[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGHSe7Qn_Qe0TlWiad64hYRCZa6IVzeJ51XZIePpp5Fs":3,"$f5GTrtXxNvWXoyG5hWOKQe_JoMEbng0OyR9iBGzWAc34":99,"$fxh2AnUlo7CBU-nAztMaCNg8v6ganLS8yXb3g0mNzoTs":104},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":33,"analysis":34,"fingerprints":70},"passwordless-entry","Passwordless Entry","1.0","JohnoTheCoder","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnothecoder\u002F","\u003Cp>WordPress Passwordless Entry is a plugin which allows users to authenticate into a WordPress installation against an existing account, without knowledge of the password for that account.\u003C\u002Fp>\n\u003Cp>This is done by sending a single time authentication code to the email address for that user.\u003C\u002Fp>\n\u003Cp>The reason I have developed this plugin is that I manage many WordPress installations, and some are within directories of a domain (meaning multiple sets of user credentials for the same domain, breaking most browser password memory functionalities).\u003C\u002Fp>\n\u003Cp>When users forget their passwords, or are using very secure passwords across multiple devices, the easiest way back into their account is to request a password reset, follow the link in their email, set a new password, and then log in using that password. Repeating this process again every time they wish to authenticate.\u003C\u002Fp>\n\u003Cp>If, like me, you use secure passwords generated by Safari or Chrome, you’ll never remember them. To shorten this workflow, an email is sent to your account (if an account is found by the specified email) with a link to log in, this link is only valid for one time use, and is only valid for 5 minutes. The code in the URL is generated by WP password generation.\u003C\u002Fp>\n\u003Cp>Please note, that for all intents and purposes this does not conform to the specification of multi-factor authentication, as we do not verify the password of the user (this would defeat the point of the plugin), instead for two factor authentication we suggest using WordFence (we’d advise putting this on your site anyway, to protect security and authentication).\u003C\u002Fp>\n","WordPress Passwordless Entry is a plugin which allows users to authenticate into a WordPress installation against an existing account, without knowled …",10,1735,0,"2021-05-01T10:24:00.000Z","5.7.15","5.7.0","",[19],"authentication-passwordless-administration-admin-2fa","https:\u002F\u002Fjtclabs.com\u002Fwp-passwordless-entry","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpasswordless-entry.1.0.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"johnothecoder",1,30,84,"2026-05-20T00:14:01.689Z",[],{"attackSurface":35,"codeSignals":51,"taintFlows":58,"riskAssessment":59,"analyzedAt":69},{"hooks":36,"ajaxHandlers":43,"restRoutes":44,"shortcodes":45,"cronEvents":50,"entryPointCount":29,"unprotectedCount":13},[37],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","init","ple_controller","passwordless-entry.php",66,[],[],[46],{"tag":47,"callback":48,"file":41,"line":49},"ple","ple_shortcode",67,[],{"dangerousFunctions":52,"sqlUsage":53,"outputEscaping":55,"fileOperations":29,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":57},[],{"prepared":13,"raw":13,"locations":54},[],{"escaped":13,"rawEcho":13,"locations":56},[],[],[],{"summary":60,"deductions":61},"The \"passwordless-entry\" v1.0 plugin exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and the complete output escaping are strong indicators of developers adhering to secure coding practices. Furthermore, the lack of any recorded vulnerabilities in its history suggests a mature and stable codebase. The plugin's limited attack surface, with only one shortcode and no AJAX handlers or REST API routes exposed without authentication, further contributes to its perceived safety.",[62,65,67],{"reason":63,"points":64},"One file operation detected.",5,{"reason":66,"points":11},"No nonce checks implemented.",{"reason":68,"points":11},"No capability checks implemented.","2026-04-16T12:44:28.034Z",{"wat":71,"direct":80},{"assetPaths":72,"generatorPatterns":75,"scriptPaths":76,"versionParams":77},[73,74],"\u002Fwp-content\u002Fplugins\u002Fpasswordless-entry\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fpasswordless-entry\u002Fscript.js",[],[74],[78,79],"passwordless-entry\u002Fstyle.css?ver=","passwordless-entry\u002Fscript.js?ver=",{"cssClasses":81,"htmlComments":82,"htmlAttributes":84,"restEndpoints":88,"jsGlobals":89,"shortcodeOutput":91},[],[83],"\u003C!-- Passwordless Entry -->",[85,86,87],"data-ple-id","data-ple-name","data-ple-email",[],[90],"ple_data",[92,93,94,95,96,97,98],"\u003Cform method=\"post\" action=\"\">","\u003Clabel for=\"ple-email\">Email Address\u003C\u002Flabel>","\u003Cinput type=\"email\" id=\"ple-email\" name=\"ple_email\" required>","\u003Cbutton type=\"submit\">Request Passwordless Entry\u003C\u002Fbutton>","\u003C\u002Fform>","\u003Cp>A passwordless entry link has been sent to your email address.\u003C\u002Fp>","\u003Cp>Success! You have been logged in.\u003C\u002Fp>",{"error":100,"url":101,"statusCode":102,"statusMessage":103,"message":103},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpasswordless-entry\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":105,"versions":106},2,[107,115],{"version":108,"download_url":109,"svn_tag_url":110,"released_at":23,"has_diff":111,"diff_files_changed":112,"diff_lines":23,"trac_diff_url":113,"vulnerabilities":114,"is_current":111},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpasswordless-entry.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpasswordless-entry\u002Ftags\u002F1.0.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpasswordless-entry%2Ftags%2F1.0.0&new_path=%2Fpasswordless-entry%2Ftags%2F1.0.1",[],{"version":116,"download_url":21,"svn_tag_url":117,"released_at":23,"has_diff":111,"diff_files_changed":118,"diff_lines":23,"trac_diff_url":23,"vulnerabilities":119,"is_current":111},"1.0.0","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpasswordless-entry\u002Ftags\u002F1.0.0\u002F",[],[]]