[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRZQkjAxvRpSuJKh9TSOiieoTJBR4XEHiA_HhEVUaAT0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":90,"crawl_stats":38,"alternatives":98,"analysis":196,"fingerprints":1102},"password-protect-page","PPWP – Password Protect Pages","1.9.15","WP Folio Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuildwps\u002F","\u003Cp>Password Protect WordPress (PPWP) plugin offers a powerful and \u003Cstrong>all-in-one solution\u003C\u002Fstrong> to secure your website with passwords.\u003C\u002Fp>\n\u003Cp>Whether you want to password protect WordPress categories, WooCommerce products, a few posts, or your entire website, PPWP plugin will help you do so with ease.\u003C\u002Fp>\n\u003Cp>This plugin does not protect images or uploaded files so if you attach the media files to the protected pages or posts, they are still accessible to anyone with the link. Use \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=pda-gold-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Prevent Direct Access (PDA) Gold\u003C\u002Fa> to block their direct file URL access.\u003C\u002Fp>\n\u003Cp>Please note that the passwords will be stored in the post meta and this plugin will set a cookie to allow access to the protected pages or posts.\u003C\u002Fp>\n\u003Ch4>An Inside Look at Password Protect WordPress – PPWP Pro\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmyYsKXZyNwc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Password Protected Features\u003C\u002Fh4>\n\u003Cp>The Lite version of Password Protect WordPress (PPWP) plugin offers the following features:\u003C\u002Fp>\n\u003Ch3>Protect WordPress Pages & Posts with Unlimited Passwords\u003C\u002Fh3>\n\u003Cp>The plugin extends WordPress built-in password protection feature and allows you to set multiple passwords per Page and Post. What’s more, you can protect the content with just a single click. Once protected, a random password will be automatically generated for you.\u003C\u002Fp>\n\u003Ch4>Password Protect WordPress Pages & Posts by User Roles\u003C\u002Fh4>\n\u003Cp>There is an option allowing you to password protect your WordPress Pages & Posts by user roles. In other words, you can set different passwords for different user roles, e.g. one for subscribers and one for editors.\u003C\u002Fp>\n\u003Ch4>Prevent Password Abuse with reCAPTCHA\u003C\u002Fh4>\n\u003Cp>Stop password abuse and spam by bots and automated software with Google reCAPTCHA v2 or v3. Real users will be able to access protected content with ease as usual.\u003C\u002Fp>\n\u003Ch4>Unlock Password Protected Content without Page Refresh\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Funlock-password-protected-content-without-page-refresh\u002F??utm_source=wp.org&utm_medium=ajax-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Use Ajax to display protected content\u003C\u002Fa> without having to reload the entire page. It will help improve user experience and avoid server caching after users enter their password.\u003C\u002Fp>\n\u003Ch3>Password Protect WordPress Categories\u003C\u002Fh3>\n\u003Cp>Instead of creating an individual password for each post, you can protect all posts under one or multiple categories at once. Once users unlock a post successfully, they will be able to access the rest of the content automatically.\u003C\u002Fp>\n\u003Ch3>Password Protect Entire WordPress Site\u003C\u002Fh3>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002Fpassword-protect-entire-wordpress-site\u002F?utm_source=wp.org&utm_medium=sitewide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password protect the whole WordPress site\u003C\u002Fa> with a single password. All your website content including pages, posts, and other custom post types (but not media files) are locked as well.\u003C\u002Fp>\n\u003Ch3>Partial Content Protection\u003C\u002Fh3>\n\u003Cp>Partial Content Protection feature allows you to \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002Fpassword-protect-partial-content\u002F?utm_source=wp.org&utm_medium=free-pcp-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password protect certain sections\u003C\u002Fa> of a page or post instead of hiding the entire content under a password form. This is useful when you want to create a teaser of premium content that encourages visitors to register\u002Fsign up to unlock the entire post.\u003C\u002Fp>\n\u003Ch4>Section Protection\u003C\u002Fh4>\n\u003Cp>Section Protection takes PCP to the next level. The feature enables you to add \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fsection-protection\u002F?utm_source=wp.org&utm_medium=section-protection-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">password-protected sections\u003C\u002Fa> even on custom post types &  templates created by top page builders such as Elementor and Divi.\u003C\u002Fp>\n\u003Ch4>Show\u002FHide Premium Content at a Specific Time\u003C\u002Fh4>\n\u003Cp>You can also choose when to publish the secure content to users. For example, they’re allowed to see the content without having to enter passwords from XXX to XXX using the following shortcode attributes.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[ppwp passwords=123 on=\"2020\u002F10\u002F20 14:00:00\" off=\"2020\u002F10\u002F30 14:00:00\"] Your protected section will be shown automatically from 2 pm October 20, 2020 to 2 pm October 30, 2020[\u002Fppwp]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Integrate with Page Builders\u003C\u002Fh3>\n\u003Cp>Instead of using our shortcode to protect part of content, you can use our built-in module for the top page builders including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor\u003C\u002Fli>\n\u003Cli>Beaver Builder\u003C\u002Fli>\n\u003Cli>WPBakery Page Builder*\u003C\u002Fli>\n\u003Cli>Divi Builder*\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*Supported; built-in UI block to be released soon.\u003C\u002Fp>\n\u003Cp>These built-in modules allow you to set passwords, whitelisted roles, customize password forms, and so on via our friendly User Interface. You no longer have to deal with the complex shortcode attributes.\u003C\u002Fp>\n\u003Cp>What’s more, with PPWP Pro, you can even \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fpassword-protect-partial-content-elementor\u002F?utm_source=wp.org&utm_medium=pro-elementor-guide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">protect the entire Elementor’s templates\u003C\u002Fa>, Beaver Builder’s rows, columns, and page templates as well as limiting and tracking password usage.\u003C\u002Fp>\n\u003Ch3>Master Passwords\u003C\u002Fh3>\n\u003Cp>When there are many password protected posts on your website, it becomes difficult and time-consuming to create or manage passwords for each content. That’s when master passwords come in handy.\u003C\u002Fp>\n\u003Cp>Users will be able to \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fmaster-passwords-unlock-all-protected-content\u002F?utm_source=wp.org&utm_medium=master-pwd-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">unlock all protected posts at once\u003C\u002Fa> with just one master password.\u003C\u002Fp>\n\u003Cp>Please note that this feature \u003Cstrong>does not\u003C\u002Fstrong> password protect all posts automatically. It simply allows you to use master passwords to unlock those that you’ve already password protected. Original passwords attached to each post will still be working, together with these master passwords.\u003C\u002Fp>\n\u003Cp>The master passwords feature also comes with an easy-to-use interface allowing you to create unlimited master passwords simultaneously and manage all of them in one place. You will have full control to (de)activate, delete passwords as well as restrict usage passwords by usage, time, and user role.\u003C\u002Fp>\n\u003Ch3>Customize Password Form & Messages with WordPress Customizer\u003C\u002Fh3>\n\u003Cp>Customize all your password forms, i.e. the sitewide login form, single and partial content protection (PCP) password form, via WordPress Customizer.\u003C\u002Fp>\n\u003Cp>You’re allowed to remove or change our default logo to your own in the sitewide login form. You can also change the color, background and design of the form to match your theme’s color scheme.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcustomize-sitewide-login-page\u002F?utm_source=wp.org&utm_medium=customize-sitewide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Besides the default login page\u003C\u002Fa>, you can now select one from our pre-designed themes that suits your site best.\u003C\u002Fp>\n\u003Cp>As for \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcustomize-password-form-wordpress-customizer\u002F?utm_source=wp.org&utm_medium=customize-pcp-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">single password form\u003C\u002Fa>, you’re able to change the WordPress default error message as well as password form instructions, namely headline, descriptions, password input placeholder, and button text.\u003C\u002Fp>\n\u003Cp>The button and text’s font-size, color, and background can also be customized through a friendly WYSIWYG HTML Editor.\u003C\u002Fp>\n\u003Ch3>Hide Password Protected Content\u003C\u002Fh3>\n\u003Cp>By default, your password protected content will still show up on various pages such as home and category page once published.\u003C\u002Fp>\n\u003Cp>This feature allows you to control the visibility of your protected post types in different views:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide posts from Recent Posts widgets\u003C\u002Fli>\n\u003Cli>Hide posts from Next & Previous link on the single post\u003C\u002Fli>\n\u003Cli>Hide posts on search results\u003C\u002Fli>\n\u003Cli>Hide posts from Yoast SEO Google XML Sitemaps, and RSS\u003C\u002Fli>\n\u003Cli>Hide posts on Frontpage, Author, and Archive pages including tag and category page\u003C\u002Fli>\n\u003Cli>Protected pages hidden from search results, home page & everywhere they’re listed\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Even though the posts are hidden, those who know the URL will still have access to the pages (but not the protected content).\u003C\u002Fp>\n\u003Ch4>Show Password Protected Content in RSS Feeds\u003C\u002Fh4>\n\u003Cp>Even though you choose to show password protected content in RSS, a password form will display instead of its actual content by default. With PPWP plugin, you’re able to show all protected content in RSS feeds. There is also an option to make your RSS feeds public even if your site is hidden.\u003C\u002Fp>\n\u003Ch4>Show Password Protected Post Excerpts\u003C\u002Fh4>\n\u003Cp>Many WordPress themes hide the post excerpt and featured image of password protected content by default. Enable this option to show excerpts of your password protect posts.\u003C\u002Fp>\n\u003Ch4>Password’s Cookies Expiration\u003C\u002Fh4>\n\u003Cp>By default, users won’t have to re-enter passwords to access a protected page or post until its cookies expire. You can change the default cookie expiration time on the plugin settings page to whatever suits your use case. Or else, choose session cookies which will be removed automatically whenever users close their browser. As a result, users have to re-enter password when opening the browser again.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Pro Version\u003C\u002Fh4>\n\u003Cp>Our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=ppwp-pro-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro version\u003C\u002Fa> offers many more advanced features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Password protect all WordPress custom post types including WooCommerce Products\u003C\u002Fli>\n\u003Cli>Password protect custom fields and custom page templates\u003C\u002Fli>\n\u003Cli>Manage all passwords while editing content or via our friendly popup\u003C\u002Fli>\n\u003Cli>Create unlimited passwords per user role\u003C\u002Fli>\n\u003Cli>Create the same passwords for multiple user roles\u003C\u002Fli>\n\u003Cli>Bypass password protection with Quick Access Links\u003C\u002Fli>\n\u003Cli>Customize Quick Access Links\u003C\u002Fli>\n\u003Cli>Create wildcard passwords\u003C\u002Fli>\n\u003Cli>Unlock Partial Content Protection (PCP) with master passwords\u003C\u002Fli>\n\u003Cli>Automatically protect all sub pages with one password\u003C\u002Fli>\n\u003Cli>Create multiple passwords for each protected category\u003C\u002Fli>\n\u003Cli>Set the same password for multiple pages\u003C\u002Fli>\n\u003Cli>Create unlimited global passwords for partial content protection shortcode\u003C\u002Fli>\n\u003Cli>Redirect to specific URLs after entering site-wide protection passwords\u003C\u002Fli>\n\u003Cli>Unlock all content at once and unlock partial sitewide protection with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fgroup-protection\u002F?utm_source=wp.org&utm_medium=group-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Group Password Protection extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Give users access to password-protected content upon form submissions with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fforms-integration\u002F?utm_source=wp.org&utm_medium=forms-integrate-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Forms Integration extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Use reCAPTCHA or Contact Form 7 in place of the password form with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpasswordless-authentication\u002F?utm_source=wp.org&utm_medium=pa-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Passwordless Authentication extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Track password usage, i.e. the time they’re logged in, IP address and browser used, with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpassword-statistics\u002F?utm_source=wp.org&utm_medium=stats-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Statistics extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Faccess-levels\u002F?utm_source=wp.org&utm_medium=al-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password protect WordPress categories\u003C\u002Fa> with different access levels\u003C\u002Fli>\n\u003Cli>Integrate with \u003Ca href=\"https:\u002F\u002Fpreventdirectaccess.com\u002Ffeatures\u002F?utm_source=wp.org&utm_medium=pda-gold-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Prevent Direct Access Gold\u003C\u002Fa> to password protect files embedded in content\u003C\u002Fli>\n\u003Cli>Sell password-protected content via WooCommerce with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fwoocommerce-integration\u002F?utm_source=wp.org&utm_medium=woo-integrate-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">WooCommerce Integration extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Protect the entire shop page, including individual products and category pages with the same passwords.\u003C\u002Fli>\n\u003Cli>Import and export passwords as well as requiring users to provide both password and username or email to unlock protected content with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fpassword-suite\u002F?utm_source=wp.org&utm_medium=suite-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password Suite extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Restrict password usage based on WordPress users or IP addresses as well as setting password expiration time after first use with \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fextensions\u002Fsmart-restriction\u002F?utm_source=wp.org&utm_medium=sr-ext-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Smart Restriction extension\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Password protect files outside Media Library\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fpricing\u002F?utm_source=wp.org&utm_medium=plugin-desc-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Password Protect WordPress (PPWP) Pro\u003C\u002Fa> now!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Get access to all extensions and priority support with any of our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fmembership?utm_source=wp.org&utm_medium=pro-memberships-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro membership\u003C\u002Fa> plans.\u003C\u002Fp>\n\u003Ch4>Multilingual supported\u003C\u002Fh4>\n\u003Cp>Our plugin works out of the box with the top leading multilingual WordPress plugins such as WPML, Polylang, and Loco Translate. In other words, you can \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fhow-to-translate-password-protect-wordpress-plugin\u002F?utm_source=wp.org&utm_medium=guide-translate-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">translate the password forms\u003C\u002Fa>, including its headline, description, error message as well as placeholder and button text into the different languages.\u003C\u002Fp>\n\u003Ch4>Documentation and support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>For documentation and tutorials go to our \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002F?utm_source=wp.org&utm_medium=ppwp-pro-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Check out \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fcompatible-wordpress-plugins\u002F?utm_source=wp.org&utm_medium=utm_medium=pro-compatiable-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">compatible hostings, themes, and plugins\u003C\u002Fa> with PPWP\u003C\u002Fli>\n\u003Cli>Visit our \u003Ca href=\"http:\u002F\u002Fppwp.pro\u002F?utm_source=wp.org&utm_medium=pro-landing-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">PPWP Pro landing pages\u003C\u002Fa> for more examples\u003C\u002Fli>\n\u003Cli>If you have any more questions or want to request new features, contact us through \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fcontact\u002F?utm_source=wp.org&utm_medium=faq-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">this form\u003C\u002Fa> or drop us an email at \u003Ca href=\"mailto:hello@preventdirectaccess.com\" rel=\"nofollow ugc\">hello@preventdirectaccess.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note that we have to \u003Cstrong>migrate your default WordPress passwords\u003C\u002Fstrong> to our systems for our protection to work properly.\u003C\u002Fp>\n\u003Cp>You may want to restore all your previously created passwords before deactivating the plugin to avoid all protected pages and posts becoming public.\u003C\u002Fp>\n\u003Cp>Please check out these guides on \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fdocs\u002Fgetting-started\u002F?utm_source=wp.org&utm_medium=guide-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">how to password protect WordPress page\u003C\u002Fa> the right way.\u003C\u002Fp>\n\u003Ch4>Privacy Policy\u003C\u002Fh4>\n\u003Cp>PPWP is designed to fully respect and protect personal information of its users. It does not collect any user information without your consent.\u003C\u002Fp>\n\u003Cp>We’re using GetResponse to communicate with our users in case they would like to opt in and receive future updates from us.\u003Cbr \u002F>\nUser’s emails will be first sent to an external API on our secure server before getting managed by GetResponse.\u003C\u002Fp>\n\u003Cp>Please see our complete \u003Ca href=\"https:\u002F\u002Fpasswordprotectwp.com\u002Fprivacy-policy\u002F?utm_source=wp.org&utm_medium=privacy-policy-link&utm_campaign=ppwp-free\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.getresponse.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">GetResponse’s\u003C\u002Fa>.\u003C\u002Fp>\n","Password protect WordPress pages and posts by user roles or with multiple passwords; protect your entire website with a single password.",30000,971702,94,268,"2025-12-12T10:56:00.000Z","6.9.4","4.7","5.6",[20,21,22,23,24],"password","password-protect","password-protection","restrict-content","sitewide","https:\u002F\u002Fpasswordprotectwp.com?utm_source=user-website&utm_medium=pluginsite_link&utm_campaign=ppwp_lite","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-protect-page.1.9.15.zip",96,4,0,"2025-08-25 00:00:00","2026-03-15T15:16:48.613Z",[33,49,63,75],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-5998","ppwp-password-protect-pages-authenticated-subscriber-content-exposure-via-rest-api","PPWP – Password Protect Pages \u003C= 1.9.10 - Authenticated (Subscriber+) Content Exposure via REST API","The PPWP – Password Protect WordPress | #1 Most-Reviewed Password Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.10 due to insufficient protection on REST API endpoints when password protection is enabled. This makes it possible for unauthenticated attackers to extract post and page content that should be hidden.",null,"\u003C=1.9.10","1.9.11","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Improper Handling of Insufficient Permissions or Privileges","2025-08-25 15:34:54",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff9b392cb-04f9-475e-bfe3-d6086f2b5885?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":48},"CVE-2024-11280","ppwp-password-protect-pages-unauthenticated-content-restriction-bypass-to-sensitive-information-exposure","PPWP – Password Protect Pages \u003C= 1.9.5 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure","The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.","\u003C=1.9.5","1.9.6",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-12-16 00:00:00","2024-12-17 11:24:32",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd9ac0d84-dff4-4a03-a530-cac47ffaf2bb?source=api-prod",{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":38,"affected_versions":68,"patched_in_version":69,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2024-0620","ppwp-password-protect-pages-protection-mechanism-bypass","PPWP – Password Protect Pages \u003C= 1.8.9 -  Protection Mechanism Bypass","The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.9 via API. This makes it possible for unauthenticated attackers to obtain post titles, IDs, slugs as well as other information including for password-protected posts.","\u003C=1.8.9","1.9.0","2024-02-07 00:00:00","2024-07-29 21:36:13",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F41299927-2ed9-4cbe-b2b0-f306dc0e4a58?source=api-prod",174,{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":41,"cvss_score":82,"cvss_vector":83,"vuln_type":84,"published_date":85,"updated_date":86,"references":87,"days_to_patch":89},"CVE-2022-4626","ppwp-wordpress-password-protect-page-authenticated-contributor-stored-cross-site-scripting-via-shortcode","PPWP – WordPress Password Protect Page \u003C= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The WordPress Password Protect Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page","\u003C=1.8.5","1.8.6",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2023-01-10 00:00:00","2024-01-22 19:56:02",[88],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc0f899c6-cce2-4534-9b97-3783648cba09?source=api-prod",378,{"slug":91,"display_name":7,"profile_url":8,"plugin_count":92,"total_installs":93,"avg_security_score":94,"avg_patch_time_days":95,"trust_score":96,"computed_at":97},"buildwps",2,40000,97,93,77,"2026-04-03T21:31:09.550Z",[99,120,136,156,174],{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":16,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":115,"download_link":116,"security_score":117,"vuln_count":118,"unpatched_count":29,"last_vuln_date":119,"fetched_at":31},"content-protector","Passster – Password Protect Pages and Content","4.2.29","WP Chill","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpchill\u002F","\u003Ch3>Password Protect Pages, Posts & Content in WordPress\u003C\u002Fh3>\n\u003Cp>Passster is an all-in-one plugin to password protect pages, content, or your entire site in seconds—quick, secure, and easy to use.\u003Cbr \u002F>\nPassster offers three protection modes to cover every use case you may think of when it comes to password protecting your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FkjYklVLVFD8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent&listType=playlist&list=PLM2tOjfhVrZdo_H26CV2I-UfdqpDWxo3D\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Passster Pro – Even more protection features when making a purchase\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Multiple Passwords & Password Lists\u003C\u002Fstrong>\u003Cbr \u002F>\n– Assign multiple passwords for different users.\u003Cbr \u002F>\n– Create and manage large password lists for easy control.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Quick & Bulk Edit for Password Protection\u003C\u002Fstrong>\u003Cbr \u002F>\n– Use WordPress \u003Cstrong>Quick Edit\u003C\u002Fstrong> and \u003Cstrong>Bulk Edit\u003C\u002Fstrong> to protect multiple pages instantly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Unlock Content by User Role or Email\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatically grant access to specific users or email addresses.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Password Expiration & Usage Limits\u003C\u002Fstrong>\u003Cbr \u002F>\n– Set passwords to expire after a number of uses, first use, or by a time limit (hours, days, weeks).\u003Cbr \u002F>\n– Track which passwords were used and when they will expire.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Generate Unlock Links\u003C\u002Fstrong>\u003Cbr \u002F>\n– Create encrypted unlock links so users can access content without entering a password.\u003Cbr \u002F>\n– Automatically shorten links with \u003Cstrong>Bit.ly\u003C\u002Fstrong> for easy sharing.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce Protection & Sales\u003C\u002Fstrong>\u003Cbr \u002F>\n– Protect WooCommerce pages, products, and checkout with a password.\u003Cbr \u002F>\n– Sell access to protected content—generate and email passwords automatically after purchase.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Detailed Password Usage Statistics\u003C\u002Fstrong>\u003Cbr \u002F>\n– Track when and how often passwords are used.\u003Cbr \u002F>\n– View first usage date, IP (optional), and browser details.\u003C\u002Fp>\n\u003Ch3>Quick Comparison (Free vs. Pro)\u003C\u002Fh3>\n\u003Ch3>Free Version:\u003C\u002Fh3>\n\u003Cp>✔ Protect sections of pages using shortcodes or blocks.\u003Cbr \u002F>\n✔ Secure entire pages and posts.\u003Cbr \u002F>\n✔ Automatically protect child pages with a single click.\u003Cbr \u002F>\n✔ Lock down your entire site with a password.\u003Cbr \u002F>\n✔ Unlock protected content without refreshing the page.\u003Cbr \u002F>\n✔ Customize the design, labels, and descriptions of the password form.\u003Cbr \u002F>\n✔ Use cookies to grant access across multiple protected areas.\u003C\u002Fp>\n\u003Ch3>Pro Version:\u003C\u002Fh3>\n\u003Cp>✔ Everything in the free version, plus:\u003Cbr \u002F>\n✔ Protect content with \u003Cstrong>multiple passwords\u003C\u002Fstrong> or password lists.\u003Cbr \u002F>\n✔ Quickly set up password protection via Quick Edit or Bulk Edit.\u003Cbr \u002F>\n✔ Protect content using \u003Cstrong>Google reCAPTCHA or hCAPTCHA\u003C\u002Fstrong>.\u003Cbr \u002F>\n✔ Unlock protected content by \u003Cstrong>user role or email\u003C\u002Fstrong>.\u003Cbr \u002F>\n✔ Set passwords to \u003Cstrong>expire\u003C\u002Fstrong> based on usage limits or time intervals.\u003Cbr \u002F>\n✔ Generate encrypted \u003Cstrong>unlock links\u003C\u002Fstrong> for seamless access.\u003Cbr \u002F>\n✔ Track and prevent \u003Cstrong>concurrent password sharing\u003C\u002Fstrong>.\u003Cbr \u002F>\n✔ Secure \u003Cstrong>WooCommerce products and store pages\u003C\u002Fstrong>.\u003Cbr \u002F>\n✔ Sell access to protected content via \u003Cstrong>WooCommerce integration\u003C\u002Fstrong>.\u003Cbr \u002F>\n✔ Detailed statistics on password usage and lists.\u003C\u002Fp>\n\u003Cp>Get it now on \u003Ca href=\"https:\u002F\u002Fpassster.com\u002F\" rel=\"nofollow ugc\">passster.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Learn more about this plugin \u003Ca href=\"https:\u002F\u002Fpassster.com\u002Fkb\u002F\" rel=\"nofollow ugc\">in our official documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Free users: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontent-protector\u002F\" rel=\"ugc\">Ask in our forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Pro users: \u003Ca href=\"https:\u002F\u002Fpassster.com\u002Fcontact-us\u002F?utm_source=wordpress.org&utm_medium=web&utm_campaign=description&utm_term=contact+us\" rel=\"nofollow ugc\">Get priority help\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Password Protect Pages, Posts & Content in WordPress",10000,561089,84,57,"2026-02-12T09:43:00.000Z","6.5","7.2",[20,21,22,23,24],"https:\u002F\u002Fpassster.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-protector.4.2.29.zip",95,10,"2026-02-12 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":118,"downloaded":128,"rating":29,"num_ratings":29,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":131,"tags":132,"homepage":133,"download_link":134,"security_score":135,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"smart-protect","Smart Protect","1.1","Marcos Robles","https:\u002F\u002Fprofiles.wordpress.org\u002Fkalanikochs\u002F","\u003Cp>Smart Protect offers a solution to protect your entire site and choose which pages within your site will not be protected, all in a simple and easy way.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>1.- Set password for sitewide\u003Cbr \u002F>\n2.- Set page you dont want protect with password\u003C\u002Fp>\n","Smart Protect offers a solution to protect your entire site and choose which pages within your site will not be protected, all in a simple and easy wa …",1257,"2022-03-20T15:43:00.000Z","5.8.13","",[20,21,22,23,24],"https:\u002F\u002Fwww.arepalabs.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-protect.1.1.zip",85,{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":144,"downloaded":145,"rating":146,"num_ratings":147,"last_updated":148,"tested_up_to":16,"requires_at_least":149,"requires_php":18,"tags":150,"homepage":152,"download_link":153,"security_score":117,"vuln_count":154,"unpatched_count":29,"last_vuln_date":155,"fetched_at":31},"password-protected","Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content","2.7.12","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">👑 Get Pro\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ftastewp.com\u002Fnew\u002F?pre-installed-plugin-slug=password-protected\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fdocumentation\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you want to secure your WordPress site, to password protect pages, posts, WooCommerce categories, etc.❓ If so, then you need to install ✨\u003Cstrong>the Password Protected plugin\u003C\u002Fstrong>✨.\u003C\u002Fp>\n\u003Cp>Password Protected is a robust password protection plugin for WordPress that empowers you to password protect entire posts, pages, WordPress categories, WooCommerce products, the WordPress login (wp-admin) page, and even partial content with ease.\u003C\u002Fp>\n\u003Cp>Additionally, you can secure the password protected screen from WordPress attacks such as a WordPress brute force attack with the limit login feature.\u003C\u002Fp>\n\u003Cp>Therefore, the \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002F\" rel=\"nofollow ugc\">Password Protected WordPress plugin\u003C\u002Fa> ensures comprehensive security, covering everything from WordPress pages to WooCommerce products, all with a user-friendly interface.\u003C\u002Fp>\n\u003Ch3>Why Do You Need to Password Protect WordPress Site?\u003C\u002Fh3>\n\u003Cp>With the rapidly rising number of cyber threats, having an effective WordPress security system for your website is essential.\u003C\u002Fp>\n\u003Cp>Whether you’re a blogger, a business owner, or a developer, protecting sensitive information and controlling who can access the content you have created is essential. This is where the Password Protected plugin comes in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For example\u003C\u002Fstrong>, imagine you’re a photographer showcasing your portfolio. By using the Password Protect WordPress plugin, you can share your work securely with potential clients.\u003Cbr \u002F>\nYou can either password protect your entire portfolio page or use partial content protection to lock only certain sections, such as high-resolution images or download links. This way, you can display teasers publicly while keeping your premium work private until you’re ready to share it.\u003C\u002Fp>\n\u003Ch3>What Makes the Password Protected Plugin Stand Out! 😎\u003C\u002Fh3>\n\u003Cp>Wouldn’t you like to have WordPress password protection that gives you peace of mind and immense security for your WordPress site❓\u003C\u002Fp>\n\u003Cp>Here are some of the features of the password protect WordPress plugin that gives so much control over your WordPress content protection while protecting your site from unauthorized access.\u003C\u002Fp>\n\u003Ch3>⚡ Password Protect Entire WordPress Site With These Features:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>✅ Complete Site Protection —💯% FREE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to protect your entire WordPress site? Password Protected plugin makes it easy!\u003C\u002Fp>\n\u003Cp>With a single master password, password protect entire WordPress site to prevent unauthorized access. Also, set how long you want to use the password, define protected permission, and much more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Passwordless Admin Access\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>As an admin, you probably don’t want the hassle of entering additional passwords to access your site. Right?\u003C\u002Fp>\n\u003Cp>Don’t worry. With the Password Protected plugin, you can simplify the login process for administrators with Passwordless Admin Access. This time-saving functionality enhances efficiency and security by eliminating the need for administrators to manage passwords or risk exposure to unauthorized access attempts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Google reCAPTCHA\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Add an extra layer of protection to your password screen with Google reCAPTCHA (v2 & v3). It blocks automated bots and spam by requiring human verification through simple challenges like image selection or puzzle solving.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ hCaptcha [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Secure your password form with hCaptcha, a privacy-focused alternative to Google reCAPTCHA. It verifies human users while keeping data collection minimal, helping you block bots effectively without sacrificing user privacy.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Cloudflare Turnstile [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Protect your password entry with Cloudflare Turnstile, a lightweight, user-friendly CAPTCHA solution. Unlike traditional captchas, Turnstile verifies visitors in the background, offering strong bot protection without interrupting the user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ IP Address Whitelisting\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can specify which IP addresses can access password protected content with IP Address Whitelisting.\u003C\u002Fp>\n\u003Cp>This feature adds an extra layer of security by preventing unauthorized access from IP addresses not included on the whitelist so that only approved users can access protected content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Specific Post\u002FPage Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Do you have premium content or sensitive information that you want to restrict access to? With the Password Protected plugin, you can easily password protect pages or posts so that only authorized users can view them. This feature allows you to offer exclusive content to subscribers or conduct private testing before publication.\u003C\u002Fp>\n\u003Cp>Check out our guide on how to \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fwordpress-password-protect-page\u002F\" rel=\"nofollow ugc\">password protect WordPress page\u003C\u002Fa> the right way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ User Role Whitelisting [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you are looking for simplified access control based on user roles. The User Role Whitelisting is the solution you need. By whitelisting certain user roles for your WordPress site, such as administrators, editors, or subscribers, you can ensure that authorized users can view protected content without entering a password.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Partial Content Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily protect specific sections of your WordPress pages or posts with shortcodes. Show free previews while locking premium text, media, or downloads behind a password. Fully compatible with Elementor, Gutenberg, and Beaver Builder, letting you restrict content blocks, widgets, or sections without breaking your design. Perfect for membership sites, gated resources, and premium WordPress content protection.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Page Builder Support: Elementor, Gutenberg & Beaver Builder [Pro]\u003C\u002Fstrong>\u003Cbr \u002F>\nProtect content directly inside Elementor, Gutenberg, or Beaver Builder. Restrict sections, blocks, or widgets without breaking layouts—ideal for WordPress content protection within page builders.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ WP-Admin Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Password protect wp-login (WordPress admin login page) against unauthorized access. This feature adds an extra layer of security by requiring a password to access the WP-admin dashboard, giving you greater protection against unauthorized login attempts and a \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fwordpress-brute-force-attack\u002F\" rel=\"nofollow ugc\">WordPress brute force attack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>When you password protect WordPress login page (WP-admin area), it prevents unauthorized users from accessing sensitive site settings, user data, and administrative functions. This is particularly important for sites with multiple administrators or contributors, as it helps prevent unauthorized changes to site settings or content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Password Attempt Activity Report (Weekly)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Gain valuable insights into user interactions with your protected content (e.g., password protect pages, posts, etc.) through our exclusive Password Attempt Activity Report. This report will provide a comprehensive overview of login attempts, including successful and failed tries, browsers utilized, and recent activity logs. Whether using the Free or Pro version, this report enables you to track login attempts and user activity efficiently.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Custom Post Type Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Extend your site’s security beyond standard posts and pages. The Password Protected plugin allows you to protect any custom post type, such as portfolios or testimonials, or you can even password protect WooCommerce products. The feature is extremely useful for businesses or creatives looking to share proprietary content or restrict content access to certain areas of their site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Category\u002FTaxonomy Protection [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Password protect categories to take control of your site’s organization and access. Using single or multiple passwords, you can lock specific WordPress categories or taxonomies, along with related post tags.\u003C\u002Fp>\n\u003Cp>This functionality is ideal for websites with diverse content categories or membership tiers. By restricting access to certain categories, you can create exclusive areas for different user groups or offer premium\u002Frestricted content to subscribers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Certain Page\u002FPosts Exclusions [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maintain flexibility in your WordPress site’s accessibility by excluding specific pages, posts, and post types from password protection. Whether it’s your homepage, contact page, or landing page, you can ensure that certain content remains accessible to all visitors while securing entire website content with a password.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Limit Login Attempts [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set up a limit for login attempts to protect your WordPress password protected screen against the most common WordPress attacks, such as brute force attacks. The Password Protected \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Flimit-login-attempts\u002F\" rel=\"nofollow ugc\">limit login attempts\u003C\u002Fa> feature is a proactive measure that mitigates the risk of unauthorized access and strengthens overall site security.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Password Expiration and Usage Limit [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you want to password protect WordPress pages\u002Fposts for a certain period, set expiration dates and impose usage limits to restrict the number of times a user can use the password. This will make your site more secure and make it easier to manage user access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅Bypass Links for Quick Access [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For passwordless access, easily create unique bypass links for each password protected post, page, WooCommerce product, or category, along with a master bypass URL for the entire site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Detailed Activity Logs\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stay informed and vigilant with detailed activity logs for every password attempt. This feature provides comprehensive insights into site activity, including IP addresses, dates, times, and login statuses, so you can easily monitor and review user interactions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Lock Screen Customization [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Make a lasting impression on visitors with a personalized and professional lock screen. With our Login Designer plugin, you can customize the appearance of your password-protected screen to align with your brand identity and aesthetics.\u003C\u002Fp>\n\u003Cp>With options to customize the background, logo, and other elements of the lock screen, you can create a cohesive and visually appealing experience for users seeking access to your protected\u002Frestricted content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Multiple Password Management [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Experience unmatched flexibility and control over access permissions with Multiple Password Management. You can create unlimited passwords for any lock screen. It is also easy to activate or deactivate multiple passwords for various purposes, from testing to membership management.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Import & Export Passwords [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For quick easy password management, import or export passwords in bulk using a CSV file, complete with usage limits, expiry, status, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Request Password [Pro]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily request access to protected content. Simply submit your email, the request is sent to the admin for review. The admin can then approve or reject the request directly from the WordPress dashboard. Upon approval, the user will receive the password to access the protected content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get ✨\u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org+&utm_medium=password_protected_product_page\" rel=\"nofollow ugc\">Password Protected Pro\u003C\u002Fa>✨ Now!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🎉 5 Key Reasons Why You Should Opt for Password Protected Pro\u003C\u002Fh3>\n\u003Cp>⚡ \u003Cstrong>Reason #1: Boost Your WordPress Site’s Security With Ease\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Upgrade your site’s security with \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpricing\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Password Protected Pro\u003C\u002Fa> and get comprehensive password protection.\u003C\u002Fp>\n\u003Cp>Easily password protect WordPress website. From specific page\u002Fpost protection to WP-Admin protection and user role whitelisting, Password Protected Pro empowers you to easily secure your site against unauthorized access.\u003C\u002Fp>\n\u003Cp>With intuitive password management features like multiple password management and detailed activity logs, maintaining security protocols becomes a seamless task, allowing you to focus on your core business objectives without compromising on protection.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #2: Better User Experience and Accessibility\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlock unparalleled flexibility in access control with Password Protected Pro’s advanced features. Whether you’re offering exclusive\u002Frestricted content to subscribers or conducting private testing before publication, specific page\u002Fpost protection ensures that only authorized users can access sensitive information.\u003C\u002Fp>\n\u003Cp>Meanwhile, features like Bypass URLs and certain page\u002Fpost exclusions allow you to maintain accessibility for public-facing content, striking the perfect balance between security and user experience.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #3: Gain Valuable Insights and Oversight\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Stay informed and vigilant with Password Protected Pro’s weekly comprehensive activity reporting and logging capabilities. With the password attempt activity report, including detailed activity logs, you gain valuable insights into user interactions, login attempts, and site activity.\u003C\u002Fp>\n\u003Cp>This actionable data enables you to monitor access patterns, detect potential security threats, and optimize your access control strategy accordingly.\u003C\u002Fp>\n\u003Cp>By leveraging this insight, you can proactively enhance site security, mitigate risks, and ensure compliance with privacy regulations, fostering trust and confidence among your user base.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #4: Simplified Password Management and Administration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Automate password management with Password Protected Pro’s user-friendly interface and intuitive tools.\u003C\u002Fp>\n\u003Cp>With features like password expiration and usage limits, limit login attempts, and passwordless admin access, you can automate routine tasks, reduce administrative overhead, and ensure a smooth user experience.\u003C\u002Fp>\n\u003Cp>With simplified access control and administration, Password Protected Pro frees up your valuable time and resources so you can focus on your core business objectives while maintaining the highest standards of security and compliance.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Reason #5: Easy Membership Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you manage a membership site or subscription-based platform, Password Protected Pro offers the features you need to provide exclusive access to your users to maximize revenue.\u003C\u002Fp>\n\u003Cp>With features like user role whitelisting and multiple password management, you can conveniently control access permissions for your WordPress restricted content. By simplifying \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fcontent-locking-in-wordpress\u002F\" rel=\"nofollow ugc\">WordPress content protection\u003C\u002Fa> and ensuring seamless access for paying members, you can enhance user experience, retain subscribers, and drive sustained revenue growth.\u003C\u002Fp>\n\u003Ch3>🎉 Use Cases for WordPress Password Protection\u003C\u002Fh3>\n\u003Cp>⚡ \u003Cstrong>Use Case #1: Offer Premium Content to Your Subscribers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlock the potential of your premium content by offering exclusive access to subscribers with Password Protected plugin. You can securely share articles, e-books, podcasts, and reports while tracking password usage and preventing unauthorized sharing.\u003C\u002Fp>\n\u003Cp>With the ability to generate multiple passwords, you can ensure that only paying subscribers enjoy your valuable content.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #2: Give Clients Exclusive Access to Your Portfolio\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Securely showcase your portfolio to clients with Password Protected, safeguarding your work from unauthorized access. Generate unique passwords for each client, ensuring personalized access while impressing them with a custom lock screen.\u003C\u002Fp>\n\u003Cp>With Password Protected, you can maintain confidentiality and professionalism while sharing your creative endeavors.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #3: Keep Under Maintenance Pages Private\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Maintain confidentiality and control over your unfinished website pages with Password Protected plugin. If you are working on a new website or updating existing pages, you can password protect pages or the entire WordPress site to keep your work private.\u003C\u002Fp>\n\u003Cp>Generate temporary passwords with limited usage, providing secure access to administrators while keeping your work private until it’s ready for public viewing.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #4: Create a Private Family Blog\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set up a secure and private space for your family to connect and share precious moments. Post family photos, videos, stories, and updates without worrying about unauthorized access.\u003C\u002Fp>\n\u003Cp>With the \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002F\" rel=\"nofollow ugc\">Password Protected\u003C\u002Fa> plugin, you can generate unique passwords for each family member and friend, ensuring that only those you trust can access your family blog.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #5: Provide Exclusive Access to Virtual Events\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Host exclusive virtual events and password-protect your site pages\u002Fposts with Password Protected. Generate unique passwords for each participant and customize the lock screen to enhance professionalism.\u003C\u002Fp>\n\u003Cp>By offering exclusive access to virtual events, you can increase membership and engagement while providing a secure and memorable experience for participants.\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Use Case #6: Create Member-Only WooCommerce Products\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Get more sales and customer loyalty by offering member-only WooCommerce products with Password Protected. Securely password protect WooCommerce products or categories, assigning multiple passwords for different offerings.\u003C\u002Fp>\n\u003Cp>Whether it’s special deals, discounts, or bonuses, the plugin enables you to password protect any product so you can offer those exclusive products to your valued members, driving sales and fostering a sense of exclusivity.\u003C\u002Fp>\n\u003Cp>Check out our detailed guide on how to \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpassword-protect-woocommerce-products\u002F\" rel=\"nofollow ugc\">password protect WooCommerce products\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fpassword-protect-woocommerce-shop-page\u002F\" rel=\"nofollow ugc\">WooCommerce shop page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Need Help? Get Expert Assistance\u003C\u002Fh3>\n\u003Cp>Can’t figure out how to implement password protection for your WordPress site? We’ve got you covered around the clock.\u003C\u002Fp>\n\u003Cp>Whether it’s troubleshooting technical issues, setting up password protection, or exploring advanced features, our dedicated support team is here to assist you every step of the way.\u003C\u002Fp>\n\u003Cp>So, don’t hesitate to \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">reach out for prompt and reliable guidance\u003C\u002Fa>. Contact us now to experience smooth and hassle-free service 😀.\u003C\u002Fp>\n\u003Ch3>Documentation and support\u003C\u002Fh3>\n\u003Cp>👉 To learn more, check out Password Protected \u003Ca href=\"https:\u002F\u002Fpasswordprotectedwp.com\u002Fdocumentation\u002F?utm_source=wp_org&utm_medium=readme\" rel=\"nofollow ugc\">Technical Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>👉 Open a support ticket \u003Ca href=\"https:\u002F\u002Fobjectsws.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F18\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Protect your WordPress site, pages, posts, WooCommerce products, and categories with single or multiple passwords.",300000,6892846,88,136,"2025-12-18T06:07:00.000Z","4.6",[151,21,4,22,23],"maintenance-mode","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-protected\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-protected.2.7.12.zip",5,"2025-10-24 16:54:49",{"slug":157,"name":158,"version":159,"author":160,"author_profile":161,"description":162,"short_description":163,"active_installs":29,"downloaded":164,"rating":29,"num_ratings":29,"last_updated":165,"tested_up_to":166,"requires_at_least":167,"requires_php":168,"tags":169,"homepage":131,"download_link":172,"security_score":173,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"riaco-content-protector","RIACO Content Protector","1.0.0","robertoiacono","https:\u002F\u002Fprofiles.wordpress.org\u002Fprototipo88\u002F","\u003Cp>\u003Cstrong>RIACO Content Protector\u003C\u002Fstrong> allows you to protect \u003Cem>any part\u003C\u002Fem> of your WordPress content using a shortcode.\u003Cbr \u002F>\nUnlike the built-in post password protection, this plugin protects only what you wrap, \u003Cem>not the whole post\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Perfect for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Protecting premium blocks of content  \u003C\u002Fli>\n\u003Cli>Protecting guides, downloads, links, or sensitive sections   \u003C\u002Fli>\n\u003Cli>Paywall-style snippets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Protect \u003Cstrong>only specific content\u003C\u002Fstrong> inside posts\u002Fpages  \u003C\u002Fli>\n\u003Cli>Uses a minimal shortcode:\u003Cbr \u002F>\n  [riaco_content_protector] Hidden text here [\u002Friaco_content_protector]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global password\u003C\u002Fstrong> stored in plain text, like WordPress page passwords.\u003C\u002Fli>\n\u003Cli>AJAX-based form — no page reload  \u003C\u002Fli>\n\u003Cli>Unlocks \u003Cstrong>all protected sections\u003C\u002Fstrong> on the site after correct password  \u003C\u002Fli>\n\u003Cli>Optional cookie persistence (remember unlocked content for a configurable number of days)   \u003C\u002Fli>\n\u003Cli>Secure implementation using nonces, hashed tokens, and transients   \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The global password is stored in plain text, just like WordPress page passwords. It can be read by user with ‘manage_options’ ability.\u003C\u002Fli>\n\u003Cli>If the global password or “Remember Unlocked” duration is changed in settings, all existing unlock cookies are invalidated. Users will need to re-enter the new password to access protected content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>Wrap content you want to protect:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[riaco_content_protector]\nThis text will be hidden until the visitor enters the password.\n[\u002Friaco_content_protector]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Set the global password under:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Settings > Content Protector\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Visitors will see a modern, styled form.\u003Cbr \u002F>\nAfter entering the correct password:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The content unlocks immediately  \u003C\u002Fli>\n\u003Cli>All other protected areas unlock automatically  \u003C\u002Fli>\n\u003Cli>An optional cookie can keep everything unlocked for a chosen number of days  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Nonces on every request  \u003C\u002Fli>\n\u003Cli>Secure HMAC token for cookie authentication  \u003C\u002Fli>\n\u003Cli>Sanitized shortcode attributes  \u003C\u002Fli>\n\u003Cli>Escaped output  \u003C\u002Fli>\n\u003Cli>No sensitive data stored in cookies  \u003C\u002Fli>\n\u003Cli>Global password stored in plain text, like WordPress page passwords. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Cookie\u003C\u002Fh3>\n\u003Cp>We use this cookie to understand if user unlocked the content: \u003Ccode>riaco_cp_unlocked_global\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch3>Style\u003C\u002Fh3>\n\u003Cp>You can style the content protector box.\u003C\u002Fp>\n\u003Cp>It has this class: \u003Ccode>.riaco-cp--container\u003C\u002Fcode>, so you can add in your \u003Ccode>style.css\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>.riaco-cp--container {\n    background: #f8f9fa;\n    padding: 20px;\n    border: 1px solid #ddd;\n    border-radius: 6px;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can replace button classes using:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'riaco_cp_button_classes', function( $classes ) {\n    return 'button my-custom-button-class';\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Or you can remove button classes:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'riaco_cp_button_classes', function( $classes ) {\n    \u002F\u002F Remove wp-element-button\n    return str_replace( 'wp-element-button', '', $classes );\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later.\u003C\u002Fp>\n","Protect any portion of your WordPress content using a simple shortcode. Includes global password, AJAX unlock, and site-wide instant access.",113,"2025-12-04T20:52:00.000Z","6.8.5","6.2","7.4",[170,171,20,22,23],"content-protection","hide-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Friaco-content-protector.1.0.0.zip",100,{"slug":175,"name":176,"version":177,"author":178,"author_profile":179,"description":180,"short_description":181,"active_installs":182,"downloaded":183,"rating":184,"num_ratings":185,"last_updated":186,"tested_up_to":16,"requires_at_least":112,"requires_php":168,"tags":187,"homepage":192,"download_link":193,"security_score":95,"vuln_count":194,"unpatched_count":29,"last_vuln_date":195,"fetched_at":31},"better-wp-security","Solid Security – Password, Two Factor Authentication, and Brute Force Protection","9.4.6","StellarWP","https:\u002F\u002Fprofiles.wordpress.org\u002Fstellarwp\u002F","\u003Ch4>Reduce your WordPress website’s risk to nearly zero with Solid Security\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fwporg-security-ithemes\" rel=\"nofollow ugc\">Formerly iThemes Security. Looking for iThemes? Learn more here.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>On average, 30,000 websites are hacked every day.* Cyberattacks in the US increased by 57% in 2022.** Bad actors who want to hack your site, steal your data, and cripple your business are a 24\u002F7\u002F365 threat.\u003C\u002Fp>\n\u003Cp>You need a proactive, strategic approach to WordPress website security that protects your site from brute force attacks, malware infections, and other cyber threats.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsolid-security-pro\" rel=\"nofollow ugc\">Solid Security\u003C\u002Fa> shields your site from cyberattacks and prevents security vulnerabilities. It automatically locks out bad users identified by our Brute Force Protection Network that is nearly 1 million sites strong and leverages your own blacklist. It secures and protects your most commonly attacked part of your WordPress website – user login authentication.\u003C\u002Fp>\n\u003Cp>With Patchstack integration (Pro) protects your site before you even have a chance to address vulnerabilities and before a plugin or theme vendor or developer can even issue a patch.\u003C\u002Fp>\n\u003Cp>That’s 24\u002F7\u002F365 always-on truly Solid Security.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Welcome to Solid Security, Part of the SolidWP Suite\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F863249227?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch4>🌐 Secure your Website in Minutes\u003C\u002Fh4>\n\u003Cp>The Solid Security setup and onboarding experience allows anyone to secure their WordPress website in under 10 minutes, regardless of technical acumen. Knowing that you have enabled all the right security settings for your website will leave you feeling like your site has never been more secure.\u003C\u002Fp>\n\u003Ch4>📚 Security Site Templates to Fit Your Type of Site\u003C\u002Fh4>\n\u003Cp>Enabling the correct security settings based on the type of website you are building or maintaining is essential for proper security. An eCommerce site requires a different level of security than a basic blog. Solid Security Site Templates make it quick and easy to apply the right security settings for your website.\u003C\u002Fp>\n\u003Cp>Choose from six different site templates to apply the type of security your site needs:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Ecommerce\u003C\u002Fstrong> – websites that sell products or services\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Network\u003C\u002Fstrong> – websites that connect people or communities\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Non-Profit\u003C\u002Fstrong> – websites that promote your cause and collect donations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blog\u003C\u002Fstrong> – websites that share your thoughts or start a conversation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Portfolio\u003C\u002Fstrong> – websites that showcase your craft\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brochure\u003C\u002Fstrong> – simple websites that promote your business\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>⌚ Real-Time Website Security Dashboard\u003C\u002Fh4>\n\u003Cp>Every day, lots of activity is happening on your website that you can’t see. Many of these activities can be related to your site’s security, so monitoring these events is vital to keeping your site secure.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsolid-security-pro\" rel=\"nofollow ugc\">Solid Security Pro\u003C\u002Fa> plugin provides a real-time WordPress security dashboard that monitors security-related events on your site around the clock. The Solid Security Dashboard is a dynamic dashboard with all your WordPress website’s security activity stats in one place, including brute force attacks, banned users, active lockouts, site scan results, and user security stats (Pro).\u003C\u002Fp>\n\u003Ch4>🗝️ WordPress Login Security\u003C\u002Fh4>\n\u003Cp>Setting up and maintaining proper WordPress configurations and managing user account access are essential aspects of hardening your site against threats and vulnerabilities. Basic and Pro include features that address both of these factors.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Two Factor Authentication (2FA)\u003C\u002Fstrong> – Make your WordPress login nearly impenetrable to attack by requiring users to enter a security code along with a password to login. The Solid Security plugin allows you to add two-factor authentication to your WordPress login with several authentication methods, including mobile apps like Authy and Google Authenticator, email, and backup codes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Password Requirements\u003C\u002Fstrong> – Create and enforce a password policy for your users in less than a minute.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>reCAPTCHA\u003C\u002Fstrong> (Pro) – Stop bad bots from engaging in abusive activities on your website, such as attempting to break into your website using compromised passwords, posting spam, or even scraping your content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Passwordless Logins\u003C\u002Fstrong> (Pro) – WordPress security made easy. Secure your user accounts with 2fa & strong passwords while allowing real users login with a click of a mouse.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Trusted Devices\u003C\u002Fstrong> (Pro) – Identify the devices you and other users use to block session hijacking attacks and limit Administrator privileges to Trusted Devices.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Automated Vulnerability Patching\u003C\u002Fstrong> (Pro) – Solid Security Pro includes Patchstack which patches vulnerabilities before you have a chance to and applies fixes even before a plugin developer or vendor has issued a patch.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fwporgpasswordless\" rel=\"nofollow ugc\">passwordless login is the future\u003C\u002Fa> and how Solid Security can help you implement it today.\u003C\u002Fp>\n\u003Ch4>👨‍👩‍👧‍👦 The Right Amount of Security for Every User Level\u003C\u002Fh4>\n\u003Cp>Different types of user levels require different levels of security. During the Solid Security setup process, you can identify your website’s key user groups. Once the different types of users are identified, you can apply the level of security that is just right for each user group.\u003C\u002Fp>\n\u003Cp>Here are a couple of examples of how User Groups are useful for securing your site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>For Clients\u003C\u002Fstrong> – Let’s say you are configuring Solid Security on a client’s website. You will decide whether or not they are required to use two-factor authentication and if they should have access to the Solid Security settings.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>For Customers\u003C\u002Fstrong> – If you have an eCommerce website, you will decide whether or not you want to protect customer accounts with a password policy.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Privilege Escalation\u003C\u002Fstrong> (Pro) also adds a safe, secure way to grant temporary admin-level access to your website.\u003C\u002Fp>\n\u003Ch4>🤖 Block Bad Bots & Ban User Agents with Lockouts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Ban Users\u003C\u002Fstrong> (Basic and Pro) – Permanently block repeat offenders from accessing your site.\u003Cbr \u002F>\nLocal Brute Force Protection – Automatically identify and stop the most common method of attack on WordPress sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Local Brute Force Protection\u003C\u002Fstrong> (Basic and Pro) – Automatically identify and stop the most common method of attack on WordPress sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Network Brute Force Protection\u003C\u002Fstrong> (Basic and Pro) – The network is the Solid Security community and is nearly one million websites strong. If someone tries to break into websites in the Solid Security community, Solid Security will block them across the network.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Magic Links\u003C\u002Fstrong> (Pro) – Security shouldn’t get in your way. Magic Links allow you to log in to your WordPress site while your username is locked out by the Solid Security Local Brute Force Protection feature.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔍 Monitor Your Site’s Security Health\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>File Change Detection\u003C\u002Fstrong> (Basic and Pro) – Solid Security logs changes made to your website that can help detect malicious activity on your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Site Scanner (Basic and Pro)\u003C\u002Fstrong> – Schedule checks to run four times per day (Basic) or hourly (Pro) for known vulnerabilities of WordPress core file, plugins and themes. Using the Google Safe Browsing API, the Site Scan also checks your Google’s blocklist status and will alert you if Google has found any malware on your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Patchstack integration (Pro)\u003C\u002Fstrong> – Automated virtual patching of some vulnerabilities before you even have a chance to address them yourself, and before a plugin or theme vendor or developer can even issue a patch.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Site Scanner\u003C\u002Fstrong> (Pro) – Unlock Version Management to automatically apply a patch to vulnerable software detected by the Site Scan when one is available.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Logging\u003C\u002Fstrong> (Pro) – Keep a record of user activity in your WordPress security logs, including login\u002Flogout, user registration, adding\u002Fremoving plugins, switching themes, changes to posts and pages, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Version Management\u003C\u002Fstrong> (Pro) – The Version Management feature in Solid Security Pro allows you to auto-update WordPress, plugins, and themes. Beyond that, Version Management also has options to harden your website when you are running outdated software and scan for old websites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧠 Smarter, More Actionable Vulnerability Prioritization\u003C\u002Fh4>\n\u003Cp>Not all vulnerabilities pose the same level of risk, and the traditional Common Vulnerability Scoring System (CVSS) score doesn’t always reflect the realities of running a WordPress site.\u003C\u002Fp>\n\u003Cp>Solid Security now uses the Patchstack Priority score, which goes beyond CVSS to provide a real-world risk assessment tailored to WordPress. It factors in how likely a vulnerability is to be exploited and its actual impact on your site.\u003C\u002Fp>\n\u003Cp>With Patchstack Priority, you get a clearer picture of what really matters, helping you focus on the vulnerabilities that pose the greatest risk, and worry less about noise from low-impact issues.\u003C\u002Fp>\n\u003Ch4>🛠️ Website Security Utilities\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enforce SSL\u003C\u002Fstrong> – Force all connections to the website to be made over SSL\u002FTLS.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Database Backups\u003C\u002Fstrong> – Create backups of your WordPress database. (Not a complete backup.)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Geolocation\u003C\u002Fstrong> (Pro) – Improve Trusted Devices by connecting to an external location or mapping API.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🚀 Advanced Security Tools\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Identify Server IPs\u003C\u002Fstrong> – Prevent issues caused by inadvertently locking out your server IPs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change User ID 1\u003C\u002Fstrong> – Change the user ID for the first WordPress user, potentially preventing attacks that assume the user with ID1 exists and is an administrator.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Database Prefix\u003C\u002Fstrong> – Change the database prefix that WordPress uses, potentially preventing attacks that assume the database prefix is “wp_”.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Check File Permission\u003C\u002Fstrong> – See the file and directory permissions of key areas of your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Server Config Rules\u003C\u002Fstrong> – View or flush the server security rules generated by Solid Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>wp-config.php Rules\u003C\u002Fstrong> – View or flush the wp-config.php security rules generated by Solid Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change WordPress Salts\u003C\u002Fstrong> – Secure your site after a successful attack by changing the WordPress salts used to secure cookies and security tokens.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Login URL\u003C\u002Fstrong> – change the login URL of your site, making it harder for bots to find your login page and attack it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🛟 Need Help?\u003C\u002Fh4>\n\u003Cp>Free support may be available with the community’s help in the WordPress.org support forums. Our Solid Security support team provides top-notch technical support to all our Solid Security Basic users there.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-help-center\" rel=\"nofollow ugc\">Our Help Center will help you become an iThemes Security expert.\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Get additional peace of mind with professional support from our expert team and pro features to take your site’s security to the next level with Solid Security Pro.\u003C\u002Fp>\n\u003Ch4>Recover From a Hacked Site\u003C\u002Fh4>\n\u003Cp>Solid Security makes regular backups of your WordPress database, allowing you to get back online quickly in the event of a hack or security breach. Use Solid Security to create and email database backups on a customizable schedule.\u003C\u002Fp>\n\u003Cp>For complete site backups and the ability to restore or move WordPress to a new host or domain, check out \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-basic-solid-backups\" rel=\"nofollow ugc\">Solid Backups\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Solid Central Integration\u003C\u002Fh4>\n\u003Cp>Manage more than one WordPress site? Release lockouts and keep your themes, plugins, and WordPress core up to date from one dashboard with \u003Ca href=\"https:\u002F\u002Fgo.solidwp.com\u002Fsecurity-basic-solid-central\" rel=\"nofollow ugc\">Solid Central\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>*Zippia. “30 Crucial Cybersecurity Statistics [2023]: Data, Trends And More” Zippia.com. Jun. 15, 2023, https:\u002F\u002Fwww.zippia.com\u002Fadvice\u002Fcybersecurity-statistics\u002F\u003C\u002Fp>\n\u003Cp>**https:\u002F\u002Fblog.checkpoint.com\u002F2023\u002F01\u002F05\u002F38-increase-in-2022-global-cyberattacks\u002F\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Released under the terms of the GNU General Public License.\u003C\u002Fp>\n","Harden your site security with Login Security, Two-Factor Authentication (2FA), Vulnerability Scanner, Firewall, and more. Formerly iThemes Security.",700000,37290141,92,3981,"2026-02-25T12:43:00.000Z",[188,189,22,190,191],"brute-force-protection","malware","security","two-factor-authentication","https:\u002F\u002Fsolidwp.com\u002Fproducts\u002Fsecurity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-wp-security.9.4.6.zip",19,"2024-06-20 00:00:00",{"attackSurface":197,"codeSignals":709,"taintFlows":962,"riskAssessment":1088,"analyzedAt":1101},{"hooks":198,"ajaxHandlers":602,"restRoutes":649,"shortcodes":703,"cronEvents":707,"entryPointCount":708,"unprotectedCount":483},[199,204,209,214,218,223,228,232,236,240,243,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,295,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,350,353,356,359,362,365,368,371,373,376,379,382,385,388,391,394,397,402,406,410,414,417,419,423,427,430,432,435,438,441,445,448,452,456,460,464,466,470,474,477,481,484,486,487,490,491,494,495,496,498,502,505,508,511,514,517,520,524,528,532,536,539,542,545,548,551,553,557,561,564,567,572,575,577,579,583,586,590,593,598],{"type":200,"name":201,"callback":201,"priority":154,"file":202,"line":203},"action","ppwp_post_password_required","admin\\class-ppw-admin.php",1439,{"type":200,"name":205,"callback":206,"file":207,"line":208},"plugins_loaded","setup_hooks","includes\\addons\\beaver-builder\\class-ppw-beaver-loader.php",15,{"type":210,"name":211,"callback":212,"file":207,"line":213},"filter","fl_builder_custom_fields","register_fields",26,{"type":200,"name":215,"callback":216,"file":207,"line":217},"init","load_modules",29,{"type":200,"name":219,"callback":220,"file":221,"line":222},"elementor\u002Fwidgets\u002Fwidgets_registered","anonymous","includes\\addons\\elementor\\class-ppw-elementor.php",63,{"type":210,"name":224,"callback":225,"file":226,"line":227},"ppw_shortcode_allow_bypass_valid_post_type","__return_true","includes\\class-ppw-api.php",812,{"type":210,"name":229,"callback":229,"priority":118,"file":230,"line":231},"terms_clauses","includes\\class-ppw-functions.php",749,{"type":210,"name":233,"callback":234,"priority":48,"file":230,"line":235},"get_term","get_term_adjust_id",750,{"type":210,"name":237,"callback":238,"priority":118,"file":230,"line":239},"get_terms_args","get_terms_args_filter",751,{"type":200,"name":205,"callback":220,"file":241,"line":242},"includes\\class-ppw.php",282,{"type":200,"name":244,"callback":220,"file":241,"line":245},"admin_enqueue_scripts",300,{"type":200,"name":247,"callback":220,"file":241,"line":248},"admin_menu",301,{"type":200,"name":250,"callback":220,"file":241,"line":251},"admin_notices",302,{"type":200,"name":253,"callback":220,"file":241,"line":254},"add_meta_boxes",304,{"type":200,"name":256,"callback":220,"file":241,"line":257},"login_form_ppw_postpass",305,{"type":200,"name":259,"callback":220,"file":241,"line":260},"login_form_postpass",308,{"type":200,"name":262,"callback":220,"file":241,"line":263},"template_redirect",310,{"type":200,"name":265,"callback":220,"file":241,"line":266},"ppw_redirect_after_enter_password",311,{"type":200,"name":268,"callback":220,"file":241,"line":269},"admin_init",312,{"type":210,"name":271,"callback":220,"file":241,"line":272},"ppwp_customize_password_form",321,{"type":200,"name":268,"callback":220,"file":241,"line":274},324,{"type":200,"name":276,"callback":220,"file":241,"line":277},"ppw_render_content_general",326,{"type":200,"name":279,"callback":220,"file":241,"line":280},"ppw_render_content_entire_site",327,{"type":210,"name":282,"callback":220,"file":241,"line":283},"post_password_required",329,{"type":200,"name":285,"callback":220,"file":241,"line":286},"ppw_render_sitewide_content_general",335,{"type":200,"name":288,"callback":220,"file":241,"line":289},"post_row_actions",339,{"type":200,"name":291,"callback":220,"file":241,"line":292},"page_row_actions",340,{"type":200,"name":205,"callback":220,"file":241,"line":294},353,{"type":200,"name":268,"callback":220,"file":241,"line":296},354,{"type":200,"name":298,"callback":220,"file":241,"line":299},"ppw_render_content_shortcodes",365,{"type":200,"name":301,"callback":220,"file":241,"line":302},"ppw_render_content_master_passwords",366,{"type":200,"name":304,"callback":220,"file":241,"line":305},"ppw_render_content_misc",367,{"type":200,"name":307,"callback":220,"file":241,"line":308},"ppw_render_content_troubleshooting",368,{"type":200,"name":310,"callback":220,"file":241,"line":311},"rest_api_init",370,{"type":210,"name":313,"callback":220,"file":241,"line":314},"rest_post_query",373,{"type":210,"name":316,"callback":220,"file":241,"line":317},"rest_pre_dispatch",374,{"type":210,"name":319,"callback":220,"file":241,"line":320},"pre_get_posts",375,{"type":210,"name":322,"callback":220,"file":241,"line":323},"ppw_content_shortcode_source",377,{"type":200,"name":325,"callback":220,"file":241,"line":326},"ppw_render_pcp_content_general",380,{"type":200,"name":328,"callback":220,"file":241,"line":329},"ppw_render_external_content_recaptcha",381,{"type":200,"name":331,"callback":220,"file":241,"line":332},"ppw_render_external_content_configuration",382,{"type":200,"name":334,"callback":220,"file":241,"line":335},"plugin_row_meta",383,{"type":200,"name":337,"callback":220,"file":241,"line":338},"ppwp_render_sitewide_countdown",384,{"type":200,"name":340,"callback":220,"file":241,"line":341},"ppwp_sitewide_hide_password_form",385,{"type":200,"name":343,"callback":220,"file":241,"line":344},"ppwp_countdown_timer_styles",386,{"type":210,"name":346,"callback":220,"file":241,"line":347},"ppwp_customizer_custom_fields",389,{"type":200,"name":262,"callback":220,"file":241,"line":349},407,{"type":200,"name":351,"callback":220,"file":241,"line":352},"wp_enqueue_scripts",408,{"type":210,"name":354,"callback":220,"file":241,"line":355},"the_content",409,{"type":210,"name":357,"callback":220,"file":241,"line":358},"ppw_cookie_expire",410,{"type":210,"name":360,"callback":220,"file":241,"line":361},"ppw_sitewide_cookie_expiration",411,{"type":210,"name":363,"callback":220,"file":241,"line":364},"ppw_sitewide_form_action",412,{"type":210,"name":366,"callback":220,"file":241,"line":367},"et_builder_load_actions",416,{"type":210,"name":369,"callback":220,"file":241,"line":370},"the_password_form",422,{"type":200,"name":215,"callback":220,"file":241,"line":372},425,{"type":210,"name":374,"callback":220,"file":241,"line":375},"posts_where_paged",427,{"type":210,"name":377,"callback":220,"file":241,"line":378},"widget_posts_args",428,{"type":210,"name":380,"callback":220,"file":241,"line":381},"get_next_post_where",429,{"type":210,"name":383,"callback":220,"file":241,"line":384},"get_previous_post_where",430,{"type":210,"name":386,"callback":220,"file":241,"line":387},"get_pages",431,{"type":210,"name":389,"callback":220,"file":241,"line":390},"wpseo_exclude_from_sitemap_by_post_ids",432,{"type":210,"name":392,"callback":220,"file":241,"line":393},"ppwp_ppf_action_url",434,{"type":200,"name":395,"callback":220,"file":241,"line":396},"wp",435,{"type":200,"name":398,"callback":399,"file":400,"line":401},"customize_controls_print_styles","ppw_presets_control_css","includes\\customizers\\class-ppw-presets.php",286,{"type":210,"name":282,"callback":403,"priority":208,"file":404,"line":405},"category_password_required","includes\\services\\class-ppw-category.php",53,{"type":210,"name":407,"callback":408,"priority":208,"file":404,"line":409},"ppw_is_valid_password","check_valid_password",54,{"type":200,"name":411,"callback":412,"file":404,"line":413},"category_pre_add_form","display_category_ui",55,{"type":210,"name":415,"callback":415,"file":404,"line":416},"ppw_is_valid_cookie",58,{"type":210,"name":201,"callback":201,"priority":173,"file":404,"line":418},59,{"type":210,"name":392,"callback":420,"priority":421,"file":404,"line":422},"get_action_url",9999,149,{"type":200,"name":215,"callback":424,"file":425,"line":426},"register_post_type","includes\\services\\class-ppw-content-protection.php",50,{"type":210,"name":428,"callback":429,"priority":118,"file":425,"line":405},"ppw_shortcode_render_content","handle_shortcode_with_area",{"type":210,"name":366,"callback":431,"file":425,"line":409},"add_action_to_divi",{"type":210,"name":433,"callback":434,"priority":118,"file":425,"line":413},"ppw_pcp_valid_shortcode","valid_shortcode",{"type":200,"name":268,"callback":436,"file":425,"line":437},"maybe_add_metabox",56,{"type":210,"name":439,"callback":440,"priority":208,"file":425,"line":110},"ppw_shortcode_unlock_content","maybe_unlock_content_by_cookie",{"type":210,"name":442,"callback":443,"priority":444,"file":425,"line":416},"ppw_pcp_submenu_add_new_tab","add_pcp_tab",1000,{"type":200,"name":250,"callback":446,"file":425,"line":447},"handle_admin_notices",64,{"type":200,"name":449,"callback":449,"priority":208,"file":450,"line":451},"customize_register","includes\\services\\class-ppw-customizer-pcp.php",37,{"type":200,"name":453,"callback":454,"file":450,"line":455},"wp_head","dynamic_styles",38,{"type":210,"name":457,"callback":458,"file":450,"line":459},"ppw_pcp_attributes","load_customizer_attributes",39,{"type":210,"name":461,"callback":462,"priority":118,"file":450,"line":463},"ppw_validated_pcp_password","load_customizer_err_msg",40,{"type":200,"name":449,"callback":449,"priority":208,"file":465,"line":208},"includes\\services\\class-ppw-customizer-sitewide.php",{"type":200,"name":449,"callback":467,"priority":468,"file":465,"line":469},"customize_register_themes",25,20,{"type":200,"name":471,"callback":472,"priority":208,"file":465,"line":473},"ppw_custom_style_form_entire_site","load_css_to_pro",21,{"type":200,"name":449,"callback":449,"file":475,"line":476},"includes\\services\\class-ppw-customizer-upsell.php",22,{"type":200,"name":478,"callback":479,"file":475,"line":480},"customize_controls_enqueue_scripts","enqueue",23,{"type":200,"name":449,"callback":449,"file":482,"line":483},"includes\\services\\class-ppw-customizer.php",17,{"type":200,"name":478,"callback":479,"file":482,"line":485},18,{"type":200,"name":453,"callback":454,"file":482,"line":194},{"type":210,"name":282,"callback":488,"priority":208,"file":489,"line":405},"tag_password_required","includes\\services\\class-ppw-post-tag.php",{"type":210,"name":407,"callback":408,"priority":208,"file":489,"line":409},{"type":200,"name":492,"callback":493,"file":489,"line":413},"post_tag_pre_add_form","display_post_tag_ui",{"type":210,"name":415,"callback":415,"file":489,"line":416},{"type":210,"name":201,"callback":201,"priority":173,"file":489,"line":418},{"type":210,"name":392,"callback":420,"priority":421,"file":489,"line":497},150,{"type":210,"name":499,"callback":500,"priority":468,"file":501,"line":405},"ppwp_customize_ppf","maybe_customize_error_message","includes\\services\\class-ppw-recaptcha.php",{"type":210,"name":503,"callback":504,"priority":469,"file":501,"line":409},"ppwp_ppf_redirect_url","maybe_add_blocked_message",{"type":210,"name":506,"callback":507,"priority":118,"file":501,"line":413},"ppwp_ppf_referrer_url","maybe_remove_recaptcha_query",{"type":210,"name":509,"callback":510,"priority":118,"file":501,"line":437},"ppwpea_recaptcha_v2_site_key","get_ppwpea_recaptcha_v2_api_key",{"type":210,"name":512,"callback":513,"priority":118,"file":501,"line":110},"ppwpea_recaptcha_v2_secret","get_ppwpea_recaptcha_v2_api_secret",{"type":200,"name":515,"callback":516,"priority":118,"file":501,"line":416},"wp_footer","load_js_in_footer",{"type":200,"name":518,"callback":519,"priority":118,"file":501,"line":418},"ppw_custom_footer_form_entire_site","maybe_load_sitewide_recaptcha_js",{"type":200,"name":521,"callback":522,"priority":118,"file":501,"line":523},"ppw_sitewide_above_submit_button","maybe_add_recaptcha_input_below_sitewide_form",60,{"type":200,"name":525,"callback":526,"priority":118,"file":501,"line":527},"ppw_sitewide_custom_internal_css","customize_sitewide_css",61,{"type":210,"name":529,"callback":530,"priority":118,"file":501,"line":531},"ppw_sitewide_valid_password","validate_sitewide_password",62,{"type":210,"name":533,"callback":534,"file":501,"line":535},"ppw_sitewide_error_message","get_sitewide_error_message",528,{"type":210,"name":322,"callback":537,"priority":208,"file":538,"line":95},"render_block_content","includes\\services\\class-ppw-shortcode.php",{"type":200,"name":540,"callback":541,"priority":118,"file":538,"line":27},"the_post","maybe_remove_ppwp_shortcode",{"type":200,"name":540,"callback":543,"priority":544,"file":538,"line":94},"maybe_add_ppwp_shortcode",99999,{"type":200,"name":351,"callback":546,"file":538,"line":547},"add_scripts",106,{"type":210,"name":354,"callback":549,"priority":544,"file":538,"line":550},"closure",132,{"type":200,"name":515,"callback":549,"file":538,"line":552},371,{"type":210,"name":282,"callback":554,"priority":426,"file":555,"line":556},"__return_false","public\\class-ppw-public.php",447,{"type":200,"name":250,"callback":558,"file":559,"line":560},"ppw_fail_php_version","wp-protect-password.php",117,{"type":200,"name":250,"callback":562,"file":559,"line":563},"ppw_fail_wp_version",119,{"type":200,"name":205,"callback":565,"file":559,"line":566},"ppw_free_load_plugin",125,{"type":200,"name":247,"callback":568,"priority":569,"file":570,"line":571},"wpfolio_ppwp_anylc_remove_admin_menu",999,"wpfolio-analytics\\includes\\class-anylc-admin.php",31,{"type":200,"name":247,"callback":573,"priority":208,"file":570,"line":574},"wpfolio_ppwp_anylc_register_admin_menu",34,{"type":200,"name":268,"callback":576,"file":570,"line":451},"wpfolio_ppwp_anylc_admin_init_process",{"type":200,"name":250,"callback":578,"file":570,"line":463},"wpfolio_ppwp_anylc_optin_notice",{"type":200,"name":580,"callback":581,"file":570,"line":582},"admin_footer","wpfolio_ppwp_anylc_optout_popup",43,{"type":200,"name":268,"callback":584,"file":570,"line":585},"redirect_optin_page",45,{"type":200,"name":587,"callback":588,"file":570,"line":589},"wp_loaded","wpfolio_ppwp_anylc_action_process",48,{"type":200,"name":244,"callback":591,"file":592,"line":469},"wpfolio_ppwp_anylc_admin_script_style","wpfolio-analytics\\includes\\class-anylc-script.php",{"type":200,"name":594,"callback":595,"priority":118,"file":596,"line":597},"activated_plugin","wpfolio_ppwp_anylc_plugin_activation","wpfolio-analytics\\wpfolio-analytics.php",253,{"type":200,"name":205,"callback":599,"priority":600,"file":596,"line":601},"wpfolio_ppwp_anylc_plugins_loaded",12,267,[603,607,610,613,616,619,622,625,628,631,634,637,641,643,647],{"action":604,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":606},"ppw_free_set_password",false,320,{"action":608,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":609},"ppw_free_update_general_settings",322,{"action":611,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":612},"ppw_free_update_entire_site_settings",323,{"action":614,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":615},"ppw_update_post_status",341,{"action":617,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":618},"ppw_free_update_misc_settings",359,{"action":620,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":621},"ppw_free_update_category_settings",360,{"action":623,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":624},"ppw_free_update_tag_settings",361,{"action":626,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":627},"ppw_free_update_shortcode_settings",362,{"action":629,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":630},"ppw_free_update_external_settings",363,{"action":632,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":633},"ppw_free_restore_wp_passwords",364,{"action":635,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":636},"ppw_free_subscribe_request",379,{"action":638,"nopriv":639,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":640},"ppw_validate_password",true,414,{"action":638,"nopriv":605,"callback":220,"hasNonce":605,"hasCapCheck":605,"file":241,"line":642},415,{"action":644,"nopriv":605,"callback":645,"hasNonce":605,"hasCapCheck":605,"file":425,"line":646},"ppw_pcp_validate_password","validate_password",51,{"action":644,"nopriv":639,"callback":645,"hasNonce":605,"hasCapCheck":605,"file":425,"line":648},52,[650,656,662,667,672,676,680,685,690,694,699],{"namespace":651,"route":652,"methods":653,"callback":655,"permissionCallback":225,"file":226,"line":480},"wppp\u002Fv1","check-content-password\u002F(?P\u003Cid>\\d+)",[654],"POST","ppwp_check_content_password",{"namespace":651,"route":657,"methods":658,"callback":660,"permissionCallback":661,"file":226,"line":405},"master-passwords",[659],"GET","ppwp_get_master_passwords","can_access",{"namespace":651,"route":657,"methods":663,"callback":665,"permissionCallback":661,"file":226,"line":666},[664],"DELETE","delete_password",66,{"namespace":651,"route":657,"methods":668,"callback":670,"permissionCallback":661,"file":226,"line":671},[669],"PUT","update_password",79,{"namespace":651,"route":673,"methods":674,"callback":675,"permissionCallback":661,"file":226,"line":184},"master-passwords\u002Fstatus",[654],"change_status",{"namespace":651,"route":657,"methods":677,"callback":678,"permissionCallback":661,"file":226,"line":679},[654],"add_new_master_password",105,{"namespace":651,"route":681,"methods":682,"callback":683,"permissionCallback":661,"file":226,"line":684},"\u002Fmaster-passwords\u002Fbulk-delete",[654],"bulk_delete_master_passwords",118,{"namespace":651,"route":686,"methods":687,"callback":688,"permissionCallback":661,"file":226,"line":689},"\u002Fmaster-passwords\u002Fall-expired-delete",[654],"all_expired_delete_master_passwords",131,{"namespace":651,"route":691,"methods":692,"callback":645,"permissionCallback":225,"file":226,"line":693},"validate-password",[654],145,{"namespace":651,"route":695,"methods":696,"callback":697,"permissionCallback":661,"file":226,"line":698},"pcp\u002F(?P\u003Cid>\\d+)\u002Fsettings",[659],"get_pcp_settings",159,{"namespace":651,"route":695,"methods":700,"callback":701,"permissionCallback":661,"file":226,"line":702},[654],"update_pcp_settings",173,[704],{"tag":705,"callback":220,"file":241,"line":706},"ppw-content-protect",337,[],27,{"dangerousFunctions":710,"sqlUsage":721,"outputEscaping":726,"fileOperations":29,"externalRequests":957,"nonceChecks":208,"capabilityChecks":789,"bundledLibraries":958},[711,714,718],{"fn":712,"file":230,"line":601,"context":713},"unserialize","$serialize_raw_data = @unserialize( $raw_data );",{"fn":712,"file":715,"line":716,"context":717},"includes\\services\\class-ppw-passwords.php",653,"$meta_value     = ppw_free_fix_serialize_data( @unserialize( $val->meta_value ) );",{"fn":712,"file":715,"line":719,"context":720},699,"$meta_value          = ppw_free_fix_serialize_data( @unserialize( $value->meta_value ) );",{"prepared":110,"raw":48,"locations":722},[723],{"file":724,"line":95,"context":725},"includes\\class-ppw-db.php","$wpdb->query() with variable interpolation",{"escaped":727,"rawEcho":728,"locations":729},400,148,[730,733,736,737,740,742,744,746,748,749,750,752,754,757,759,761,762,763,766,768,770,772,773,775,777,778,779,781,782,784,785,787,790,791,792,794,796,799,801,803,804,805,807,808,811,813,814,815,817,818,821,822,824,825,826,828,830,831,833,834,835,837,839,841,843,844,845,846,847,848,850,851,852,854,855,856,858,859,860,862,864,865,866,867,868,870,871,874,876,878,879,880,881,882,883,884,885,886,888,889,891,892,894,896,897,898,899,900,902,903,905,907,908,910,912,913,915,916,917,918,920,921,922,923,924,925,926,928,929,930,932,933,935,936,938,940,941,943,945,946,948,950,951,952,953,954,955,956],{"file":202,"line":731,"context":732},1907,"raw output",{"file":734,"line":735,"context":732},"core\\base\\class-ppw-data-migration-manager.php",140,{"file":734,"line":497,"context":732},{"file":738,"line":739,"context":732},"core\\class-ppw-functions.php",348,{"file":738,"line":741,"context":732},352,{"file":738,"line":743,"context":732},355,{"file":738,"line":745,"context":732},357,{"file":738,"line":747,"context":732},358,{"file":738,"line":618,"context":732},{"file":738,"line":358,"context":732},{"file":738,"line":751,"context":732},1006,{"file":753,"line":459,"context":732},"includes\\addons\\beaver-builder\\modules\\ppw-individual-page\\includes\\frontend.php",{"file":755,"line":756,"context":732},"includes\\addons\\elementor\\widgets\\class-ppw-elementor-widget-shortcode.php",235,{"file":755,"line":758,"context":732},250,{"file":760,"line":468,"context":732},"includes\\advanced\\view-ppw-setting.php",{"file":760,"line":217,"context":732},{"file":760,"line":574,"context":732},{"file":764,"line":765,"context":732},"includes\\class-ppw-external-settings.php",16,{"file":767,"line":483,"context":732},"includes\\class-ppw-partial-protection-settings.php",{"file":769,"line":485,"context":732},"includes\\class-ppw-sitewide-settings.php",{"file":404,"line":771,"context":732},116,{"file":425,"line":756,"context":732},{"file":425,"line":774,"context":732},500,{"file":450,"line":776,"context":732},806,{"file":465,"line":305,"context":732},{"file":465,"line":396,"context":732},{"file":482,"line":780,"context":732},731,{"file":489,"line":560,"context":732},{"file":501,"line":783,"context":732},338,{"file":501,"line":621,"context":732},{"file":501,"line":786,"context":732},475,{"file":788,"line":789,"context":732},"includes\\views\\category\\view-option.php",7,{"file":788,"line":485,"context":732},{"file":788,"line":480,"context":732},{"file":788,"line":793,"context":732},35,{"file":795,"line":451,"context":732},"includes\\views\\entire-site\\view-ppw-countdown.php",{"file":797,"line":798,"context":732},"includes\\views\\entire-site\\view-ppw-form-password.php",28,{"file":797,"line":800,"context":732},44,{"file":802,"line":213,"context":732},"includes\\views\\entire-site\\view-ppw-set-password.php",{"file":802,"line":708,"context":732},{"file":802,"line":217,"context":732},{"file":802,"line":806,"context":732},30,{"file":802,"line":527,"context":732},{"file":809,"line":810,"context":732},"includes\\views\\entire-site\\view-ppw-sitewide-expired-cookie.php",32,{"file":809,"line":812,"context":732},33,{"file":809,"line":463,"context":732},{"file":809,"line":582,"context":732},{"file":809,"line":816,"context":732},47,{"file":809,"line":646,"context":732},{"file":819,"line":820,"context":732},"includes\\views\\general\\view-ppw-allowed-regex-password.php",11,{"file":819,"line":208,"context":732},{"file":823,"line":820,"context":732},"includes\\views\\general\\view-ppw-auto-protect-child-page.php",{"file":823,"line":208,"context":732},{"file":823,"line":469,"context":732},{"file":827,"line":820,"context":732},"includes\\views\\general\\view-ppw-custom-column-permission.php",{"file":827,"line":829,"context":732},13,{"file":827,"line":194,"context":732},{"file":832,"line":820,"context":732},"includes\\views\\general\\view-ppw-debug-log.php",{"file":832,"line":208,"context":732},{"file":832,"line":469,"context":732},{"file":836,"line":154,"context":732},"includes\\views\\general\\view-ppw-error-message.php",{"file":836,"line":838,"context":732},9,{"file":836,"line":840,"context":732},14,{"file":842,"line":810,"context":732},"includes\\views\\general\\view-ppw-expired-cookie.php",{"file":842,"line":812,"context":732},{"file":842,"line":463,"context":732},{"file":842,"line":582,"context":732},{"file":842,"line":816,"context":732},{"file":842,"line":646,"context":732},{"file":849,"line":154,"context":732},"includes\\views\\general\\view-ppw-form-message.php",{"file":849,"line":838,"context":732},{"file":849,"line":840,"context":732},{"file":853,"line":789,"context":732},"includes\\views\\general\\view-ppw-general.php",{"file":853,"line":213,"context":732},{"file":853,"line":222,"context":732},{"file":857,"line":208,"context":732},"includes\\views\\general\\view-ppw-hide-protected-post.php",{"file":857,"line":469,"context":732},{"file":857,"line":213,"context":732},{"file":861,"line":118,"context":732},"includes\\views\\general\\view-ppw-notices-cache.php",{"file":863,"line":840,"context":732},"includes\\views\\general\\view-ppw-protect-private-pages.php",{"file":863,"line":485,"context":732},{"file":863,"line":480,"context":732},{"file":863,"line":217,"context":732},{"file":863,"line":463,"context":732},{"file":869,"line":485,"context":732},"includes\\views\\general\\view-ppw-remove-data.php",{"file":869,"line":194,"context":732},{"file":872,"line":873,"context":732},"includes\\views\\general\\view-ppw-remove-search-engine.php",6,{"file":872,"line":875,"context":732},8,{"file":877,"line":838,"context":732},"includes\\views\\general\\view-ppw-whitelist-roles.php",{"file":877,"line":820,"context":732},{"file":877,"line":840,"context":732},{"file":877,"line":208,"context":732},{"file":877,"line":765,"context":732},{"file":877,"line":483,"context":732},{"file":877,"line":485,"context":732},{"file":877,"line":194,"context":732},{"file":877,"line":468,"context":732},{"file":887,"line":146,"context":732},"includes\\views\\meta-box\\view-ppw-meta-box.php",{"file":887,"line":146,"context":732},{"file":890,"line":469,"context":732},"includes\\views\\misc\\view-ppw-no-reload-page.php",{"file":890,"line":476,"context":732},{"file":893,"line":829,"context":732},"includes\\views\\misc\\view-ppw-protect-excerpt.php",{"file":895,"line":840,"context":732},"includes\\views\\misc\\view-ppw-restore-wp-password.php",{"file":895,"line":480,"context":732},{"file":895,"line":468,"context":732},{"file":895,"line":451,"context":732},{"file":895,"line":451,"context":732},{"file":901,"line":194,"context":732},"includes\\views\\misc\\view-ppw-use-another-action-url.php",{"file":901,"line":469,"context":732},{"file":904,"line":589,"context":732},"includes\\views\\partial-protection\\view-ppw-pcp-general.php",{"file":904,"line":906,"context":732},75,{"file":904,"line":96,"context":732},{"file":904,"line":909,"context":732},78,{"file":904,"line":911,"context":732},81,{"file":904,"line":911,"context":732},{"file":914,"line":789,"context":732},"includes\\views\\post_tag\\view-option.php",{"file":914,"line":485,"context":732},{"file":914,"line":480,"context":732},{"file":914,"line":793,"context":732},{"file":919,"line":217,"context":732},"includes\\views\\sidebar\\view-ppw-sidebar.php",{"file":919,"line":812,"context":732},{"file":919,"line":451,"context":732},{"file":919,"line":409,"context":732},{"file":919,"line":416,"context":732},{"file":919,"line":531,"context":732},{"file":570,"line":743,"context":732},{"file":927,"line":589,"context":732},"wpfolio-analytics\\templates\\analytic.php",{"file":927,"line":426,"context":732},{"file":927,"line":447,"context":732},{"file":927,"line":931,"context":732},67,{"file":927,"line":96,"context":732},{"file":927,"line":934,"context":732},83,{"file":927,"line":109,"context":732},{"file":927,"line":937,"context":732},90,{"file":927,"line":939,"context":732},91,{"file":927,"line":94,"context":732},{"file":927,"line":942,"context":732},98,{"file":927,"line":944,"context":732},104,{"file":927,"line":944,"context":732},{"file":947,"line":405,"context":732},"wpfolio-analytics\\templates\\offers.php",{"file":949,"line":480,"context":732},"wpfolio-analytics\\templates\\optout-popup.php",{"file":949,"line":468,"context":732},{"file":949,"line":213,"context":732},{"file":949,"line":213,"context":732},{"file":949,"line":213,"context":732},{"file":949,"line":798,"context":732},{"file":949,"line":459,"context":732},{"file":949,"line":463,"context":732},3,[959],{"name":960,"version":38,"knownCves":961},"Select2",[],[963,980,988,1002,1012,1021,1032,1042,1056,1072],{"entryPoint":964,"graph":965,"unsanitizedCount":48,"severity":41},"entire_site_redirect_after_enter_password (includes\\services\\class-ppw-entire-site.php:97)",{"nodes":966,"edges":978},[967,972],{"id":968,"type":969,"label":970,"file":971,"line":173},"n0","source","$_SERVER","includes\\services\\class-ppw-entire-site.php",{"id":973,"type":974,"label":975,"file":971,"line":976,"wp_function":977},"n1","sink","wp_redirect() [Open Redirect]",109,"wp_redirect",[979],{"from":968,"to":973,"sanitized":605},{"entryPoint":981,"graph":982,"unsanitizedCount":48,"severity":41},"\u003Cclass-ppw-entire-site> (includes\\services\\class-ppw-entire-site.php:0)",{"nodes":983,"edges":986},[984,985],{"id":968,"type":969,"label":970,"file":971,"line":173},{"id":973,"type":974,"label":975,"file":971,"line":976,"wp_function":977},[987],{"from":968,"to":973,"sanitized":605},{"entryPoint":989,"graph":990,"unsanitizedCount":48,"severity":1001},"ppw_free_update_general_settings (admin\\class-ppw-admin.php:540)",{"nodes":991,"edges":999},[992,995],{"id":968,"type":969,"label":993,"file":202,"line":994},"$_REQUEST",567,{"id":973,"type":974,"label":996,"file":202,"line":997,"wp_function":998},"update_option() [Settings Manipulation]",568,"update_option",[1000],{"from":968,"to":973,"sanitized":605},"low",{"entryPoint":1003,"graph":1004,"unsanitizedCount":48,"severity":1001},"ppw_free_update_misc_settings (admin\\class-ppw-admin.php:623)",{"nodes":1005,"edges":1010},[1006,1008],{"id":968,"type":969,"label":993,"file":202,"line":1007},655,{"id":973,"type":974,"label":996,"file":202,"line":1009,"wp_function":998},657,[1011],{"from":968,"to":973,"sanitized":605},{"entryPoint":1013,"graph":1014,"unsanitizedCount":48,"severity":1001},"ppw_free_update_shortcode_settings (admin\\class-ppw-admin.php:666)",{"nodes":1015,"edges":1019},[1016,1018],{"id":968,"type":969,"label":993,"file":202,"line":1017},697,{"id":973,"type":974,"label":996,"file":202,"line":719,"wp_function":998},[1020],{"from":968,"to":973,"sanitized":605},{"entryPoint":1022,"graph":1023,"unsanitizedCount":29,"severity":1001},"ppw_free_update_category_settings (admin\\class-ppw-admin.php:707)",{"nodes":1024,"edges":1030},[1025,1028],{"id":968,"type":969,"label":1026,"file":202,"line":1027},"$_REQUEST (x2)",743,{"id":973,"type":974,"label":996,"file":202,"line":1029,"wp_function":998},851,[1031],{"from":968,"to":973,"sanitized":639},{"entryPoint":1033,"graph":1034,"unsanitizedCount":29,"severity":1001},"ppw_free_update_tag_settings (admin\\class-ppw-admin.php:887)",{"nodes":1035,"edges":1040},[1036,1038],{"id":968,"type":969,"label":1026,"file":202,"line":1037},924,{"id":973,"type":974,"label":996,"file":202,"line":1039,"wp_function":998},1031,[1041],{"from":968,"to":973,"sanitized":639},{"entryPoint":1043,"graph":1044,"unsanitizedCount":48,"severity":1001},"ppw_free_update_entire_site_settings (admin\\class-ppw-admin.php:1042)",{"nodes":1045,"edges":1053},[1046,1048,1051],{"id":968,"type":969,"label":993,"file":202,"line":1047},1068,{"id":973,"type":1049,"label":1050,"file":202,"line":1047},"transform","→ handle_before_update_settings()",{"id":1052,"type":974,"label":996,"file":971,"line":147,"wp_function":998},"n2",[1054,1055],{"from":968,"to":973,"sanitized":605},{"from":973,"to":1052,"sanitized":605},{"entryPoint":1057,"graph":1058,"unsanitizedCount":48,"severity":1001},"\u003Cclass-ppw-admin> (admin\\class-ppw-admin.php:0)",{"nodes":1059,"edges":1068},[1060,1062,1063,1064,1066],{"id":968,"type":969,"label":1061,"file":202,"line":994},"$_REQUEST (x7)",{"id":973,"type":974,"label":996,"file":202,"line":997,"wp_function":998},{"id":1052,"type":969,"label":993,"file":202,"line":1047},{"id":1065,"type":1049,"label":1050,"file":202,"line":1047},"n3",{"id":1067,"type":974,"label":996,"file":971,"line":147,"wp_function":998},"n4",[1069,1070,1071],{"from":968,"to":973,"sanitized":639},{"from":1052,"to":1065,"sanitized":605},{"from":1065,"to":1067,"sanitized":605},{"entryPoint":1073,"graph":1074,"unsanitizedCount":29,"severity":1001},"\u003Cclass-ppw-content-protection> (includes\\services\\class-ppw-content-protection.php:0)",{"nodes":1075,"edges":1085},[1076,1079,1081],{"id":968,"type":969,"label":1077,"file":425,"line":1078},"$_POST",419,{"id":973,"type":1049,"label":1080,"file":425,"line":1078},"→ find_activated_passwords_by_ids()",{"id":1052,"type":974,"label":1082,"file":724,"line":1083,"wp_function":1084},"get_results() [SQLi]",565,"get_results",[1086,1087],{"from":968,"to":973,"sanitized":605},{"from":973,"to":1052,"sanitized":639},{"summary":1089,"deductions":1090},"The 'password-protect-page' plugin v1.9.15 presents a mixed security posture. While it demonstrates good practices like a high percentage of prepared SQL statements and a significant number of output escapes, there are notable areas of concern.  A substantial portion of the attack surface, specifically 17 out of 27 entry points (AJAX handlers and REST API routes), lacks proper authentication checks, creating significant opportunities for unauthorized actions.  The presence of the `unserialize` function, even if not directly linked to a current exploit in the taint analysis, is a known security risk that should be handled with extreme caution.  The vulnerability history reveals a past pattern of medium-severity vulnerabilities, including issues related to insufficient permissions, information exposure, and cross-site scripting. The absence of currently unpatched vulnerabilities is positive, but the historical occurrences suggest potential underlying weaknesses in input validation and permission handling that may not be fully mitigated.",[1091,1093,1095,1097,1099],{"reason":1092,"points":118},"Unprotected AJAX handlers (15)",{"reason":1094,"points":154},"REST API routes without permission callbacks (2)",{"reason":1096,"points":875},"Use of 'unserialize' function",{"reason":1098,"points":600},"Past medium severity vulnerabilities (4)",{"reason":1100,"points":789},"Taint flows with unsanitized paths (7)","2026-03-16T17:23:46.979Z",{"wat":1103,"direct":1118},{"assetPaths":1104,"generatorPatterns":1110,"scriptPaths":1111,"versionParams":1112},[1105,1106,1107,1108,1109],"\u002Fwp-content\u002Fplugins\u002Fpassword-protect-page\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fpassword-protect-page\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fpassword-protect-page\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fpassword-protect-page\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fpassword-protect-page\u002Fassets\u002Fcss\u002Ffrontend.css",[],[1106,1108],[1113,1114,1115,1116,1117],"password-protect-page\u002Fassets\u002Fcss\u002Fadmin.css?ver=","password-protect-page\u002Fassets\u002Fjs\u002Fadmin.js?ver=","password-protect-page\u002Fassets\u002Fcss\u002Fstyle.css?ver=","password-protect-page\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","password-protect-page\u002Fassets\u002Fcss\u002Ffrontend.css?ver=",{"cssClasses":1119,"htmlComments":1121,"htmlAttributes":1123,"restEndpoints":1124,"jsGlobals":1125,"shortcodeOutput":1127},[1120],"ppw-protected-content",[1122],"PPWP - Password Protect WordPress Lite",[],[],[1126],"PPW_Admin",[]]