[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZWL8rMgxtE5ShMMjiECO_VvFCgz9XY9Mln7P4epEejg":3,"$fPnbUO_SAsUGKt_rN6wcKLcPzkgwoQM_PMMh-aszJW7s":213,"$fDeC6GPKOovo3pPMMVYw9LOaXPATcC223etxvsi-XNE8":218},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":137,"fingerprints":197},"password-policy","Password-policy","1.0.6","kirua78","https:\u002F\u002Fprofiles.wordpress.org\u002Fkirua93\u002F","\u003Cp>A plugin wordpress for enhance the password policy.\u003C\u002Fp>\n\u003Cp>Major features in Password-policy include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable the confirm Use of Weak Password checkbox for users.\u003C\u002Fli>\n\u003Cli>Enhance the password policy with multiple options like number of character.\u003C\u002Fli>\n\u003Cli>Force reset all password users\u003C\u002Fli>\n\u003C\u002Ful>\n","A plugin wordpress for enhance the password policy.",10,8768,0,"2025-06-04T22:26:00.000Z","6.8.5","5.0","7.4",[19,4,20,21],"custom-password-policy","security","user-security","https:\u002F\u002Fgithub.com\u002FmehdiAberkane\u002Fwordpress-password-policy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.9.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"kirua93",1,30,94,"2026-05-20T00:15:34.929Z",[36,54,75,92,116],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":24,"downloaded":44,"rating":24,"num_ratings":31,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":17,"tags":48,"homepage":52,"download_link":53,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"password-requirements","WP Password Policy","3.6.1","Teydea Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fteydeastudio\u002F","\u003Cp>\u003Cstrong>WP Password Policy lets you define and enforce password policies for all users on your WordPress site.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set rules for password length, complexity (uppercase, lowercase, digits, special characters), restricted characters, password expiration, and more. The plugin validates passwords on login, registration, password changes, and during active sessions — automatically redirecting users to reset non-compliant passwords.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key benefits:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enforce password length and complexity rules from a single settings page.\u003C\u002Fli>\n\u003Cli>Set password expiration to ensure users update their passwords regularly.\u003C\u002Fli>\n\u003Cli>Require users to confirm their current password before making changes.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress multisite networks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Whether you manage a personal blog, a membership site, or a multisite network, WP Password Policy helps you maintain consistent password standards across all user accounts.\u003C\u002Fp>\n\u003Cp>Learn more at \u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">wppasswordpolicy.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why password policies matter\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Weak passwords remain one of the most common entry points for unauthorized access to WordPress sites. Enforcing password rules helps reduce this risk and supports compliance with security best practices.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Minimum password length\u003C\u002Fstrong> — Set and enforce the minimum number of characters for user passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum password length\u003C\u002Fstrong> — Limit password length to prevent denial-of-service attacks caused by hashing very long passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password complexity rules\u003C\u002Fstrong> — Require a mix of uppercase letters, lowercase letters, digits, special characters, and a minimum number of unique characters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consecutive username symbols\u003C\u002Fstrong> — Restrict how many consecutive characters from the username can appear in the password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restricted characters\u003C\u002Fstrong> — Block specific characters from being used in passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum password age\u003C\u002Fstrong> — Force users to update their passwords periodically (e.g., every 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Minimum password age\u003C\u002Fstrong> — Prevent users from changing their password too frequently, discouraging rapid cycling back to an old password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Require current password\u003C\u002Fstrong> — Add a “Current Password” field to the user profile screen and validate it before allowing password changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom password hints\u003C\u002Fstrong> — Replace the default WordPress password hint with a policy-specific hint based on active rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Health integration\u003C\u002Fstrong> — A Site Health test reports whether your plugin settings are properly configured.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite\u002Fnetwork support\u003C\u002Fstrong> — Works with both standard and multisite WordPress installations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fai-integration\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">AI integration\u003C\u002Fa>\u003C\u002Fstrong> — On WordPress 6.9+ with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmcp-adapter\u002F\" rel=\"ugc\">MCP Adapter\u003C\u002Fa> plugin, list, configure, and delete password policies through natural language commands from any connected AI provider.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation-ready\u003C\u002Fstrong> — Localize the plugin into any language.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PRO Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fpasswords-reuse-prevention\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Prevent password reuse\u003C\u002Fa>\u003C\u002Fstrong> — Block users from reusing their previous passwords, encouraging new, unique passwords every time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fdedicated-policies-by-user-and-or-role\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Custom password policies per role or user\u003C\u002Fa>\u003C\u002Fstrong> — Assign different password rules for administrators, editors, WooCommerce customers, or specific users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Frestricted-passwords-list\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Block common, weak passwords\u003C\u002Fa>\u003C\u002Fstrong> — Over 100,000 common passwords are blocked, preventing users from choosing easy-to-guess passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrations\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Fwoocommerce\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">WooCommerce integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on WooCommerce login, registration, checkout account creation (including Store API), account details, password change, and password reset forms. Replaces WooCommerce’s built-in password strength meter with your policy rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Fultimate-member\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Ultimate Member integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies within Ultimate Member registration, login, password reset, and password change forms. Disables Ultimate Member’s built-in password strength option to avoid conflicts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Ftutor-lms\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Tutor LMS integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on Tutor LMS student and instructor registration, login, password change, and password reset forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Flifterlms\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">LifterLMS integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on LifterLMS registration (including checkout), account password change, and password reset forms. Replaces LifterLMS’s built-in password strength meter with your policy rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Flearnpress\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">LearnPress integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on LearnPress registration, login, and password change forms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority support and updates\u003C\u002Fstrong> — Get premium email support and updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about the PRO version at \u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fpricing\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">wppasswordpolicy.com\u002Fpricing\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Video Tutorial\u003C\u002Fh3>\n\u003Cp>See the plugin in action:\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F7g_hWHZ4IFs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003Cp>Looking for a way to force users to reset their passwords immediately? Check our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-reset-enforcement\u002F\" rel=\"ugc\">Password Reset Enforcement\u003C\u002Fa> plugin — it lets you require password resets site-wide, by role, or for individual users, with WP-CLI support for automation.\u003C\u002Fp>\n","Define and enforce password policies for your WordPress site with length, complexity, and expiration rules.",5017,"2026-03-20T12:49:00.000Z","6.9.4","6.6",[4,49,50,20,51],"password-strength","passwords","strong-password","https:\u002F\u002Fwppasswordpolicy.com\u002F?utm_source=WP+Password+Policy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-requirements.3.6.1.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":24,"num_ratings":31,"last_updated":64,"tested_up_to":65,"requires_at_least":16,"requires_php":17,"tags":66,"homepage":72,"download_link":73,"security_score":74,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"reset-password-removed","Reset Password Removed","1.2","Md Taufiqur Rahman","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmartshovon\u002F","\u003Cp>Easily enhance the security of your WordPress site by removing the ability for non-admin users to change or reset their passwords. The “Reset Password Removed” plugin ensures that only administrators have the power to modify password settings, reducing the risk of unauthorized access.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Restrict Password Resets:\u003C\u002Fstrong> Prevents non-admin users from resetting their passwords, adding an extra layer of security to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Control:\u003C\u002Fstrong> Keeps password management accessible only to site administrators, ensuring critical access remains in trusted hands.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streamlined User Experience:\u003C\u002Fstrong> Automatically removes the “Lost your password?” link from the login page for non-admin users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Efficient:\u003C\u002Fstrong> The plugin is built to be lightweight, ensuring it doesn’t slow down your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Choose Reset Password Removed?\u003C\u002Fh3>\n\u003Cp>If you’re looking to enhance your WordPress security without complicating user management, this plugin is the perfect solution. Ideal for websites where password security is paramount, it simplifies control and prevents potential vulnerabilities from password resets.\u003C\u002Fp>\n\u003Cp>Compatible with: WordPress 6.x and PHP 7.4+\u003C\u002Fp>\n","Enhance the security of your blogs by preventing password reset over email function.",20,2968,"2024-11-03T13:58:00.000Z","6.6.5",[67,68,69,70,71],"admin-only-password-control","disable-password-reset","secure-login-management","wordpress-password-security","wordpress-user-security-plugin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freset-password-removed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freset-password-removed.1.2.zip",92,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":13,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":15,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":90,"download_link":91,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"simple-password-policy","Simple Password Policy","1.0.2","Marcin Pietrzak","https:\u002F\u002Fprofiles.wordpress.org\u002Fiworks\u002F","\u003Cp>This plugin empowers site administrators to establish and enforce password policies for users, ensuring compliance with the defined security standards. By implementing this tool, you can effectively prevent users from choosing weak or easily guessable passwords.\u003C\u002Fp>\n\u003Cp>With this plugin, you gain the flexibility to configure various password requirements, such as complexity rules (e.g., length, character types), expiration policies, and more, enhancing the overall security of your site.\u003C\u002Fp>\n\u003Cp>Enhance the security of your WordPress site with the Simple Password Policy plugin. This straightforward tool allows you to enforce robust password policies for all users, significantly improving your site’s protection against unauthorized access and password guessing attacks.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Password Length Requirement\u003C\u002Fstrong>: Set a minimum length for passwords to prevent short, easily guessable passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Character Variety\u003C\u002Fstrong>: Require passwords to include a mix of uppercase and lowercase letters, numbers, and special characters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Expiration\u003C\u002Fstrong>: Set passwords to expire after a specified period, prompting users to update their passwords regularly.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Improved Security\u003C\u002Fstrong>: Protect your site from brute-force attacks and unauthorized access by enforcing strong password policies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compliance\u003C\u002Fstrong>: Meet security standards by implementing robust password policies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Guidance\u003C\u002Fstrong>: Help users create strong, unique passwords with clear instructions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>GitHub\u003C\u002Fh4>\n\u003Cp>The Simple Password Policy plugin is available also on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy\" rel=\"nofollow ugc\">GitHub – Simple Password Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>How it works?\u003C\u002Fh4>\n\u003Cp>After installation, you can establish a password policy or require users to change weak passwords upon login.\u003C\u002Fp>\n\u003Ch4>See Room for Improvement?\u003C\u002Fh4>\n\u003Cp>Awesome! There are several ways you can get involved to help enhance Simple Password Policy:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Report Bugs\u003C\u002Fstrong>: If you encounter a bug, error, or any other issue, please report it! Simply \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-password-policy\u002F#new-topic-0\" rel=\"ugc\">create a new topic in the plugin forum\u003C\u002Fa>. Once a developer verifies the bug, they’ll file an official \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">report on GitHub\u003C\u002Fa>, where the issue will be addressed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Suggest New Features\u003C\u002Fstrong>: Got a great idea? We’d love to hear it! Start a new topic in the plugin forum to share your suggestion, explaining why the feature would be valuable. This opens up the discussion and helps us prioritize new enhancements.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Submit Pull Requests\u003C\u002Fstrong>: If you’re a developer, the best way to contribute is by helping with \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy\u002Fissues\" rel=\"nofollow ugc\">existing issues on GitHub\u003C\u002Fa>. Be sure to check out our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy\u002Fblob\u002Fmaster\u002Fcontributing.md\" rel=\"nofollow ugc\">contributing guide for developers\u003C\u002Fa> to get started.\u003C\u002Fp>\n\u003Cp>Thank you for helping us make \u003Cstrong>Simple Password Policy\u003C\u002Fstrong> better for everyone!\u003C\u002Fp>\n\u003Cp>The plugin is available also on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy\u002F\" rel=\"nofollow ugc\">GitHub – Simple Password Policy\u003C\u002Fa>.\u003C\u002Fp>\n","Secure Your Site with Strong Passwords",426,"2025-09-25T08:42:00.000Z","6.0","8.1",[88,4,89,20],"password","policy","https:\u002F\u002Fgithub.com\u002Fiworks\u002Fsimple-password-policy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-password-policy.1.0.2.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":33,"num_ratings":102,"last_updated":103,"tested_up_to":46,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":111,"download_link":112,"security_score":113,"vuln_count":114,"unpatched_count":13,"last_vuln_date":115,"fetched_at":26},"wordfence","Wordfence Security – Firewall, Malware Scan, and Login Security","8.1.4","Mark Maunder","https:\u002F\u002Fprofiles.wordpress.org\u002Fmmaunder\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fi4ZN2TwlaBE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER\u003C\u002Fh4>\n\u003Cp>WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.\u003C\u002Fp>\n\u003Cp>Choose the right protection for you: \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fpricing\u002F\" rel=\"nofollow ugc\">Wordfence Free, Premium, Care or Response\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.\u003C\u002Fp>\n\u003Cp>At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.\u003C\u002Fp>\n\u003Cp>The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more.\u003C\u002Fstrong> Our \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002F\" rel=\"nofollow ugc\">Threat Defense Feed\u003C\u002Fa> arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.\u003C\u002Fp>\n\u003Cp>Rounded out by 2FA and a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.\u003C\u002Fp>\n\u003Ch3>🔥 WORDPRESS FIREWALL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002F\" rel=\"nofollow ugc\">Web Application Firewall\u003C\u002Fa>\u003C\u002Fstrong> identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time firewall rule and malware signature [Premium]\u003C\u002Fstrong> updates via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002F\" rel=\"nofollow ugc\">Real-time IP Blocklist\u003C\u002Fa> [Premium]\u003C\u002Fstrong> blocks all requests from the most malicious IPs, protecting your site while reducing load.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protects your site at the endpoint\u003C\u002Fstrong>, enabling deep integration with WordPress. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fscan\u002F\" rel=\"nofollow ugc\">Integrated malware scanner\u003C\u002Fa>\u003C\u002Fstrong> blocks requests that include malicious code or content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002Fbrute-force\u002F\" rel=\"nofollow ugc\">Protection from brute force\u003C\u002Fa>\u003C\u002Fstrong> attacks by limiting login attempts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📡 WORDPRESS SECURITY SCANNER\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malware scanner\u003C\u002Fstrong> checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time malware signature updates [Premium]\u003C\u002Fstrong> via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compares with WordPress.org repository\u003C\u002Fstrong> your core files, themes and plugins, checking their integrity and reporting any changes to you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Repair WordPress core, theme, and plugin files\u003C\u002Fstrong> that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malware Removal Tools\u003C\u002Fstrong> “Delete File” and “Delete All Deletable Files” options allow for efficient malware removal. Remember to investigate the scan results and backup files first!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your site for known security vulnerabilities\u003C\u002Fstrong> and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your content safety\u003C\u002Fstrong> by scanning file contents, posts and comments for dangerous URLs and suspicious content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks to see if your site or IP have been blocklisted [Premium]\u003C\u002Fstrong> for malicious activity, generating spam or other security issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔒 LOGIN SECURITY\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">Two-factor authentication (2FA)\u003C\u002Fa>\u003C\u002Fstrong>, one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F\" rel=\"nofollow ugc\">Login Page CAPTCHA\u003C\u002Fa>\u003C\u002Fstrong> stops bots from logging in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F#woocommerce-and-custom-integrations\" rel=\"nofollow ugc\">2FA for WooCommerce and custom integrations\u003C\u002Fa>\u003C\u002Fstrong> allow for 2FA to be setup on custom account pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC\u003C\u002Fstrong> options including disabling or adding 2FA.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Security:\u003C\u002Fstrong> Block logins for administrators using known compromised passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 SECURITY AUDIT LOG [Premium]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Faudit-log\" rel=\"nofollow ugc\">The Audit Log\u003C\u002Fa>\u003C\u002Fstrong> monitors all changes and actions in security-sensitive areas of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remote tamper-proof data storage\u003C\u002Fstrong> via Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor events and actions\u003C\u002Fstrong> ranging  from user creation and editing to plugin\u002Ftheme installation and updates to post and page changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable\u003C\u002Fstrong> to log all events or significant events only, which includes all authentication, site configuration, and site functionality events.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 WORDFENCE CENTRAL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fwordfence-central\u002F\" rel=\"nofollow ugc\">Wordfence Central\u003C\u002Fa>\u003C\u002Fstrong> is a powerful and efficient way to manage the security for multiple sites in one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Centralized management:\u003C\u002Fstrong> Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful templates\u003C\u002Fstrong> make configuring Wordfence a breeze.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly configurable alerts\u003C\u002Fstrong> can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Track and alert on important security events\u003C\u002Fstrong> including administrator logins, breached password usage and surges in attack activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free to use\u003C\u002Fstrong> for unlimited sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ SECURITY TOOLS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Flive-traffic\u002F\" rel=\"nofollow ugc\">Live Traffic\u003C\u002Fa>\u003C\u002Fstrong> monitors visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block attackers by IP\u003C\u002Fstrong> or build advanced rules based on IP Range, Hostname, User Agent and Referrer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002Fcountry-blocking\u002F\" rel=\"nofollow ugc\">Country blocking\u003C\u002Fa>\u003C\u002Fstrong> available with Wordfence Premium.\u003C\u002Fli>\n\u003C\u002Ful>\n","Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.",5000000,407330579,4861,"2025-12-20T21:06:00.000Z","4.7","7.0",[107,108,109,110,20],"2fa","firewall","malware","scanner","https:\u002F\u002Fwww.wordfence.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordfence.8.1.4.zip",96,12,"2022-09-06 00:00:00",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":32,"last_updated":127,"tested_up_to":46,"requires_at_least":128,"requires_php":86,"tags":129,"homepage":133,"download_link":134,"security_score":135,"vuln_count":31,"unpatched_count":13,"last_vuln_date":136,"fetched_at":26},"hostinger","Hostinger Tools","3.0.65","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,17158936,66,"2026-04-08T12:10:00.000Z","5.5",[117,130,131,20,132],"https","maintenance","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.65.zip",99,"2024-01-05 00:00:00",{"attackSurface":138,"codeSignals":165,"taintFlows":190,"riskAssessment":191,"analyzedAt":196},{"hooks":139,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":13,"unprotectedCount":13},[140,147,151,156],{"type":141,"name":142,"callback":143,"priority":144,"file":145,"line":146},"action","admin_print_styles","pssp_admin_css",11,"password-policy.php",78,{"type":141,"name":148,"callback":149,"file":145,"line":150},"admin_enqueue_scripts","pssp_wpdocs_selectively_enqueue_admin_script",97,{"type":141,"name":152,"callback":153,"file":154,"line":155},"admin_menu","pssp_add_admin_page","src\\admin.php",5,{"type":141,"name":157,"callback":158,"priority":11,"file":159,"line":160},"user_profile_update_errors","pssp_check_password_policy","src\\check_password_policy.php",49,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":176,"fileOperations":13,"externalRequests":13,"nonceChecks":31,"capabilityChecks":13,"bundledLibraries":189},[],{"prepared":13,"raw":168,"locations":169},2,[170,173],{"file":154,"line":171,"context":172},130,"$wpdb->get_results() with variable interpolation",{"file":174,"line":175,"context":172},"src\\class.db.php",32,{"escaped":177,"rawEcho":178,"locations":179},15,3,[180,183,186],{"file":174,"line":181,"context":182},23,"raw output",{"file":184,"line":185,"context":182},"src\\views\\view_admin.php",54,{"file":187,"line":188,"context":182},"src\\views\\view_config.php",36,[],[],{"summary":192,"deductions":193},"The \"password-policy\" v1.0.6 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any identified CVEs in its history and the clean taint analysis are positive indicators.  Furthermore, the low attack surface with no unprotected entry points, coupled with the presence of a nonce check, suggests a deliberate effort to secure its functionality. The majority of output escaping is also properly handled.\n\nHowever, a significant concern arises from the SQL queries. With two queries present and none utilizing prepared statements, there's a direct risk of SQL injection vulnerabilities if user-supplied data is incorporated into these queries without proper sanitization and parameterization. While the vulnerability history is clean, this lack of prepared statements represents a fundamental coding practice that could lead to future vulnerabilities. The lack of capability checks on entry points is also a minor concern, as it implies that the plugin's actions might not be tied to specific user roles, although with no entry points, this is less critical in this specific version.\n\nIn conclusion, the plugin is strong in terms of its attack surface management and historical security. The primary weakness lies in its database interaction, where the absence of prepared statements presents a tangible risk. Addressing this would significantly improve its overall security.",[194],{"reason":195,"points":11},"Raw SQL queries without prepared statements","2026-03-16T23:44:40.795Z",{"wat":198,"direct":206},{"assetPaths":199,"generatorPatterns":202,"scriptPaths":203,"versionParams":204},[200,201],"\u002Fwp-content\u002Fplugins\u002Fpassword-policy\u002Fpublic\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fpassword-policy\u002Fpublic\u002Fpassword-policy-script.js",[],[201],[205],"password-policy\u002Fpublic\u002Fpassword-policy-script.js?ver=1.0",{"cssClasses":207,"htmlComments":208,"htmlAttributes":209,"restEndpoints":210,"jsGlobals":211,"shortcodeOutput":212},[],[],[],[],[],[],{"error":214,"url":215,"statusCode":216,"statusMessage":217,"message":217},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpassword-policy\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":219,"versions":220},9,[221,228,235,242,248,255,262,268,275],{"version":222,"download_url":23,"svn_tag_url":223,"released_at":25,"has_diff":224,"diff_files_changed":225,"diff_lines":25,"trac_diff_url":226,"vulnerabilities":227,"is_current":224},"1.0.9","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.9\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.8&new_path=%2Fpassword-policy%2Ftags%2F1.0.9",[],{"version":229,"download_url":230,"svn_tag_url":231,"released_at":25,"has_diff":224,"diff_files_changed":232,"diff_lines":25,"trac_diff_url":233,"vulnerabilities":234,"is_current":224},"1.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.7&new_path=%2Fpassword-policy%2Ftags%2F1.0.8",[],{"version":236,"download_url":237,"svn_tag_url":238,"released_at":25,"has_diff":224,"diff_files_changed":239,"diff_lines":25,"trac_diff_url":240,"vulnerabilities":241,"is_current":224},"1.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.6&new_path=%2Fpassword-policy%2Ftags%2F1.0.7",[],{"version":6,"download_url":243,"svn_tag_url":244,"released_at":25,"has_diff":224,"diff_files_changed":245,"diff_lines":25,"trac_diff_url":246,"vulnerabilities":247,"is_current":214},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.5&new_path=%2Fpassword-policy%2Ftags%2F1.0.6",[],{"version":249,"download_url":250,"svn_tag_url":251,"released_at":25,"has_diff":224,"diff_files_changed":252,"diff_lines":25,"trac_diff_url":253,"vulnerabilities":254,"is_current":224},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.4&new_path=%2Fpassword-policy%2Ftags%2F1.0.5",[],{"version":256,"download_url":257,"svn_tag_url":258,"released_at":25,"has_diff":224,"diff_files_changed":259,"diff_lines":25,"trac_diff_url":260,"vulnerabilities":261,"is_current":224},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.2&new_path=%2Fpassword-policy%2Ftags%2F1.0.4",[],{"version":78,"download_url":263,"svn_tag_url":264,"released_at":25,"has_diff":224,"diff_files_changed":265,"diff_lines":25,"trac_diff_url":266,"vulnerabilities":267,"is_current":224},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.1&new_path=%2Fpassword-policy%2Ftags%2F1.0.2",[],{"version":269,"download_url":270,"svn_tag_url":271,"released_at":25,"has_diff":224,"diff_files_changed":272,"diff_lines":25,"trac_diff_url":273,"vulnerabilities":274,"is_current":224},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpassword-policy%2Ftags%2F1.0.0&new_path=%2Fpassword-policy%2Ftags%2F1.0.1",[],{"version":276,"download_url":277,"svn_tag_url":278,"released_at":25,"has_diff":224,"diff_files_changed":279,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":280,"is_current":224},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpassword-policy\u002Ftags\u002F1.0.0\u002F",[],[]]