fstrong> (Pro) – Identify the devices you and other users use to block session hijacking attacks and limit Administrator privileges to Trusted Devices.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Automated Vulnerability Patching\u003C\u002Fstrong> (Pro) – Solid Security Pro includes Patchstack which patches vulnerabilities before you have a chance to and applies fixes even before a plugin developer or vendor has issued a patch.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fwporgpasswordless\" rel=\"nofollow ugc\">passwordless login is the future\u003C\u002Fa> and how Solid Security can help you implement it today.\u003C\u002Fp>\n\u003Ch4>👨‍👩‍👧‍👦 The Right Amount of Security for Every User Level\u003C\u002Fh4>\n\u003Cp>Different types of user levels require different levels of security. During the Solid Security setup process, you can identify your website’s key user groups. Once the different types of users are identified, you can apply the level of security that is just right for each user group.\u003C\u002Fp>\n\u003Cp>Here are a couple of examples of how User Groups are useful for securing your site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>For Clients\u003C\u002Fstrong> – Let’s say you are configuring Solid Security on a client’s website. You will decide whether or not they are required to use two-factor authentication and if they should have access to the Solid Security settings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>For Customers\u003C\u002Fstrong> – If you have an eCommerce website, you will decide whether or not you want to protect customer accounts with a password policy.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privilege Escalation\u003C\u002Fstrong> (Pro) also adds a safe, secure way to grant temporary admin-level access to your website.\u003C\u002Fp>\n\u003Ch4>🤖 Block Bad Bots & Ban User Agents with Lockouts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Ban Users\u003C\u002Fstrong> (Basic and Pro) – Permanently block repeat offenders from accessing your site.\u003Cbr \u002F>\nLocal Brute Force Protection – Automatically identify and stop the most common method of attack on WordPress sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Local Brute Force Protection\u003C\u002Fstrong> (Basic and Pro) – Automatically identify and stop the most common method of attack on WordPress sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Network Brute Force Protection\u003C\u002Fstrong> (Basic and Pro) – The network is the Solid Security community and is nearly one million websites strong. If someone tries to break into websites in the Solid Security community, Solid Security will block them across the network.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Magic Links\u003C\u002Fstrong> (Pro) – Security shouldn’t get in your way. Magic Links allow you to log in to your WordPress site while your username is locked out by the Solid Security Local Brute Force Protection feature.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔍 Monitor Your Site’s Security Health\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>File Change Detection\u003C\u002Fstrong> (Basic and Pro) – Solid Security logs changes made to your website that can help detect malicious activity on your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Site Scanner (Basic and Pro)\u003C\u002Fstrong> – Schedule checks to run four times per day (Basic) or hourly (Pro) for known vulnerabilities of WordPress core file, plugins and themes. Using the Google Safe Browsing API, the Site Scan also checks your Google’s blocklist status and will alert you if Google has found any malware on your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Patchstack integration (Pro)\u003C\u002Fstrong> – Automated virtual patching of some vulnerabilities before you even have a chance to address them yourself, and before a plugin or theme vendor or developer can even issue a patch.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Site Scanner\u003C\u002Fstrong> (Pro) – Unlock Version Management to automatically apply a patch to vulnerable software detected by the Site Scan when one is available.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Logging\u003C\u002Fstrong> (Pro) – Keep a record of user activity in your WordPress security logs, including login\u002Flogout, user registration, adding\u002Fremoving plugins, switching themes, changes to posts and pages, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Version Management\u003C\u002Fstrong> (Pro) – The Version Management feature in Solid Security Pro allows you to auto-update WordPress, plugins, and themes. Beyond that, Version Management also has options to harden your website when you are running outdated software and scan for old websites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧠 Smarter, More Actionable Vulnerability Prioritization\u003C\u002Fh4>\n\u003Cp>Not all vulnerabilities pose the same level of risk, and the traditional Common Vulnerability Scoring System (CVSS) score doesn’t always reflect the realities of running a WordPress site.\u003C\u002Fp>\n\u003Cp>Solid Security now uses the Patchstack Priority score, which goes beyond CVSS to provide a real-world risk assessment tailored to WordPress. It factors in how likely a vulnerability is to be exploited and its actual impact on your site.\u003C\u002Fp>\n\u003Cp>With Patchstack Priority, you get a clearer picture of what really matters, helping you focus on the vulnerabilities that pose the greatest risk, and worry less about noise from low-impact issues.\u003C\u002Fp>\n\u003Ch4>🛠️ Website Security Utilities\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enforce SSL\u003C\u002Fstrong> – Force all connections to the website to be made over SSL\u002FTLS.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Database Backups\u003C\u002Fstrong> – Create backups of your WordPress database. (Not a complete backup.)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Geolocation\u003C\u002Fstrong> (Pro) – Improve Trusted Devices by connecting to an external location or mapping API.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🚀 Advanced Security Tools\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Identify Server IPs\u003C\u002Fstrong> – Prevent issues caused by inadvertently locking out your server IPs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change User ID 1\u003C\u002Fstrong> – Change the user ID for the first WordPress user, potentially preventing attacks that assume the user with ID1 exists and is an administrator.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Database Prefix\u003C\u002Fstrong> – Change the database prefix that WordPress uses, potentially preventing attacks that assume the database prefix is “wp_”.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Check File Permission\u003C\u002Fstrong> – See the file and directory permissions of key areas of your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Config Rules\u003C\u002Fstrong> – View or flush the server security rules generated by Solid Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>wp-config.php Rules\u003C\u002Fstrong> – View or flush the wp-config.php security rules generated by Solid Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change WordPress Salts\u003C\u002Fstrong> – Secure your site after a successful attack by changing the WordPress salts used to secure cookies and security tokens.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Login URL\u003C\u002Fstrong> – change the login URL of your site, making it harder for bots to find your login page and attack it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🛟 Need Help?\u003C\u002Fh4>\n\u003Cp>Free support may be available with the community’s help in the WordPress.org support forums. Our Solid Security support team provides top-notch technical support to all our Solid Security Basic users there.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-help-center\" rel=\"nofollow ugc\">Our Help Center will help you become an iThemes Security expert.\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Get additional peace of mind with professional support from our expert team and pro features to take your site’s security to the next level with Solid Security Pro.\u003C\u002Fp>\n\u003Ch4>Recover From a Hacked Site\u003C\u002Fh4>\n\u003Cp>Solid Security makes regular backups of your WordPress database, allowing you to get back online quickly in the event of a hack or security breach. Use Solid Security to create and email database backups on a customizable schedule.\u003C\u002Fp>\n\u003Cp>For complete site backups and the ability to restore or move WordPress to a new host or domain, check out \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-basic-solid-backups\" rel=\"nofollow ugc\">Solid Backups\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Solid Central Integration\u003C\u002Fh4>\n\u003Cp>Manage more than one WordPress site? Release lockouts and keep your themes, plugins, and WordPress core up to date from one dashboard with \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-basic-solid-central\" rel=\"nofollow ugc\">Solid Central\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>*Zippia. “30 Crucial Cybersecurity Statistics [2023]: Data, Trends And More” Zippia.com. Jun. 15, 2023, https:\u002F\u002Fwww.zippia.com\u002Fadvice\u002Fcybersecurity-statistics\u002F\u003C\u002Fp>\n\u003Cp>**https:\u002F\u002Fblog.checkpoint.com\u002F2023\u002F01\u002F05\u002F38-increase-in-2022-global-cyberattacks\u002F\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Released under the terms of the GNU General Public License.\u003C\u002Fp>\n","Harden your site security with Login Security, Two-Factor Authentication (2FA), Vulnerability Scanner, Firewall, and more. Formerly iThemes Security.",700000,37290141,92,3981,"2026-02-25T12:43:00.000Z","6.5",[109,110,68,23,111],"brute-force-protection","malware","two-factor-authentication","https:\u002F\u002Fsolidwp.com\u002Fproducts\u002Fsecurity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-wp-security.9.4.6.zip",93,19,"2024-06-20 00:00:00",{"slug":67,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":64,"requires_at_least":129,"requires_php":17,"tags":130,"homepage":132,"download_link":133,"security_score":134,"vuln_count":135,"unpatched_count":13,"last_vuln_date":136,"fetched_at":29},"PPWP – Password Protect Pages","1.9.15","WP Folio Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuildwps\u002F","\u003Cp>Password Protect WordPress (PPWP) plugin offers a powerful and \u003Cstrong>all-in-one solution\u003C\u002Fstrong> to secure your website with passwords.\u003C\u002Fp>\n\u003Cp>Whether you want to password protect WordPress categories, WooCommerce products, a few posts, or your entire website, PPWP plugin will help you do so with ease.\u003C\u002Fp>\n\u003Cp>This plugin does not protect images or uploaded files so if you attach the media files to the protected pages or posts, they are still accessible to anyone with the link. Use \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=pda-gold-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Prevent Direct Access (PDA) Gold\u003C\u002Fa> to block their direct file URL access.\u003C\u002Fp>\n\u003Cp>Please note that the passwords will be stored in the post meta and this plugin will set a cookie to allow access to the protected pages or posts.\u003C\u002Fp>\n\u003Ch4>An Inside Look at Password Protect WordPress – PPWP Pro\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmyYsKXZyNwc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Password Protected Features\u003C\u002Fh4>\n\u003Cp>The Lite version of Password Protect WordPress (PPWP) plugin offers the following features:\u003C\u002Fp>\n\u003Ch3>Protect WordPress Pages & Posts with Unlimited Passwords\u003C\u002Fh3>\n\u003Cp>The plugin extends WordPress built-in password protection feature and allows you to set multiple passwords per Page and Post. What’s more, you can protect the content with just a single click. Once protected, a random password will be automatically generated for you.\u003C\u002Fp>\n\u003Ch4>Password Protect WordPress Pages & Posts by User Roles\u003C\u002Fh4>\n\u003Cp>There is an option allowing you to password protect your WordPress Pages & Posts by user roles. In other words, you can set different passwords for different user roles, e.g. one for subscribers and one for editors.\u003C\u002Fp>\n\u003Ch4>Prevent Password Abuse with reCAPTCHA\u003C\u002Fh4>\n\u003Cp>Stop password abuse and spam by bots and automated software with Google reCAPTCHA v2 or v3. Real users will be able to access protected content with ease as usual.\u003C\u002Fp>\n\u003Ch4>Unlock Password Protected Content without Page Refresh\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Funlock-password-protected-content-without-page-refresh\u002F??utm_source=wp.org&utm_medium=ajax-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Use Ajax to display protected content\u003C\u002Fa> without having to reload the entire page. It will help improve user experience and avoid server caching after users enter their password.\u003C\u002Fp>\n\u003Ch3>Password Protect WordPress Categories\u003C\u002Fh3>\n\u003Cp>Instead of creating an individual password for each post, you can protect all posts under one or multiple categories at once. Once users unlock a post successfully, they will be able to access the rest of the content automatically.\u003C\u002Fp>\n\u003Ch3>Password Protect Entire WordPress Site\u003C\u002Fh3>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002Fpassword-protect-entire-wordpress-site\u002F?utm_source=wp.org&utm_medium=sitewide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password protect the whole WordPress site\u003C\u002Fa> with a single password. All your website content including pages, posts, and other custom post types (but not media files) are locked as well.\u003C\u002Fp>\n\u003Ch3>Partial Content Protection\u003C\u002Fh3>\n\u003Cp>Partial Content Protection feature allows you to \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002Fpassword-protect-partial-content\u002F?utm_source=wp.org&utm_medium=free-pcp-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password protect certain sections\u003C\u002Fa> of a page or post instead of hiding the entire content under a password form. This is useful when you want to create a teaser of premium content that encourages visitors to register\u002Fsign up to unlock the entire post.\u003C\u002Fp>\n\u003Ch4>Section Protection\u003C\u002Fh4>\n\u003Cp>Section Protection takes PCP to the next level. The feature enables you to add \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fsection-protection\u002F?utm_source=wp.org&utm_medium=section-protection-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password-protected sections\u003C\u002Fa> even on custom post types &  templates created by top page builders such as Elementor and Divi.\u003C\u002Fp>\n\u003Ch4>Show\u002FHide Premium Content at a Specific Time\u003C\u002Fh4>\n\u003Cp>You can also choose when to publish the secure content to users. For example, they’re allowed to see the content without having to enter passwords from XXX to XXX using the following shortcode attributes.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[ppwp passwords=123 on=\"2020\u002F10\u002F20 14:00:00\" off=\"2020\u002F10\u002F30 14:00:00\"] Your protected section will be shown automatically from 2 pm October 20, 2020 to 2 pm October 30, 2020[\u002Fppwp]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Integrate with Page Builders\u003C\u002Fh3>\n\u003Cp>Instead of using our shortcode to protect part of content, you can use our built-in module for the top page builders including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor\u003C\u002Fli>\n\u003Cli>Beaver Builder\u003C\u002Fli>\n\u003Cli>WPBakery Page Builder*\u003C\u002Fli>\n\u003Cli>Divi Builder*\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*Supported; built-in UI block to be released soon.\u003C\u002Fp>\n\u003Cp>These built-in modules allow you to set passwords, whitelisted roles, customize password forms, and so on via our friendly User Interface. You no longer have to deal with the complex shortcode attributes.\u003C\u002Fp>\n\u003Cp>What’s more, with PPWP Pro, you can even \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fpassword-protect-partial-content-elementor\u002F?utm_source=wp.org&utm_medium=pro-elementor-guide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">protect the entire Elementor’s templates\u003C\u002Fa>, Beaver Builder’s rows, columns, and page templates as well as limiting and tracking password usage.\u003C\u002Fp>\n\u003Ch3>Master Passwords\u003C\u002Fh3>\n\u003Cp>When there are many password protected posts on your website, it becomes difficult and time-consuming to create or manage passwords for each content. That’s when master passwords come in handy.\u003C\u002Fp>\n\u003Cp>Users will be able to \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fmaster-passwords-unlock-all-protected-content\u002F?utm_source=wp.org&utm_medium=master-pwd-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">unlock all protected posts at once\u003C\u002Fa> with just one master password.\u003C\u002Fp>\n\u003Cp>Please note that this feature \u003Cstrong>does not\u003C\u002Fstrong> password protect all posts automatically. It simply allows you to use master passwords to unlock those that you’ve already password protected. Original passwords attached to each post will still be working, together with these master passwords.\u003C\u002Fp>\n\u003Cp>The master passwords feature also comes with an easy-to-use interface allowing you to create unlimited master passwords simultaneously and manage all of them in one place. You will have full control to (de)activate, delete passwords as well as restrict usage passwords by usage, time, and user role.\u003C\u002Fp>\n\u003Ch3>Customize Password Form & Messages with WordPress Customizer\u003C\u002Fh3>\n\u003Cp>Customize all your password forms, i.e. the sitewide login form, single and partial content protection (PCP) password form, via WordPress Customizer.\u003C\u002Fp>\n\u003Cp>You’re allowed to remove or change our default logo to your own in the sitewide login form. You can also change the color, background and design of the form to match your theme’s color scheme.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcustomize-sitewide-login-page\u002F?utm_source=wp.org&utm_medium=customize-sitewide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Besides the default login page\u003C\u002Fa>, you can now select one from our pre-designed themes that suits your site best.\u003C\u002Fp>\n\u003Cp>As for \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcustomize-password-form-wordpress-customizer\u002F?utm_source=wp.org&utm_medium=customize-pcp-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">single password form\u003C\u002Fa>, you’re able to change the WordPress default error message as well as password form instructions, namely headline, descriptions, password input placeholder, and button text.\u003C\u002Fp>\n\u003Cp>The button and text’s font-size, color, and background can also be customized through a friendly WYSIWYG HTML Editor.\u003C\u002Fp>\n\u003Ch3>Hide Password Protected Content\u003C\u002Fh3>\n\u003Cp>By default, your password protected content will still show up on various pages such as home and category page once published.\u003C\u002Fp>\n\u003Cp>This feature allows you to control the visibility of your protected post types in different views:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide posts from Recent Posts widgets\u003C\u002Fli>\n\u003Cli>Hide posts from Next & Previous link on the single post\u003C\u002Fli>\n\u003Cli>Hide posts on search results\u003C\u002Fli>\n\u003Cli>Hide posts from Yoast SEO Google XML Sitemaps, and RSS\u003C\u002Fli>\n\u003Cli>Hide posts on Frontpage, Author, and Archive pages including tag and category page\u003C\u002Fli>\n\u003Cli>Protected pages hidden from search results, home page & everywhere they’re listed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Even though the posts are hidden, those who know the URL will still have access to the pages (but not the protected content).\u003C\u002Fp>\n\u003Ch4>Show Password Protected Content in RSS Feeds\u003C\u002Fh4>\n\u003Cp>Even though you choose to show password protected content in RSS, a password form will display instead of its actual content by default. With PPWP plugin, you’re able to show all protected content in RSS feeds. There is also an option to make your RSS feeds public even if your site is hidden.\u003C\u002Fp>\n\u003Ch4>Show Password Protected Post Excerpts\u003C\u002Fh4>\n\u003Cp>Many WordPress themes hide the post excerpt and featured image of password protected content by default. Enable this option to show excerpts of your password protect posts.\u003C\u002Fp>\n\u003Ch4>Password’s Cookies Expiration\u003C\u002Fh4>\n\u003Cp>By default, users won’t have to re-enter passwords to access a protected page or post until its cookies expire. You can change the default cookie expiration time on the plugin settings page to whatever suits your use case. Or else, choose session cookies which will be removed automatically whenever users close their browser. As a result, users have to re-enter password when opening the browser again.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Pro Version\u003C\u002Fh4>\n\u003Cp>Our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=ppwp-pro-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro version\u003C\u002Fa> offers many more advanced features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Password protect all WordPress custom post types including WooCommerce Products\u003C\u002Fli>\n\u003Cli>Password protect custom fields and custom page templates\u003C\u002Fli>\n\u003Cli>Manage all passwords while editing content or via our friendly popup\u003C\u002Fli>\n\u003Cli>Create unlimited passwords per user role\u003C\u002Fli>\n\u003Cli>Create the same passwords for multiple user roles\u003C\u002Fli>\n\u003Cli>Bypass password protection with Quick Access Links\u003C\u002Fli>\n\u003Cli>Customize Quick Access Links\u003C\u002Fli>\n\u003Cli>Create wildcard passwords\u003C\u002Fli>\n\u003Cli>Unlock Partial Content Protection (PCP) with master passwords\u003C\u002Fli>\n\u003Cli>Automatically protect all sub pages with one password\u003C\u002Fli>\n\u003Cli>Create multiple passwords for each protected category\u003C\u002Fli>\n\u003Cli>Set the same password for multiple pages\u003C\u002Fli>\n\u003Cli>Create unlimited global passwords for partial content protection shortcode\u003C\u002Fli>\n\u003Cli>Redirect to specific URLs after entering site-wide protection passwords\u003C\u002Fli>\n\u003Cli>Unlock all content at once and unlock partial sitewide protection with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fgroup-protection\u002F?utm_source=wp.org&utm_medium=group-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Group Password Protection extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Give users access to password-protected content upon form submissions with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fforms-integration\u002F?utm_source=wp.org&utm_medium=forms-integrate-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Forms Integration extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Use reCAPTCHA or Contact Form 7 in place of the password form with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpasswordless-authentication\u002F?utm_source=wp.org&utm_medium=pa-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Passwordless Authentication extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Track password usage, i.e. the time they’re logged in, IP address and browser used, with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpassword-statistics\u002F?utm_source=wp.org&utm_medium=stats-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Statistics extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Faccess-levels\u002F?utm_source=wp.org&utm_medium=al-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password protect WordPress categories\u003C\u002Fa> with different access levels\u003C\u002Fli>\n\u003Cli>Integrate with \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=pda-gold-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Prevent Direct Access Gold\u003C\u002Fa> to password protect files embedded in content\u003C\u002Fli>\n\u003Cli>Sell password-protected content via WooCommerce with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fwoocommerce-integration\u002F?utm_source=wp.org&utm_medium=woo-integrate-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">WooCommerce Integration extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Protect the entire shop page, including individual products and category pages with the same passwords.\u003C\u002Fli>\n\u003Cli>Import and export passwords as well as requiring users to provide both password and username or email to unlock protected content with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpassword-suite\u002F?utm_source=wp.org&utm_medium=suite-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password Suite extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Restrict password usage based on WordPress users or IP addresses as well as setting password expiration time after first use with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fsmart-restriction\u002F?utm_source=wp.org&utm_medium=sr-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Smart Restriction extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Password protect files outside Media Library\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fpricing\u002F?utm_source=wp.org&utm_medium=plugin-desc-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password Protect WordPress (PPWP) Pro\u003C\u002Fa> now!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Get access to all extensions and priority support with any of our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fmembership?utm_source=wp.org&utm_medium=pro-memberships-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro membership\u003C\u002Fa> plans.\u003C\u002Fp>\n\u003Ch4>Multilingual supported\u003C\u002Fh4>\n\u003Cp>Our plugin works out of the box with the top leading multilingual WordPress plugins such as WPML, Polylang, and Loco Translate. In other words, you can \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fhow-to-translate-password-protect-wordpress-plugin\u002F?utm_source=wp.org&utm_medium=guide-translate-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">translate the password forms\u003C\u002Fa>, including its headline, description, error message as well as placeholder and button text into the different languages.\u003C\u002Fp>\n\u003Ch4>Documentation and support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002F?utm_source=wp.org&utm_medium=ppwp-pro-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Check out \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcompatible-wordpress-plugins\u002F?utm_source=wp.org&utm_medium=utm_medium=pro-compatiable-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">compatible hostings, themes, and plugins\u003C\u002Fa> with PPWP\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"http:\u002F\u002Fppwp.pro\u002F?utm_source=wp.org&utm_medium=pro-landing-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro landing pages\u003C\u002Fa> for more examples\u003C\u002Fli>\n\u003Cli>If you have any more questions or want to request new features, contact us through \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fcontact\u002F?utm_source=wp.org&utm_medium=faq-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">this form\u003C\u002Fa> or drop us an email at \u003Ca href=\"mailto:hello@preventdirectaccess.com\" rel=\"nofollow ugc\">hello@preventdirectaccess.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note that we have to \u003Cstrong>migrate your default WordPress passwords\u003C\u002Fstrong> to our systems for our protection to work properly.\u003C\u002Fp>\n\u003Cp>You may want to restore all your previously created passwords before deactivating the plugin to avoid all protected pages and posts becoming public.\u003C\u002Fp>\n\u003Cp>Please check out these guides on \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fgetting-started\u002F?utm_source=wp.org&utm_medium=guide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">how to password protect WordPress page\u003C\u002Fa> the right way.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>PPWP is designed to fully respect and protect personal information of its users. It does not collect any user information without your consent.\u003C\u002Fp>\n\u003Cp>We’re using GetResponse to communicate with our users in case they would like to opt in and receive future updates from us.\u003Cbr \u002F>\nUser’s emails will be first sent to an external API on our secure server before getting managed by GetResponse.\u003C\u002Fp>\n\u003Cp>Please see our complete \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fprivacy-policy\u002F?utm_source=wp.org&utm_medium=privacy-policy-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.getresponse.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">GetResponse’s\u003C\u002Fa>.\u003C\u002Fp>\n","Password protect WordPress pages and posts by user roles or with multiple passwords; protect your entire website with a single password.",30000,971702,94,268,"2025-12-12T10:56:00.000Z","4.7",[20,21,68,22,131],"sitewide","https:\u002F\u002Fpasswordprotectwp.com?utm_source=user-website&utm_medium=pluginsite_link&utm_campaign=ppwp_lite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-protect-page.1.9.15.zip",96,4,"2025-08-25 00:00:00",{"slug":138,"name":139,"version":140,"author":139,"author_profile":141,"description":142,"short_description":143,"active_installs":124,"downloaded":144,"rating":134,"num_ratings":145,"last_updated":146,"tested_up_to":64,"requires_at_least":147,"requires_php":148,"tags":149,"homepage":153,"download_link":154,"security_score":93,"vuln_count":27,"unpatched_count":13,"last_vuln_date":155,"fetched_at":29},"protect-uploads","Protect Uploads","0.6.0","https:\u002F\u002Fprofiles.wordpress.org\u002Falticreation\u002F","\u003Cp>The uploads directory is where the files of the WordPress library are stored. Unfortunelty, this directory is not protected. A person who wants to see all your library could list it instantly going to : http:\u002F\u002Fyourwebsite\u002Fwp-content\u002Fuploads . This plugin will hide the content by adding an index.php file on the root of your uploads directory or by setting an htaccess which will return a 403 error (Forbidden Access).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Depending on your server setting, the htaccess option could be disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>New Features in Version 0.6.0:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Image Watermarking\u003C\u002Fstrong>: Add text watermarks to your uploaded images with customizable position, opacity, and font size.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Right-Click Protection\u003C\u002Fstrong>: Prevent users from right-clicking to download or save your images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Protection\u003C\u002Fstrong>: Secure individual media files with passwords. Multiple passwords can be set for each file with custom labels.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Access Logging\u003C\u002Fstrong>: Track who accesses your password-protected files with detailed logs including IP address and user agent.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Available languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Français\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003Cli>Italian (thanks to Marko97)\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect your uploads directory. Prevent browsing, add watermarks, disable right-click, and password-protect files. For more information, visit protect …",1372443,12,"2025-12-28T21:59:00.000Z","3.0.1","7.0",[68,150,23,151,152],"protection","uploads","watermark","https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fprotect-uploads\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-uploads.0.6.0.zip","2022-08-13 00:00:00",{"attackSurface":157,"codeSignals":195,"taintFlows":235,"riskAssessment":275,"analyzedAt":283},{"hooks":158,"ajaxHandlers":191,"restRoutes":192,"shortcodes":193,"cronEvents":194,"entryPointCount":13,"unprotectedCount":13},[159,164,168,172,174,179,183,187],{"type":160,"name":161,"callback":162,"file":163,"line":115},"action","template_redirect","get3_login_page","get3-password-wp.php",{"type":160,"name":165,"callback":166,"file":163,"line":167},"init","get3_check_page",36,{"type":160,"name":169,"callback":170,"file":163,"line":171},"admin_menu","get3_password_menu",144,{"type":160,"name":165,"callback":166,"file":163,"line":173},145,{"type":160,"name":175,"callback":176,"priority":177,"file":163,"line":178},"admin_bar_menu","get3_password_menu_bar",300,155,{"type":160,"name":180,"callback":181,"file":163,"line":182},"admin_enqueue_scripts","get3_password_css",160,{"type":160,"name":180,"callback":184,"priority":185,"file":163,"line":186},"get3_password_js",30,165,{"type":160,"name":188,"callback":189,"file":163,"line":190},"plugins_loaded","get3_password_translation",188,[],[],[],[],{"dangerousFunctions":196,"sqlUsage":197,"outputEscaping":199,"fileOperations":13,"externalRequests":13,"nonceChecks":27,"capabilityChecks":13,"bundledLibraries":234},[],{"prepared":13,"raw":13,"locations":198},[],{"escaped":200,"rawEcho":201,"locations":202},20,17,[203,205,207,209,210,211,212,214,216,218,220,223,225,226,228,230,232],{"file":163,"line":48,"context":204},"raw output",{"file":163,"line":206,"context":204},83,{"file":163,"line":208,"context":204},84,{"file":163,"line":61,"context":204},{"file":163,"line":26,"context":204},{"file":163,"line":93,"context":204},{"file":163,"line":213,"context":204},108,{"file":163,"line":215,"context":204},116,{"file":163,"line":217,"context":204},124,{"file":163,"line":219,"context":204},133,{"file":221,"line":222,"context":204},"parts\\get3-login.php",33,{"file":221,"line":224,"context":204},38,{"file":221,"line":224,"context":204},{"file":221,"line":227,"context":204},41,{"file":221,"line":229,"context":204},45,{"file":221,"line":231,"context":204},48,{"file":221,"line":233,"context":204},49,[],[236,264],{"entryPoint":237,"graph":238,"unsanitizedCount":13,"severity":263},"get3_init_admin_page (get3-password-wp.php:38)",{"nodes":239,"edges":259},[240,244,250,254],{"id":241,"type":242,"label":243,"file":163,"line":231},"n0","source","$_POST (x5)",{"id":245,"type":246,"label":247,"file":163,"line":248,"wp_function":249},"n1","sink","update_option() [Settings Manipulation]",52,"update_option",{"id":251,"type":242,"label":252,"file":163,"line":253},"n2","$_POST (x4)",55,{"id":255,"type":246,"label":256,"file":163,"line":257,"wp_function":258},"n3","echo() [XSS]",111,"echo",[260,262],{"from":241,"to":245,"sanitized":261},true,{"from":251,"to":255,"sanitized":261},"low",{"entryPoint":265,"graph":266,"unsanitizedCount":13,"severity":263},"\u003Cget3-password-wp> (get3-password-wp.php:0)",{"nodes":267,"edges":272},[268,269,270,271],{"id":241,"type":242,"label":243,"file":163,"line":231},{"id":245,"type":246,"label":247,"file":163,"line":248,"wp_function":249},{"id":251,"type":242,"label":252,"file":163,"line":253},{"id":255,"type":246,"label":256,"file":163,"line":257,"wp_function":258},[273,274],{"from":241,"to":245,"sanitized":261},{"from":251,"to":255,"sanitized":261},{"summary":276,"deductions":277},"The 'password-for-wp' plugin version 1.6.1 exhibits a generally good security posture based on the static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Crucially, all SQL queries are prepared, and there are no file operations or external HTTP requests, which are common vectors for vulnerabilities. The presence of a nonce check and the analysis showing no unsanitized taint flows are positive indicators. However, a notable concern is that only 54% of output is properly escaped. This leaves potential for Cross-Site Scripting (XSS) vulnerabilities if user-controlled data is not sufficiently sanitized before being displayed. The vulnerability history indicates one past CVE, which was a Cross-Site Request Forgery (CSRF), and that it has been patched. While the lack of currently unpatched CVEs is positive, the historical presence of CSRF, even if resolved, suggests a need for vigilance in secure coding practices for this type of vulnerability.\n\nIn conclusion, the plugin has strengths in its limited attack surface and secure SQL handling. The primary area of concern is the moderate level of output escaping, which could lead to XSS if not addressed thoroughly. The past CSRF vulnerability, though patched, warrants attention. Overall, the plugin is relatively secure, but the output escaping issue requires improvement to further strengthen its security.",[278,281],{"reason":279,"points":280},"Moderate output escaping (54%)",6,{"reason":282,"points":72},"One past CVE (CSRF)","2026-03-16T20:15:41.708Z",{"wat":285,"direct":292},{"assetPaths":286,"generatorPatterns":289,"scriptPaths":290,"versionParams":291},[287,288],"\u002Fwp-content\u002Fplugins\u002Fpassword-for-wp\u002Fassets\u002Fget3_pass.css","\u002Fwp-content\u002Fplugins\u002Fpassword-for-wp\u002Fassets\u002Fget3_pass.js",[],[288],[],{"cssClasses":293,"htmlComments":302,"htmlAttributes":303,"restEndpoints":305,"jsGlobals":306,"shortcodeOutput":308},[294,295,296,297,298,299,300,301],"g3_save","g3_content","g3_header","g3_row","g3_half_2","g3_input_pass","g3_on","g3_off",[],[304],"data-default-color",[],[307],"jQuery",[]]