[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYI64jdjrvPZO2SF8pMpn_Jbmf1BgKfTl94itetiVhtg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":54,"analysis":157,"fingerprints":289},"passwordless-login","Passwordless Login","1.1.4","madalin.ungureanu","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadalinungureanu\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cozmoslabs.com\u002Fadd-ons\u002Fpasswordless-login\u002F\" rel=\"nofollow ugc\">Passwordless Login\u003C\u002Fa> is a modern way of loggin into your WordPress site without the use of a password.\u003C\u002Fp>\n\u003Cp>Join the discussion here: \u003Ca href=\"https:\u002F\u002Fwww.cozmoslabs.com\u002F31550-wordpress-passwordless-login\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.cozmoslabs.com\u002F31550-wordpress-passwordless-login\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This is how it works:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Instead of asking users for a password when they try to log in to your website, we simply ask them for their username or email\u003C\u002Fli>\n\u003Cli>The plugin creates a temporary authorization token and saves it in a WordPress transient that expires after 10 minutes\u003C\u002Fli>\n\u003Cli>Then we send the user an email with a link and the token\u003C\u002Fli>\n\u003Cli>The user clicks the link and sends the authorization code to your server\u003C\u002Fli>\n\u003Cli>The plugin then checks if the code is valid and creates the log in WordPress cookie, successfully authenticating the user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can use the shortcode [passwordless-login] in a page or widget.\u003C\u002Fp>\n\u003Cp>If you’re looking to create front-end user registration and profile forms we recommend \u003Ca href=\"https:\u002F\u002Fwww.cozmoslabs.com\u002Fwordpress-profile-builder\u002F\" rel=\"nofollow ugc\">Profile Builder\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>NOTE:\u003C\u002Fp>\n\u003Cp>Passwordless Authentication dose not replace the default login functionality in WordPress.\u003C\u002Fp>\n","Passwordless login form via a simple to use shortcode: [passwordless-login]",1000,30685,100,10,"2026-02-02T08:30:00.000Z","6.9.4","3.9","",[20,21,22,23,4],"custom-login-form","front-end-login","login-shortcode","passwordless","https:\u002F\u002Fwww.cozmoslabs.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpasswordless-login.1.1.4.zip",1,0,"2024-03-18 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-29143","passwordless-login-authenticated-subscriber-stored-cross-site-scripting","Passwordless Login \u003C= 1.1.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting","The Passwordless Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.1.2","1.1.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-03-22 14:55:42",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faab54795-31e7-4ef4-8a80-7443abaa3f21?source=api-prod",5,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":13,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"madalinungureanu",3,14000,269,79,"2026-04-04T03:48:09.320Z",[55,76,96,115,139],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":18,"download_link":75,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"login-links","Login Links – Passwordless Login, Temporary Access Links & Custom Login Form","2.1.0","Denis Alemán","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenisaleman\u002F","\u003Cp>Login Links allows you to create temporary, password-less access links for existing users or guest accounts. The links can be configured to expire either after a certain period of time or after a set number of successful logins.\u003C\u002Fp>\n\u003Ch3>How Login Link Works\u003C\u002Fh3>\n\u003Cp>A login link is a special link that, when clicked, automatically logs the user in. They don’t need an account. The login occurs either under an existing account or under a temporary account created specifically for this link. The link has an expiration date, after which it is automatically deleted.\u003C\u002Fp>\n\u003Ch3>Provide Temporary Access\u003C\u002Fh3>\n\u003Cp>Create a login link with a specific role for support teams, clients, developers, or guest users who need temporary access to the site, and email it directly to them. They don’t need to create an account or come up with a password, and you won’t have to worry about deleting their account later.\u003C\u002Fp>\n\u003Ch3>Passwordless Access for Users\u003C\u002Fh3>\n\u003Cp>Allow already registered users to log in without a password. Users request a one-time login link by entering the email they used during registration, and the link is sent to that email.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>Temporary Login Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create an unlimited number of temporary login links.\u003C\u002Fli>\n\u003Cli>Choose to log in as an existing user or as a temporary user, which will automatically create a temporary account attached to the link.\u003C\u002Fli>\n\u003Cli>Delete and manage created links through a table interface, allowing you to view and remove links as needed.\u003C\u002Fli>\n\u003Cli>Set expiration limits for each login link based on time or number of logins.\u003C\u002Fli>\n\u003Cli>Expiration can be based on the number of logins, time, or a combination of both, whichever occurs first.\u003C\u002Fli>\n\u003Cli>Send an email invitation with a login link.\u003C\u002Fli>\n\u003Cli>Customize the email’s body and subject text.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Password-less Access\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Allow password-less access for your users.\u003C\u002Fli>\n\u003Cli>Custom login form via shortcode for password-less access.\u003C\u002Fli>\n\u003Cli>Automatic deletion of expired links.\u003C\u002Fli>\n\u003Cli>Automatic generation of a temporary account with a designated role upon link creation.\u003C\u002Fli>\n\u003Cli>Optional password-less access through the standard WordPress login form.\u003C\u002Fli>\n\u003Cli>Ability to disallow password-based access.\u003C\u002Fli>\n\u003C\u002Ful>\n","Create secure self-expiring login links for temporary access and guest users, and enable passwordless login for registered ones.",40,977,80,4,"2025-07-02T22:56:00.000Z","6.8.5","5.5","7.0",[20,72,4,73,74],"login-without-password","secure-login","temporary-access","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-links.2.1.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":86,"last_updated":87,"tested_up_to":68,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":93,"download_link":94,"security_score":13,"vuln_count":26,"unpatched_count":27,"last_vuln_date":95,"fetched_at":29},"temporary-login-without-password","Temporary Login Without Password","1.9.7","storeapps","https:\u002F\u002Fprofiles.wordpress.org\u002Fstoreapps\u002F","\u003Cp>Create secure, self-expiring ⏱️, automatic login links 🔗 for WordPress. Give them to developers when they ask for admin access to your site. Or an editor for a quick review of work done. Login works just by opening the link, no password needed.\u003C\u002Fp>\n\u003Cp>Using the “Temporary Login Without Password” plugin you can create a self-expiring account for someone and give them a special link with which they can login to your WordPress without needing a username and password.\u003C\u002Fp>\n\u003Cp>You can choose when the login expires, as well as the role of the temporary account.\u003C\u002Fp>\n\u003Cp>Really useful when you need to give admin access to a developer for support or for performing routine tasks.\u003C\u002Fp>\n\u003Cp>Read \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F\" rel=\"nofollow ugc\">this article\u003C\u002Fa> to know more about what’s the Current Problem – Creating a Separate Admin Login for Outsiders (Devs\u002F Guest bloggers) and how to avoid this pain, Top Benefits of using this plugin & Why and Who need Temporary Login links.\u003C\u002Fp>\n\u003Ch4>\u003Cstrong>Benefits of Temporary Logins\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>➡️  Create unlimited temporary logins\u003Cbr \u002F>\n  ➡️  Create temporary logins with any role\u003Cbr \u002F>\n  ➡️  No username & password required. Login with just a simple link\u003Cbr \u002F>\n  ➡️  Set account expiry. So, a temporary user can’t login after the expiry time\u003Cbr \u002F>\n  ➡️  Various expiration options like one day, one week, one month, and many more. Also, set a custom date\u003Cbr \u002F>\n  ➡️  Redirect user to a specific page after login\u003Cbr \u002F>\n  ➡️  Set a language for a temporary user\u003Cbr \u002F>\n  ➡️  See the last logged in time of a temporary user\u003Cbr \u002F>\n  ➡️  Also see, how many times a temporary user accessed your setup\u003Cbr \u002F>\n  ➡️  Track user activity with detailed logs to know what each temporary user did\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>\u003Cstrong>For Developers\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cp>If you need an admin access to your client’s WordPress setup to resolve any issues, use following template to ask your client to give you a temporary access to their WordPress setup.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Hi {%customer_name%},\u003C\u002Fp>\n\u003Cp>To allow me to investigate on your site, install & activate the free WordPress plugin – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"ugc\">Temporary Login Without Password\u003C\u002Fa>, and give me admin access to your site via the temporary link generated. Once I’ll get the admin access, I’ll check your site & will try to resolve the issue.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>:\u003Cbr \u002F>\n  Keep the expiry of a temporary login link for one month. Send the created login link as a reply to this email.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Temporary Login Without Password Pro Features\u003C\u002Fh3>\n\u003Cp>➡️ Limit Link Usage: Set a maximum number of times a temporary login link can be used, ensuring controlled, secure access.\u003C\u002Fp>\n\u003Cp>➡️ Instant Admin Alerts: Receive notifications each time a temporary login is accessed, keeping you informed of all activity.\u003C\u002Fp>\n\u003Cp>➡️ Activity Log: View detailed activity of each temporary user to monitor what actions they performed while logged in.\u003C\u002Fp>\n\u003Cp>Ready to take your security and convenience to the next level?\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.icegram.com\u002F?buy-now=445245&qty=1&coupon=tlwp-pro-20&with-cart=1\" rel=\"nofollow ugc\">Upgrade to TLWP Pro\u003C\u002Fa>\u003C\u002Fstrong> today to unlock our advanced features. Experience the full power of secure, temporary, passwordless access for your WordPress \u002F WooCommerce site.\u003C\u002Fp>\n\u003Ch4>What users have to say about Temporary Login Without Password?\u003C\u002Fh4>\n\u003Cp>👉 \u003Cstrong>It works with WordPress.com business plan!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I love this plugin! I got the impression that Temporary Login Without Password plugin would only work with WordPress.org sites. When I had a problem with another plugin, I reached out to their tech support. They recommended Temporary Login. I crossed my fingers, installed it, and it worked like a charm. No more worrying about possibly compromising my sites. When tech support was done, I went into the settings and revoked access. This is a game changer!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fit-works-with-wordpress-com-business-plan\u002F\" rel=\"ugc\">Suzanne Loeb\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Convenient. No rabbit holes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I can’t say I’ve used a whole bunch of these plugins, but I can say I’ve used 2 or 3. This one was the most straight forward and rushing through it I still didn’t run into any issues. The login was shot to the company I needed to let in and I was able to get back to marking things off of my checklist. Highly recommend to anyone that is needing to make a temporary user account for the first time. There’s literally nowhere to get confused from my personal experience\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fconvenient-no-rabbit-holes\u002F\" rel=\"ugc\">Peter Higgins\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Clear and efficient.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Clear and efficient. Nothing to add !\u003Cbr \u002F>\n  Continue like that !\u003Cbr \u002F>\n  Make the world of the web even more fun for all pro and amateur users!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fclear-and-efficient-2\u002F\" rel=\"ugc\">muten7\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Excellent Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Having problems with another plugin the developer recommended TPWP. It does exactly as it states. The developer was able to identify the bug, done without comprising security. The fact it records the access you have granted is a another advantage.\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fexcellent-plugin-3772\u002F\" rel=\"ugc\">mickpamg\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>A huge help and easy!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin was just what I needed to make it easy for support people to come in and get their assessments done then I don’t have to worry about revoking permission…this takes care of that for me! Love it!!!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fa-huge-help-and-easy\u002F\" rel=\"ugc\">bfauscette\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F\" rel=\"ugc\">Temporary Login Without Password plugin review section\u003C\u002Fa> and read our recent reviews.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spread The Love ❤️\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like Temporary Login Without Password, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F#new-post\" rel=\"ugc\">five stars ⭐⭐⭐⭐⭐\u003C\u002Fa> and also spread the word about it via \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fsharer.php?u=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?url=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>. That helps fellow website owners assess Temporary Login Without Password easily and benefit from it!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Next\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like this plugin then consider checking out our other solutions:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-subscribers\u002F\" rel=\"ugc\">Icegram Express\u003C\u002Fa> – A complete newsletter plugin which lets you collect leads, send automated new blog post notification emails, create & send broadcasts, and also manage them all in one single place.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-mailer\u002F\" rel=\"ugc\">Icegram Mailer\u003C\u002Fa> – Reliable built‑in email delivery for WordPress & WooCommerce with real‑time logs, analytics, and a free 200‑email plan.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram\u002F\" rel=\"ugc\">Icegram Engage\u003C\u002Fa> – Popups, Welcome Bar, Opt-ins & Lead Generation plugin\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-rainmaker\u002F\" rel=\"ugc\">Icegram Collect\u003C\u002Fa> – Best form plugin on WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-manager-for-wp-e-commerce\u002F\" rel=\"ugc\">Smart Manager\u003C\u002Fa> – Manage & Bulk edit Products, Orders & more..\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foffermative-discount-pricing-related-products-upsell-funnels-for-woocommerce\u002F\" rel=\"ugc\">Offermative\u003C\u002Fa> – Dynamic discount pricing, related product recommendations, upsells and funnels for WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fduplicate-post-page-copy-clone-wp\u002F\" rel=\"ugc\">Post \u002F Page Duplicate\u003C\u002Fa> – Ultimate one‑click content duplicator for WordPress, letting you clone posts, pages & custom post types effortlessly\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-cookie-manager\u002F\" rel=\"ugc\">Icegram Cookie Manager\u003C\u002Fa> – Customizable cookie consent banner with privacy policy links and styling options for WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fswitch-user-login-by-icegram\u002F\" rel=\"ugc\">Switch User Login\u003C\u002Fa> – Instantly switch between WordPress user accounts from the admin bar for seamless testing, debugging, and multisite\u002FWooCommerce management\u003C\u002Fp>\n\u003Cp>Also, check our other \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fshop\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=sa_products_upsell&utm_content=readme\" rel=\"nofollow ugc\">Premium WooCommerce plugins.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you use WooCommerce? Our analytics tool \u003Ca href=\"https:\u002F\u002Fwww.putler.com\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=putler_outreach&utm_content=readme\" rel=\"nofollow ugc\">Putler\u003C\u002Fa> will help you enriches your store data. Using Putler, you’ll understand your business better and make profitable decisions quickly.\u003C\u002Fp>\n","Create self-expiring, temporary admin accounts. Easily share direct login links (no need for username\u002Fpassword) with your developers or editors.",100000,1865629,1499,"2025-12-22T11:48:00.000Z","3.0.1","5.3",[91,92,4,73,74],"developer-access","magic-pin","http:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemporary-login-without-password.1.9.7.zip","2021-11-15 00:00:00",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":65,"num_ratings":66,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":112,"download_link":113,"security_score":114,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"temporary-login","Temporary Login","1.3.0","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>Temporary Login creates a secure, temporary URL for easy access to your WP admin with no username and password. Share this URL with trusted support agents and colleagues in order to resolve issues quickly, and shut down access as soon as you’re done.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Grant access to your site with a single click; a temporary URL will be created that you can share for admin-level access to your site and it will automatically expire 7 days from creation.\u003C\u002Fli>\n\u003Cli>Extend access – need more time? No problem. Just click to extend access so that users don’t get locked out.\u003C\u002Fli>\n\u003Cli>All done? Revoke access and the link becomes inaccessible.\u003C\u002Fli>\n\u003Cli>Auto disable access – whether you forget to revoke access or lose track of the timing, there’s no need to worry. We will automatically disable the access URL at the expiration, within 7 days.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CONTRIBUTION\u003C\u002Fh4>\n\u003Cp>Would you like to contribute to this plugin? You’re more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Felementor\u002Ftemporary-login\u002F\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. Also, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","Create a secure, temporary URL for easy access to your WP admin.",40000,134160,"2024-11-26T16:13:00.000Z","6.7.5","6.2","7.4",[111,4,74,97],"login","https:\u002F\u002Felementor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemporary-login.1.3.0.zip",92,{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":16,"requires_at_least":128,"requires_php":18,"tags":129,"homepage":134,"download_link":135,"security_score":136,"vuln_count":137,"unpatched_count":27,"last_vuln_date":138,"fetched_at":29},"user-verification","User Verification by PickPlugins","2.0.46","PickPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fpickplugins\u002F","\u003Cp>User Verification – Complete WordPress User Authentication & Security Plugin\u003C\u002Fp>\n\u003Ch3>User Verification by \u003Ca href=\"http:\u002F\u002Fwww.pickplugins.com\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.pickplugins.com\u003C\u002Fa>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fitem\u002Fuser-verification\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.pickplugins.com\u002Fsupport\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpickplugins.com\u002Fdocumentation\u002Fuser-verification\u002F?ref=wordpress.org\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Secure Your WordPress Site with Advanced User Verification & Authentication\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>User Verification\u003C\u002Fstrong> is a comprehensive WordPress security plugin that provides multiple layers of user authentication and spam protection to safeguard your website from unauthorized access and malicious registrations.\u003C\u002Fp>\n\u003Ch3>🔐 Key Features\u003C\u002Fh3>\n\u003Ch4>\u003Cstrong>Email Verification System\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mandatory Email Verification\u003C\u002Fstrong>: Ensure all new users verify their email addresses before accessing your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Verification Pages\u003C\u002Fstrong>: Choose custom redirect pages for successful and failed verifications  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Login\u003C\u002Fstrong>: Seamlessly log users in after successful email verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Control\u003C\u002Fstrong>: Exclude specific user roles (like Administrators) from verification requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Configuration\u003C\u002Fstrong>: Enable\u002Fdisable email verification with simple toggle controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Magic Login (Passwordless Authentication)\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>🆕 NEW Feature\u003C\u002Fstrong>: Enable secure passwordless login for enhanced user experience\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email-Based Authentication\u003C\u002Fstrong>: Users receive login links directly in their inbox\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Key Length\u003C\u002Fstrong>: Set secure authentication key length (default: 6 characters)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attempt Limits\u003C\u002Fstrong>: Configure maximum login attempts for security (default: 3 attempts)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Redirect Pages\u003C\u002Fstrong>: Set specific pages for successful logins, failures, and magic login forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Verification Integration\u003C\u002Fstrong>: Require verified emails for magic login access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Implementation\u003C\u002Fstrong>: Simple shortcode \u003Ccode>[user_verification_magic_login_form]\u003C\u002Fcode> for frontend display\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>OTP (One-Time Password) Login\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>SMS\u002FEmail OTP\u003C\u002Fstrong>: Secure one-time password authentication system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable OTP Length\u003C\u002Fstrong>: Customize OTP length (default: 6 digits)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Character Flexibility\u003C\u002Fstrong>: Support for numbers, uppercase, lowercase, and special characters\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Success\u002FError Messages\u003C\u002Fstrong>: Personalized user feedback for OTP processes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post-Login Redirects\u003C\u002Fstrong>: Direct users to specific pages after successful authentication\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Integration\u003C\u002Fstrong>: Simple shortcode \u003Ccode>[user_verification_otp_login_form]\u003C\u002Fcode> implementation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Advanced Spam Protection\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Domain Blocking\u003C\u002Fstrong>: Block registrations from specific email domains\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Domain Allowlist\u003C\u002Fstrong>: Allow only approved email domains for registration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Username Protection\u003C\u002Fstrong>: Block specific usernames from registration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Domain Management\u003C\u002Fstrong>: Easy-to-use interface for managing blocked\u002Fallowed domains\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>reCAPTCHA Integration\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google reCAPTCHA v2\u003C\u002Fstrong>: Complete bot protection with checkbox verification\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Implementation Points\u003C\u002Fstrong>: Add reCAPTCHA to login, registration, password reset, and comment forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Ready\u003C\u002Fstrong>: Full integration with WooCommerce forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong>: Simple setup with site key and secret key\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>User Management Tools\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Unverified User Cleanup\u003C\u002Fstrong>: Automatically delete unverified user accounts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Existing User Verification\u003C\u002Fstrong>: Mark existing users as verified with customizable intervals\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Status Monitoring\u003C\u002Fstrong>: Track verification status across your user base\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Email Customization\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Email Templates\u003C\u002Fstrong>: Personalize verification and notification emails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPAutoP Support\u003C\u002Fstrong>: Enable\u002Fdisable automatic paragraph formatting in emails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Branded Communications\u003C\u002Fstrong>: Add your logo and customize email appearance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Email Types\u003C\u002Fstrong>: Templates for registration, verification, OTP, magic login, and activation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>WooCommerce Compatibility\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>E-commerce Ready\u003C\u002Fstrong>: Full integration with WooCommerce login, registration, and password reset forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer Protection\u003C\u002Fstrong>: Prevent fake customer registrations and protect customer data\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Experience\u003C\u002Fstrong>: Maintain smooth checkout process while ensuring security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎯 Perfect For:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Membership Sites\u003C\u002Fstrong>: Protect exclusive content with verified users only\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-commerce Stores\u003C\u002Fstrong>: Prevent fake customer accounts and fraudulent orders  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Corporate Websites\u003C\u002Fstrong>: Ensure legitimate user registrations for business platforms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Community Forums\u003C\u002Fstrong>: Maintain quality user base with verified members\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Educational Platforms\u003C\u002Fstrong>: Secure student and instructor account creation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Any WordPress Site\u003C\u002Fstrong>: Enhance security for blogs, portfolios, and business websites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚡ Easy Setup & Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>User-Friendly Interface\u003C\u002Fstrong>: Intuitive admin dashboard for all configurations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Ready\u003C\u002Fstrong>: Simple shortcodes for frontend form implementation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-Click Configuration\u003C\u002Fstrong>: Enable\u002Fdisable features with simple toggle switches\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Documentation\u003C\u002Fstrong>: Detailed setup guides and troubleshooting support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 Technical Specifications\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Compatibility\u003C\u002Fstrong>: Works with latest WordPress versions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP 7.4+ Support\u003C\u002Fstrong>: Modern PHP compatibility for optimal performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile Responsive\u003C\u002Fstrong>: All forms and interfaces work perfectly on mobile devices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation Ready\u003C\u002Fstrong>: Multi-language support for global websites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong>: Clean code structure with hooks and filters for customization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📧 Default Email Configuration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Professional Setup\u003C\u002Fstrong>: Comes with pre-configured professional email settings\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom From Address\u003C\u002Fstrong>: Set your preferred sender email (e.g., public.nurhasan@gmail.com)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Branded Sender Name\u003C\u002Fstrong>: Customize sender name (default: wordpress)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template Variety\u003C\u002Fstrong>: Multiple email templates for different verification scenarios\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Why Choose User Verification?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Complete Security Solution\u003C\u002Fstrong>: Multiple authentication methods in one plugin\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero Spam Guarantee\u003C\u002Fstrong>: Advanced filtering eliminates fake registrations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Experience Focused\u003C\u002Fstrong>: Smooth verification process that doesn’t frustrate legitimate users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly Customizable\u003C\u002Fstrong>: Adapt every aspect to match your site’s needs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regular Updates\u003C\u002Fstrong>: Continuously updated with new features and security improvements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional Support\u003C\u002Fstrong>: Dedicated support for setup and troubleshooting\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Installation & Usage\u003C\u002Fh3>\n\u003Cp>Simply install the plugin, configure your preferred verification methods, and add the provided shortcodes to your pages. The plugin integrates seamlessly with WordPress default forms and popular plugins like WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Transform your WordPress site security today with User Verification – the most comprehensive user authentication plugin available.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Ch3>Spam Protection by [https:\u002F\u002Fisspammy.com](http:\u002F\u002Fisspammy.com)\u003C\u002Fh3>\n\u003Cp>isspammy.com is owned by PickPlugins and it’s used to protect spam users from login in, registering, commenting, posting reviews and etc. Once you mark a comment as spam it will send a request to isspammy.com and it will create a record for this mail and marked as spam, so later when the same email is used to post a comment it will block them as a spammer. isspammy.com is commited to keep user email private and only accessible when requested.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fisspammy.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">isspammy.com\u002Fprivacy-policy\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fisspammy.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">isspammy.com\u002FAbout Us\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Email verification for user registration to protect spam.",5000,330832,90,63,"2026-02-14T03:45:00.000Z","4.1",[130,131,132,133,4],"email-otp","email-validation","email-verification","hide-login","http:\u002F\u002Fpickplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-verification.zip",88,2,"2025-12-04 17:39:15",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":147,"downloaded":148,"rating":149,"num_ratings":150,"last_updated":151,"tested_up_to":70,"requires_at_least":152,"requires_php":109,"tags":153,"homepage":155,"download_link":156,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"magic-login","Magic Login – Passwordless Authentication for WordPress – Login Without Password","2.7.1","handyplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fhandyplugins\u002F","\u003Cp>Easy, secure, and passwordless authentication for WordPress.\u003C\u002Fp>\n\u003Cp>Streamline the login process by sending links to your users. No more passwords to remember, no more password resets, and no more password strength requirements.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fmagic-login-pro\u002F\" rel=\"nofollow ugc\">Learn more about Magic Login\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Key Features 🌟\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Passwordless Authentication\u003C\u002Fstrong>: No more forgotten passwords or complex requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Magic Links\u003C\u002Fstrong>: Secure, unique links sent directly to users’ email inboxes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Login\u003C\u002Fstrong>: Support for auto-login links in outgoing emails. It’s useful when pending action from a user, such as reply a comment, complete the checkout, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Friendly\u003C\u002Fstrong>: Simplifies the login process for all users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security\u003C\u002Fstrong>: Reduces risks associated with weak passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tools\u003C\u002Fstrong>:  Export, import, and reset plugin settings easily from the admin panel or WP-CLI. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-tools\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How does it work? 🪄\u003C\u002Fh4>\n\u003Col>\n\u003Cli>User enters their email address.\u003C\u002Fli>\n\u003Cli>A unique magic link is sent to their inbox.\u003C\u002Fli>\n\u003Cli>Clicking the link authenticates and logs in the user.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>PRO Features 🎩\u003C\u002Fh4>\n\u003Cp>Here are the premium features that come with Magic Login Pro:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>SMS Login:\u003C\u002Fstrong> Send magic login links via SMS. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fpasswordless-authentication-with-sms\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>QR Code Login:\u003C\u002Fstrong> Let users log in by scanning a QR code. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fqr-code-login\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registration:\u003C\u002Fstrong> Enable easy user registration directly from the login form or with a shortcode. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-registration\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CLI Command:\u003C\u002Fstrong> Use WP-CLI to create login links, generate QR codes, export\u002Fimport settings, and more. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-cli-command\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute Force Protection:\u003C\u002Fstrong> Limit rate of login attempts and block IP temporarily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login request throttling:\u003C\u002Fstrong> Limit login link generation for a certain period.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Check:\u003C\u002Fstrong> Enhance the security by restricting users to log in from the same IP address that requested the link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Domain Restriction:\u003C\u002Fstrong> Allow only certain domains to use the magic link.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Email Customization:\u003C\u002Fstrong> Customize login message by using email placeholders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Redirect:\u003C\u002Fstrong> Redirect users to a specific page right after login. You can also redirect different pages based on the user role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Integration:\u003C\u002Fstrong> Seamless checkout experience for returning customers. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-woocommerce-integration\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Digital Downloads (EDD) Integration:\u003C\u002Fstrong> Enhance the checkout experience with seamless magic login support. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-edd-integration\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FluentCRM Integration:\u003C\u002Fstrong> Send magic login links directly via FluentCRM. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-fluent-crm\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>reCAPTCHA Integration:\u003C\u002Fstrong> Safeguard your login and registration forms from spam with Google reCAPTCHA. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-spam-protection\u002F#1-toc-title\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile Integration:\u003C\u002Fstrong> Enhance spam protection for your login and registration forms using Cloudflare Turnstile. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-spam-protection\u002F#2-toc-title\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Friendly Captcha Integration:\u003C\u002Fstrong> Protect your login and registration forms from bots with privacy-friendly Friendly Captcha. \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-spam-protection\u002F#3-toc-title\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Support:\u003C\u002Fstrong> Integrate Magic Login with your custom applications using the REST API.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By upgrading to Magic Login Pro you also get access to one-on-one help from our knowledgeable support team and our extensive documentation site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fmagic-login-pro\u002F\" rel=\"nofollow ugc\">Explore Magic Login Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Our documentation can be found on \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs-category\u002Fmagic-login-pro\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fhandyplugins.co\u002Fdocs-category\u002Fmagic-login-pro\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Hook reference: \u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-hooks-doc\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fhandyplugins.co\u002Fdocs\u002Fmagic-login-hooks-doc\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Contributing & Bug Report\u003C\u002Fh4>\n\u003Cp>Bug reports and pull requests are welcome on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FHandyPlugins\u002Fmagic-login\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Some of our features are pro only, please consider before sending PR.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you like Magic Login, then consider checking out our other projects:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fmagic-login-pro\u002F\" rel=\"friend nofollow ugc\">Magic Login Pro\u003C\u002Fa> – Easy, secure, and passwordless authentication for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Feasy-text-to-speech\u002F\" rel=\"friend nofollow ugc\">Easy Text-to-Speech for WordPress\u003C\u002Fa> – Transform your textual content into high-quality synthesized speech with Amazon Polly.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fhandywriter\u002F\" rel=\"friend nofollow ugc\">Handywriter\u003C\u002Fa> – AI-powered writing assistant that can help you create content for your WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fpaddlepress-pro\u002F\" rel=\"friend nofollow ugc\">PaddlePress PRO\u003C\u002Fa> – Paddle Plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpoweredcache.com\u002F\" rel=\"friend nofollow ugc\">Powered Cache\u003C\u002Fa> – Caching and Optimization for WordPress – Easily Improve PageSpeed & Web Vitals Score\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhandyplugins.co\u002Fwp-accessibility-toolkit\u002F\" rel=\"friend nofollow ugc\">WP Accessibility Toolkit\u003C\u002Fa> – A collection of tools to help you make your WordPress more accessible.\u003C\u002Fli>\n\u003C\u002Ful>\n","Passwordless login for WordPress. Streamline the login process by sending magic links to your users.",2000,59224,96,25,"2026-03-15T13:35:00.000Z","5.0",[111,154,140,23,4],"magic-link","https:\u002F\u002Fhandyplugins.co\u002Fmagic-login-pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmagic-login.2.7.1.zip",{"attackSurface":158,"codeSignals":213,"taintFlows":230,"riskAssessment":281,"analyzedAt":288},{"hooks":159,"ajaxHandlers":206,"restRoutes":207,"shortcodes":208,"cronEvents":212,"entryPointCount":26,"unprotectedCount":27},[160,166,170,175,179,183,187,192,195,199,202],{"type":161,"name":162,"callback":163,"file":164,"line":165},"action","admin_notices","add_admin_notice","inc\\wpa.class.notices.php",27,{"type":161,"name":167,"callback":168,"file":164,"line":169},"admin_init","dismiss_notification",28,{"type":161,"name":171,"callback":172,"file":173,"line":174},"init","wpa_load_plugin_textdomain","passwordless_login.php",51,{"type":161,"name":176,"callback":177,"priority":137,"file":173,"line":178},"admin_menu","wpa_register_basic_info_submenu_page",64,{"type":161,"name":180,"callback":181,"file":173,"line":182},"admin_enqueue_scripts","wpa_print_script",122,{"type":161,"name":184,"callback":185,"file":173,"line":186},"wp_print_styles","wpa_add_plugin_stylesheet",137,{"type":188,"name":189,"callback":190,"file":173,"line":191},"filter","widget_text","do_shortcode",217,{"type":161,"name":171,"callback":193,"file":173,"line":194},"wpa_send_login_request",264,{"type":188,"name":196,"callback":197,"file":173,"line":198},"wp_mail_content_type","closure",294,{"type":161,"name":171,"callback":200,"file":173,"line":201},"wpa_autologin_via_url",347,{"type":161,"name":167,"callback":203,"priority":204,"file":173,"line":205},"wpa_admin_general_notices",9,475,[],[],[209],{"tag":4,"callback":210,"file":173,"line":211},"wpa_front_end_login",215,[],{"dangerousFunctions":214,"sqlUsage":215,"outputEscaping":217,"fileOperations":27,"externalRequests":27,"nonceChecks":49,"capabilityChecks":26,"bundledLibraries":229},[],{"prepared":27,"raw":27,"locations":216},[],{"escaped":150,"rawEcho":46,"locations":218},[219,221,223,225,227],{"file":173,"line":52,"context":220},"raw output",{"file":173,"line":222,"context":220},164,{"file":173,"line":224,"context":220},167,{"file":173,"line":226,"context":220},173,{"file":173,"line":228,"context":220},176,[],[231,259,269],{"entryPoint":232,"graph":233,"unsanitizedCount":26,"severity":258},"wpa_front_end_login (passwordless_login.php:146)",{"nodes":234,"edges":253},[235,240,246,248],{"id":236,"type":237,"label":238,"file":173,"line":239},"n0","source","$_POST",148,{"id":241,"type":242,"label":243,"file":173,"line":244,"wp_function":245},"n1","sink","update_option() [Settings Manipulation]",160,"update_option",{"id":247,"type":237,"label":238,"file":173,"line":239},"n2",{"id":249,"type":242,"label":250,"file":173,"line":251,"wp_function":252},"n3","echo() [XSS]",198,"echo",[254,256],{"from":236,"to":241,"sanitized":255},false,{"from":247,"to":249,"sanitized":257},true,"low",{"entryPoint":260,"graph":261,"unsanitizedCount":27,"severity":258},"wpa_send_login_request (passwordless_login.php:251)",{"nodes":262,"edges":267},[263,265],{"id":236,"type":237,"label":238,"file":173,"line":264},257,{"id":241,"type":242,"label":243,"file":173,"line":266,"wp_function":245},261,[268],{"from":236,"to":241,"sanitized":257},{"entryPoint":270,"graph":271,"unsanitizedCount":27,"severity":258},"\u003Cpasswordless_login> (passwordless_login.php:0)",{"nodes":272,"edges":278},[273,275,276,277],{"id":236,"type":237,"label":274,"file":173,"line":239},"$_POST (x2)",{"id":241,"type":242,"label":243,"file":173,"line":244,"wp_function":245},{"id":247,"type":237,"label":238,"file":173,"line":239},{"id":249,"type":242,"label":250,"file":173,"line":251,"wp_function":252},[279,280],{"from":236,"to":241,"sanitized":257},{"from":247,"to":249,"sanitized":257},{"summary":282,"deductions":283},"The \"passwordless-login\" v1.1.4 plugin exhibits a generally good security posture, with no unprotected entry points identified in the static analysis and all SQL queries utilizing prepared statements. The code demonstrates a focus on security by implementing nonce and capability checks. However, a significant concern arises from the taint analysis, which reveals one flow with an unsanitized path. While the severity of this specific flow is not classified as critical or high, it represents a potential avenue for malicious input to be processed without adequate sanitization, which could lead to unexpected behavior or security vulnerabilities.\n\nThe plugin's vulnerability history shows one known CVE, classified as medium severity, related to Cross-Site Scripting. The fact that this vulnerability is no longer present in the analyzed version is positive, but the existence of past XSS issues suggests a potential area of weakness that may require ongoing vigilance.  While the plugin demonstrates strengths in its secure handling of database queries and entry points, the presence of an unsanitized path in the taint analysis and a history of XSS vulnerabilities warrant careful consideration. The overall risk is moderate, with the unsanitized path being the primary current concern that needs further investigation.",[284,286],{"reason":285,"points":14},"Flow with unsanitized path detected",{"reason":287,"points":46},"Past medium severity XSS vulnerability","2026-03-16T19:01:35.551Z",{"wat":290,"direct":299},{"assetPaths":291,"generatorPatterns":294,"scriptPaths":295,"versionParams":296},[292,293],"\u002Fwp-content\u002Fplugins\u002Fpasswordless-login\u002Fassets\u002Fstyle-back-end.css","\u002Fwp-content\u002Fplugins\u002Fpasswordless-login\u002Fassets\u002Fstyle-front-end.css",[],[],[297,298],"passwordless-login\u002Fassets\u002Fstyle-back-end.css?ver=","passwordless-login\u002Fassets\u002Fstyle-front-end.css?ver=",{"cssClasses":300,"htmlComments":313,"htmlAttributes":314,"restEndpoints":316,"jsGlobals":317,"shortcodeOutput":319},[301,302,303,304,305,306,307,308,309,310,311,312],"wpa-wrap","wpa-info-wrap","wpa-badge","wpa-info-text","wpa-row","wpa-2-col","wpa-callout","wpa-3-col","wpa-box","wpa-success","wpa-alert","wpa-error",[],[315],"data-target",[],[318],"PASSWORDLESS_LOGIN_VERSION",[320],"[passwordless-login]"]