[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f87XzeKq4vBgtr7bTmzouK4ydR5ZzPE2GjPIgvaQchro":3,"$fOf0WKtgY0t0nvp0zIVNyHP34mzkfmyVgvMUxnpY3H_k":233,"$fH8t0ya0Y8dPiBhgGQZKQuIFKd0xnW0cR-hUXpKZHUYM":238},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":38,"analysis":143,"fingerprints":211},"private-buddypress","Private BuddyPress","1.0.4","Dennis","https:\u002F\u002Fprofiles.wordpress.org\u002Fgigalinux\u002F","\u003Cp>Protect your BuddyPress Installation from strangers. Only registered users will be allowed to view the installation and all other users will be redirected to the login page. Users attempting to view blog content via RSS are also authenticated via HTTP Auth.\u003C\u002Fp>\n\u003Cp>You can exclude the registration, the homepage and blog pages (e.g. posts, archives and non-buddypress pages) from protection. In combination with the plugin ‘Invitation Code Checker’ your installation stays private but the registration is for users with a special password open.\u003C\u002Fp>\n\u003Cp>The plugin includes a German and Hebrew (thanks to gstupp) translation.\u003C\u002Fp>\n","Protect your BuddyPress Installation from strangers. Only registered users will be allowed to view the installation.",80,31507,100,2,"2011-01-23T23:03:00.000Z","",[18,19,20,21,22],"buddypress","privacy","private","protect","protection","http:\u002F\u002Fbp-tutorials.de\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-buddypress.1.0.4.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":25,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"gigalinux",4,120,30,84,"2026-05-20T18:07:27.692Z",[39,55,77,103,122],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":13,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":16,"requires_php":51,"tags":52,"homepage":53,"download_link":54,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"lh-private-buddypress","LH Private BuddyPress","1.12","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>Protect your BuddyPress Installation from strangers. Only registered users will be allowed to view view directory pages, activity and profile pages. Users attempting to view blog content via RSS are also authenticated via HTTP Auth.\u003C\u002Fp>\n\u003Cp>This plugin is inspired by the Private Buddypress plugin by Dennis Morhardt. I rewrote it to provide a solution that followed the WordPress coding stndards and the decisions rather than options philosophy. I deploy this on my own multisite environment where I don’t want public profiles, activity or members directories (and where I don’t want site admins changing this).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-private-buddypress\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-private-buddypress\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect your BuddyPress Installation from strangers. Only registered users will be allowed to view directory pages, activity and profile pages.",11941,5,"2022-07-30T15:34:00.000Z","6.0.11","5.6",[18,19,20,21,22],"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-private-buddypress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-private-buddypress.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":16,"tags":70,"homepage":74,"download_link":75,"security_score":76,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wp-force-login","Force Login","5.6.3","Kevin Vess","https:\u002F\u002Fprofiles.wordpress.org\u002Fkevinvess\u002F","\u003Cp>Easily hide your WordPress site from public viewing by requiring visitors to log in first. As simple as flipping a switch.\u003C\u002Fp>\n\u003Cp>Make your website private until it’s ready to share publicly, or keep it private for members only.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Multisite compatible.\u003C\u002Fli>\n\u003Cli>Login redirects visitors back to the url they tried to visit.\u003C\u002Fli>\n\u003Cli>Extensive Developer API (hooks & filters).\u003C\u002Fli>\n\u003Cli>Customizable. Set a specific URL to always redirect to on login.\u003C\u002Fli>\n\u003Cli>Filter exceptions for certain pages or posts.\u003C\u002Fli>\n\u003Cli>Restrict REST API to authenticated users.\u003C\u002Fli>\n\u003Cli>Translation Ready & WPML certified.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Bug Reports\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Bug reports for \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkevinvess\u002Fwp-force-login\" rel=\"nofollow ugc\">Force Login are welcomed on GitHub\u003C\u002Fa>. Please note that GitHub is \u003Cem>not\u003C\u002Fem> a support forum.\u003C\u002Fp>\n","Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.",30000,9119327,96,101,"2025-02-07T16:57:00.000Z","6.7.5","4.6",[19,20,71,72,73],"protected","registered-only","restricted","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-login\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-force-login.5.6.3.zip",92,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":98,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":26,"last_vuln_date":102,"fetched_at":28},"cryptx","CryptX","4.0.11","Ralf Weber","https:\u002F\u002Fprofiles.wordpress.org\u002Fd3395\u002F","\u003Cp>No more SPAM by spiders scanning your site for email addresses. With CryptX you can hide all your email addresses, with and without a mailto-link, by converting them using javascript or UNICODE.\u003C\u002Fp>\n\u003Cp>CryptX protects your email addresses from spambots while keeping them readable and functional for your visitors. The plugin automatically detects email addresses in your content and encrypts them using various methods including JavaScript encryption, Unicode conversion, and image replacement.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Email Detection\u003C\u002Fstrong> – Finds and encrypts email addresses in posts, pages, comments, and widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple Encryption Methods\u003C\u002Fstrong> – JavaScript, Unicode, image replacement, and custom text options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Support\u003C\u002Fstrong> – Works with text widgets and other widget content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS Feed Control\u003C\u002Fstrong> – Option to disable encryption in RSS feeds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist Support\u003C\u002Fstrong> – Exclude specific domains from encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Per-Post Control\u003C\u002Fstrong> – Enable\u002Fdisable encryption on individual posts and pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode Support\u003C\u002Fstrong> – Use \u003Ccode>[cryptx]email@example.com[\u002Fcryptx]\u003C\u002Fcode> for manual encryption\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template Functions\u003C\u002Fstrong> – Developer-friendly functions for theme integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fweber-nrw.de\u002Fwordpress\u002Fcryptx\u002F\" title=\"Plugin Homepage\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa>\u003C\u002Fp>\n","No more SPAM by spiders scanning your site for email addresses!",10000,281526,88,19,"2025-12-18T08:01:00.000Z","6.9.4","6.7","8.3",[94,95,96,19,97],"antispam","email-encryption","mail","spam-protection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcryptx\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcryptx.4.0.11.zip",99,1,"2025-12-04 20:35:36",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":85,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":90,"requires_at_least":115,"requires_php":51,"tags":116,"homepage":120,"download_link":121,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"gdpr","GDPR","2.1.2","Trew Knowledge","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrewknowledge\u002F","\u003Cp>This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Collaboration\u003C\u002Fh3>\n\u003Cp>You can send your pull request at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002Fgdpr\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002Fgdpr\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcodes & helper functions\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u002FFunctions-&-Shortcodes\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftrewknowledge\u002FGDPR\u002Fwiki\u002FFunctions-&-Shortcodes\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Consent management\u003C\u002Fli>\n\u003Cli>Privacy Preference management for Cookies with front-end preference UI & banner notifications\u003C\u002Fli>\n\u003Cli>Privacy Policy page configurations with version control and re-consent management\u003C\u002Fli>\n\u003Cli>Rights to erasure & deletion of website data with a double opt-in confirmation email\u003C\u002Fli>\n\u003Cli>Re-assignment of user data on erasure requests & pseudonymization of user website data\u003C\u002Fli>\n\u003Cli>Data Processor settings and publishing of contact information\u003C\u002Fli>\n\u003Cli>Right to access data by admin dashboard with email look up and export\u003C\u002Fli>\n\u003Cli>Right to access data by Data Subject with front-end requests button & double opt-in confirmation email\u003C\u002Fli>\n\u003Cli>Right to portability & export of data by Admin or Data Subject in XML or JSON formats\u003C\u002Fli>\n\u003Cli>Encrypted audit logs for the lifetime of Data Subject compliance activity\u003C\u002Fli>\n\u003Cli>Data Subject Secret Token for two-factor decryption and recovery of data\u003C\u002Fli>\n\u003Cli>Data breach notification logs and batch email notifications to Data Subjects\u003C\u002Fli>\n\u003Cli>Telemetry Tracker for visualizing plugins and website data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>General\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>From the Settings options in the dashboard, you can select the Privacy Policy page for tracking and logging consent.\u003C\u002Fp>\n\u003Cp>On login, the user must consent to the Privacy Policy outlined on the site. If the user does not consent, the user will not be registered or logged in.\u003C\u002Fp>\n\u003Cp>If the site owner updates the Privacy Policy page content, the change will be logged and flagged to the admin that they must notify users on next login to seek re-consent. Additionally, the warning message can be dismissed in the event of a minor correction or mistake.\u003C\u002Fp>\n\u003Cp>Additionally, under General Settings the Admin can set the outgoing email limitation which would set the batch notification email limit per hour in the event of a Breach Notification.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cookie Preference Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Similar to consent management, users can opt in or out of cookies that are being used on the site. There are 3 formats of cookies that can be created which include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always Active:\u003C\u002Fstrong> Cookies that are always active or are required for the site to function.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Toggled:\u003C\u002Fstrong> Cookies that can be activated or blocked based on the user preference\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Opt-Out Link:\u003C\u002Fstrong> Cookies that require configuration from a third-party source in order to opt-out\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Depending on the user preference setting, you can use the \u003Ccode>is_allowed_cookie( $cookie )\u003C\u002Fcode> function to save and set the cookies. The cookie with the user approved cookies can be found at another cookie named \u003Ccode>gdpr_approved_cookies\u003C\u002Fcode>. There’s also a helper function called \u003Ccode>is_allowed_cookie( $cookie )\u003C\u002Fcode> that you can use to prevent setting up a cookie.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Consent Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Consents can be registered on the settings page. They can be optional or not. By default, this plugin comes with a Privacy Policy consent that users need to agree with on registration.\u003C\u002Fp>\n\u003Cp>For optional consents, there’s a wrapper function \u003Ccode>have_consent( $consent_id )\u003C\u002Fcode> to help you display or hide something on the site depending if the user gave consent or not.\u003C\u002Fp>\n\u003Cp>Consents are logged to the user record for auditing or for access purposes.\u003C\u002Fp>\n\u003Ch3>Requests Table & Rights of Data Subject\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Right to Erasure Requests\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject is able to submit a request to be erased from the site using a shortcode.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>When a request is made, the Data Subject will receive an email confirmation to confirm the deletion request.\u003C\u002Fp>\n\u003Col>\n\u003Cli>After email confirmation, the user request is added to the requests table for review by the Administrator. The Administrator can also add a user manually with an email look up and review.\u003C\u002Fli>\n\u003Cli>If the Data Subject has content published on the site for any post types or comments, they will be added to this table. If they do not have any content, they will receive a confirmation of erasure request and be provided a 6 digit Token for safekeeping after erasure in case of recover data needs.\u003C\u002Fli>\n\u003Cli>The requests table allows the Administrator to reassign any content to another user or delete it.\u003C\u002Fli>\n\u003Cli>In the event of comments, the Data Subject’s content would be made anonymous.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Admin can also manually add users to the erasure requests table with a manual email search\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Right to Access Data Request & User Data Portability\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject can place a request to download their data with the shortcode.\u003C\u002Fli>\n\u003Cli>After requesting their data, the user will receive a double opt-in confirmation email then the plugin will generate an XML or JSON file, which will be emailed to them for download with an expiration time of 48 hours.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Right to Rectify & Complaint Requests\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>The Data Subject can place a request to rectify data or file a complaint with the shortcode.\u003C\u002Fli>\n\u003Cli>After making their request, the user will receive a double opt-in confirmation email and then add them to the table for admin to handle the request.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Tools\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Access Data\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Access Data tool allows the Admin to look up a user email and view the data of a particular user. The Admin can download and export the data in a JSON or XML format and provide to the Data Subject if manually requested.\u003C\u002Fp>\n\u003Cp>NOTE: This method should not be used without the Data Subject confirming their identity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Audit Log\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Everything the Data Subject does from registration, providing consent to the privacy policy, terms of service and other requests are logged and encrypted in a database. Data breach notifications are also logged to all Data Subjects upon confirmation by Controller.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Using the Data Subject’s email, you can look up and retrieve the user information and display it.\u003C\u002Fli>\n\u003Cli>If the Data Subject has been removed from the site, this encrypted log is deleted from the database and saved as an encrypted file inside the plugin folder.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If in the future, the Data Subject makes a complaint or there is a need to recover the data, the user can provide their email address and the 6 digit token they received from the deletion confirmation email to decrypt and retrieve the file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Breach & Notifications\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In case of a data breach, the Admin can generate a Data Breach Notification to users by logging the information and confirm the breach through a double opt-in confirmation email. The following information would be recorded in the audit log:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Nature of the personal data breach\u003C\u002Fli>\n\u003Cli>Name and contact details of the data protection officer\u003C\u002Fli>\n\u003Cli>Likely consequences of the personal data breach\u003C\u002Fli>\n\u003Cli>Measures were taken or proposed to be taken\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Once the confirmation of the breach has been confirmed via email, the website will begin a batch email notification process to all users every hour until all users receive the notification.\u003C\u002Fp>\n\u003Ch3>Telemetry Tracker\u003C\u002Fh3>\n\u003Cp>The Telemetry Tracker feature will display all data that is being sent outside of your server to another destination. It will indicate the plugin or theme responsible, file and line where the data is being sent.\u003C\u002Fp>\n\u003Cp>WordPress Core and some plugins gather data from your install and send this data to an outside server.\u003C\u002Fp>\n\u003Cp>WordPress Plugin Repository does not allow plugins to do that, but premium plugins are able to do this because they are not bound by the Plugin repository rules. If you did not explicitly opt-in for this feature you should make a complaint.\u003C\u002Fp>\n\u003Ch3>Important!\u003C\u002Fh3>\n\u003Cp>Activating this plugin does not guarantee that an organization is successfully meeting its responsibilities and obligations of GDPR. Individual organizations should assess their unique responsibilities and ensure extra measures are taken to meet any obligations required by law and based on a data protection impact assessment (DPIA).\u003C\u002Fp>\n","This plugin is meant to assist with the GDPR obligations of a Data processor and Controller.",372285,86,58,"2026-02-24T15:47:00.000Z","4.7",[117,104,118,119,19],"compliance","general-data-protection-regulation","law","https:\u002F\u002Ftrewknowledge.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr.2.1.2.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":16,"tags":137,"homepage":140,"download_link":141,"security_score":100,"vuln_count":14,"unpatched_count":26,"last_vuln_date":142,"fetched_at":28},"buddypress-members-only","BuddyPress Members Only","3.6.3","Tomas","https:\u002F\u002Fprofiles.wordpress.org\u002Fzhuyi\u002F","\u003Cp>BuddyPress Members Only is a BuddyPress plugin that restricts your BuddyPress to logged in\u002Fregistered members only.\u003C\u002Fp>\n\u003Cp>opt to just allow logged in users to view your site, non members can only open a few specified page which you setting in our plugin back end. Logged in users have full access on your BuddyPress site.\u003C\u002Fp>\n\u003Cp>opt to open or close a few buddypress components to guest: for example, you can just enable Buddypress Activity Component pages to subscriber user role, then open buddypress groups component pages to support user role, and open users profile component pages to customer user role, and opt to buddypress member component pages open for non member users, and … and so on.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Check Demos\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The plugin is a simple & quick & light BuddyPress Membership solution, it allows you to make your buddypress site only viewable to visitors that are logged in, you can just activate the plugin and finish a little setting work quickly in admin panel and it will begin the work. If you do not setting it in back end, it works well too, it is super easy to use.\u003Cbr \u002F>\nAlso the plugin support custom your wordpress login link, redirect buddypress login users to buddypress profile page or buddypress activity page or buddypress members page, and opt to restrict wordpress post or not, you can opt to restrict custom post type via a few clicks too.\u003C\u002Fp>\n\u003Cp>You can setup which pages on your site will open to guest very quickly:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>The plugin is very easy to use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Once activated our BuddyPress Membership plugin, your buddypress \u002F wordpress site will instantly become a private community.\u003C\u002Fli>\n\u003Cli>In backend, you can decide which parts of your site are open to guest.\u003C\u002Fli>\n\u003Cli>You can restricts Bubbypress standard components to non-member users, for example , you can open buddypress activity pages to guest, but protect members pages to guest…  and so on.\u003C\u002Fli>\n\u003Cli>When guest users try to view any other pages on your site, they will be redirected to the URL which you set up in “Register Page URL” — you can select other pages in this URL too, for example, landing page, or membership payment page… and so on\u003C\u002Fli>\n\u003Cli>By default, Home page of your site is always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Login page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Register page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>Lost Password page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>User activation page will always be opened to non member users.\u003C\u002Fli>\n\u003Cli>In backend “Buddypress Members Only Setting” menu -> Option Panel, you can set up “Register Page URL”,   “Opened Page URLs”, please check screenshost at https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-members-only\u002Fscreenshots\u002F\u003C\u002Fli>\n\u003Cli>“Opened Page URLs”  will opened to non member users always.\u003C\u002Fli>\n\u003Cli>“Register Page URL” will opened to non member users always.\u003C\u002Fli>\n\u003Cli>BuddyPress  Login Rrdirect: opt to redirect logged in users to buddypress profile page or buddypress members page or buddypress activity page. If you did not install buddypress, this option will be ignored.\u003C\u002Fli>\n\u003Cli>Open WordPress Posts: options to only protect your buddypress pages, so other section on your wordpress site will be open to the guest users.\u003C\u002Fli>\n\u003Cli>Custom \u002F Hide WordPress \u002F BuddyPress login link: In setting panel, opt to custom your wordpress login link to stop spam bot find your buddypress private site.\u003C\u002Fli>\n\u003Cli>WordPress page Level Protect: in setting panel, options to enable page level protect, if you enable page level protect,  in post editor, you will find “Allow everyone to access the page” checkbox in meta box, you can opt to specific any post open to all guest users\u003C\u002Fli>\n\u003Cli>Restrict custom post types: In setting panel, you can opt to restrict custom post types to guest or not, we have list all wordpress custom post type in the ” BuddyPress Members Only Restrict Custom Post Types Settings” panel, what you need to do is just a few clicks \u003C\u002Fli>\n\u003Cli>Knowledge Base: for help you understand how to use the buddypress membership system easier, also in each setting panel, we added detailed description for each option, just follow our guide, you can build a private buddypress network very quickly   \u003C\u002Fli>\n\u003Cli>BuddyPress Members Only supported HTTPS and HTTP, we will detect HTTPS and HTTP automatically.\u003C\u002Fli>\n\u003Cli>BuddyPress members only plugin support WordPress too, if you disable buddypress on your site, our plugin will detect it and support wordpress members only automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>> * The plugin support translate and launch localized versions, .po files can be found in languages sub-folder.\u003C\u002Fp>\n\u003Cp>Any feature request is super welcome, please contact us via \u003Ca href='https:\u002F\u002Fmembersonly.top\u002Fcontact-us\u002F' rel=\"nofollow ugc\">plugin support page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>More Pro Version Features\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures\" rel=\"nofollow ugc\">Pro Version Detailed Feature List With Screenshot\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All functions in free version\u003C\u002Fli>\n\u003Cli>Fine-grained Access Control for Your Buddypress Site: restrict each buddypress componets, control each menu visibility, control each user role’s profile visibility, restricts each wordpress pages(even home page or site rss), based on approved members \u002F approved user roles, finish all works just via a few clicks in powerful control panels.\u003C\u002Fli>\n\u003Cli>Restricts \u003Cstrong>BP standard Components\u003C\u002Fstrong> Based on User Roles: for example, you can just enable Buddypress Activity Component pages to subscriber user role, then open buddypress groups component pages to support user role, and open users profile component pages to customer user role, and opt to buddypress member component pages open for non member users, and … and so on.\u003C\u002Fli>\n\u003Cli>Restricts \u003Cstrong>BP customized Components\u003C\u002Fstrong> Based on User Roles: opt to restrict customzied components via 3rd buddypress plugins, there are many amazing buddypress developer developed many customized buddypress components, you can opt to these 3rd customized components open to specific user roles\u003C\u002Fli>\n\u003Cli>Menu Visibility Control by User Roles: for example, you can only allow customer user role to see download menu, and opt to subscriber & customer user role can see product menu… and so on, also by this way, you do not need make a long menu lists to all users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Approved Users Only\u003C\u002Fstrong>: after enabled this buddypress membership addon, when users register as members, they need awaiting administrator approve their account manually, at the same time when unapproved users try to login your site, they can not login your site and they will get a message that noticed they have to waiting for admin approve their access first, only approved users can login your site, Admin user can approve or unapprove any users again at anytime, very easy to use. You can enable \u002F disable approve user addon at anytime in addon manage panel. Just one click, you can lock your buddypress social network quickly, just your friend or family or worker can view your buddypress network. \u003C\u002Fli>\n\u003Cli>Powerful Login redirect \u002F Logout Redirect Based on \u003Cstrong>User Roles\u003C\u002Fstrong>: pro version will support more login \u002F logout redirect options,  each user roles have options for redirect to the referer pages before they login, also support 12 buddypress components to redirect login \u002F logout users, and support to redirect to any specific url based on your setup for each user roles… and so on\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Opened URLs Restricts\u003C\u002Fstrong> Based on User Roles and Tags: For example, you can set up https:\u002F\u002Fmembersonly.top\u002Fmembers\u002F%username%\u002Fforums\u002F only opened for customer user role, or open %sitename%\u002Ffamily\u002F%username%\u002F for family user types… and so on.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customized Closed URLs Restricts\u003C\u002Fstrong> based on user roles and Tags, for example, you can close https:\u002F\u002Fmembersonly.top\u002Fsupport page to guest user role, but open it for customer user role, at the same time, you can open https:\u002F\u002Fmembersonly.top\u002Fshop for guest user role, support use placeholders %username% and %sitename% to protect your customized Closed URLs pages\u003C\u002Fli>\n\u003Cli>Charge Membership fees from Your BuddyPress Site: works well with \u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-woocommerce-payment-gateway-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Membership WooCmmerce Payment Gateway Plugin\u003C\u002Fa> to charge buddyrpess membership fee based on user roles\u003C\u002Fli>\n\u003Cli>One click to add default 10 membership Levels, One click to remove default 10 membership Levels, Edit  Label of Default Membership Levels, one click to reset membership levels\u003C\u002Fli>\n\u003Cli>Restricts Site RSS Feed: opt to restrict rss content, and opt to specific restricts notification to rss users,  you can add restricts notification in editor, support image, link, font style, videos… and so on, restricts notification will shown in feed content ……\u003C\u002Fli>\n\u003Cli>Opt to Restricts Specific BuddyPress Component Pages from Search Engines: if you are running a buddypress private network, and if you do not hope some private content be searched in search engines, it is very easy to remove your private content from google via a few clicks in buddypress members only backend setting panel\u003C\u002Fli>\n\u003Cli>Support add Announcement on Buddypress Members Only register page, you can add announcement in editor with image, link, font style, videos… and so on, we will show announcement at top of register page.\u003C\u002Fli>\n\u003Cli>Restrict Custom Post Types Based on User Role: enhanced custom posty type module, allow admin  restrict custom post types based on user roles\u003C\u002Fli>\n\u003Cli>Options to \u003Cstrong>only protect your buddypress pages\u003C\u002Fstrong>, so other section on your wordpress site will be open to the guest users, so you can only restrict your buddypress section, but open wordpress section to your guests, for example, blog, faq, ticket, store… and so on. \u003C\u002Fli>\n\u003Cli>Enable \u003Cstrong>page level protect\u003C\u002Fstrong>, when you edit a post, you can choose setting it as a members only page or not. By this way, you do not need enter page URLs to Opened Pages Panel always\u003C\u002Fli>\n\u003Cli>Restricts Your Buddypress and WordPress and bbPpress to logged in\u002Fregistered members\u003C\u002Fli>\n\u003Cli>Easy to use, build a privacy site quickly, via a few clicks in powerful control panel, you can decide which section of your site open \u002F close to specific user roles.    \u003C\u002Fli>\n\u003Cli>One Click Reset all Settings\u003C\u002Fli>\n\u003Cli>Option to ” Use Permanent 301 Redirect Instead of Temporary 302 Redirect”\u003C\u002Fli>\n\u003Cli>More Buddypress Membership Addons included in the buddypress membership pro to enrich your application scenarios\u003C\u002Fli>\n\u003Cli>Detailed tips for each setting options and detailed Knowledge Base for help you understand how to use the buddypress membership system easier\u003C\u002Fli>\n\u003Cli>Support ticket: if you need any help, or if you need any more buddypress membership features,  you can find our support ticket in  “Knowledge Base” menu\u003C\u002Fli>\n\u003Cli>…… and more, any fearure request is welcome\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>Please check \u003Ca href='https:\u002F\u002Fmembersonly.top\u002Fcategory\u002Fbuddypress-members-only-demo\u002F' rel=\"nofollow ugc\">demos\u003C\u002Fa>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>More BuddyPress Plugins Maybe You Will Like\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-woocommerce-payment-gateway-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress WooCommerce Payment Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-blacklist-whitelist-security-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Blacklist Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmembersonly.top\u002Ffeatures-of-buddypress-google-xml-sitemaps-generator-plugin\u002F\" rel=\"nofollow ugc\">BuddyPress Google XML Sitemaps Generator Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>…… and more \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Cp>I am developing many more amazing features, you are very welcome to \u003Ca href='https:\u002F\u002Fmembersonly.top' rel=\"nofollow ugc\">submit any feature request\u003C\u002Fa>\u003C\u002Fp>\n","BuddyPress Members Only restricts Your Buddypress and Wordpress to logged in\u002Fregistered members.",1000,119771,74,26,"2025-11-08T11:33:00.000Z","6.8.5","3.8",[18,138,20,71,139],"membership","restricts","https:\u002F\u002Fmembersonly.top\u002Ffeatures\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-members-only.zip","2025-04-01 00:00:00",{"attackSurface":144,"codeSignals":164,"taintFlows":171,"riskAssessment":199,"analyzedAt":210},{"hooks":145,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":26,"unprotectedCount":26},[146,152,156],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_init","AdminInit","private-buddypress.php",46,{"type":147,"name":153,"callback":154,"priority":101,"file":150,"line":155},"wp","LoginRedirect",49,{"type":147,"name":157,"callback":158,"file":150,"line":159},"load-options.php","SaveAdminOptions",55,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":166,"outputEscaping":168,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":170},[],{"prepared":26,"raw":26,"locations":167},[],{"escaped":26,"rawEcho":26,"locations":169},[],[],[172,191],{"entryPoint":173,"graph":174,"unsanitizedCount":101,"severity":190},"LoginRedirect (private-buddypress.php:105)",{"nodes":175,"edges":187},[176,181],{"id":177,"type":178,"label":179,"file":150,"line":180},"n0","source","$_SERVER",107,{"id":182,"type":183,"label":184,"file":150,"line":185,"wp_function":186},"n1","sink","wp_redirect() [Open Redirect]",131,"wp_redirect",[188],{"from":177,"to":182,"sanitized":189},false,"medium",{"entryPoint":192,"graph":193,"unsanitizedCount":101,"severity":190},"\u003Cprivate-buddypress> (private-buddypress.php:0)",{"nodes":194,"edges":197},[195,196],{"id":177,"type":178,"label":179,"file":150,"line":180},{"id":182,"type":183,"label":184,"file":150,"line":185,"wp_function":186},[198],{"from":177,"to":182,"sanitized":189},{"summary":200,"deductions":201},"The static analysis of the \"private-buddypress\" v1.0.4 plugin reveals a seemingly robust security posture at first glance. There are no identified dangerous functions, SQL queries are exclusively handled via prepared statements, and all outputs are properly escaped. Furthermore, the plugin exhibits no file operations, external HTTP requests, or bundled libraries that could pose a risk. This indicates a developer that has followed many good security practices.\n\nHowever, a closer examination of the taint analysis raises concerns. While no critical or high severity \"unsanitized paths\" were detected, the fact that two flows were identified with unsanitized paths is a significant flag. This suggests that user-supplied data might be entering the application in a way that could be manipulated, even if it hasn't yet led to a high-severity exploit in this analysis. The absence of nonce checks and capability checks across the entire plugin is also a notable weakness, especially since the attack surface is presented as zero. This implies that if any entry points were to be introduced or discovered, they might be vulnerable to unauthorized access or manipulation.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This is a positive indicator, suggesting that the plugin has not been a target of significant past security issues. However, a clean history does not guarantee future security, and the identified taint flows highlight potential areas for exploitation that may not have been previously discovered or reported. The plugin's strengths lie in its use of prepared statements and output escaping, but its weaknesses are the identified unsanitized paths and the complete lack of nonce and capability checks.",[202,205,208],{"reason":203,"points":204},"Flows with unsanitized paths detected",15,{"reason":206,"points":207},"Missing nonce checks",10,{"reason":209,"points":207},"Missing capability checks","2026-04-16T11:04:19.229Z",{"wat":212,"direct":218},{"assetPaths":213,"generatorPatterns":214,"scriptPaths":215,"versionParams":216},[],[],[],[217],"private-buddypress\u002Fprivate-buddypress.php?ver=1.0.4",{"cssClasses":219,"htmlComments":220,"htmlAttributes":221,"restEndpoints":230,"jsGlobals":231,"shortcodeOutput":232},[],[],[222,223,224,225,226,227,228,229],"id=\"bp_protection_exclude_home\"","id=\"bp_protection_exclude_blogpages\"","id=\"bp_protection_exclude_registration\"","id=\"bp_protection_options\"","name=\"bp_protection_exclude_home\"","name=\"bp_protection_exclude_blogpages\"","name=\"bp_protection_exclude_registration\"","name=\"bp_protection_options\"",[],[],[],{"error":234,"url":235,"statusCode":236,"statusMessage":237,"message":237},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fprivate-buddypress\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":48,"versions":239},[240,245,252,259,266],{"version":6,"download_url":24,"svn_tag_url":241,"released_at":27,"has_diff":189,"diff_files_changed":242,"diff_lines":27,"trac_diff_url":243,"vulnerabilities":244,"is_current":234},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fprivate-buddypress\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fprivate-buddypress%2Ftags%2F1.0.3&new_path=%2Fprivate-buddypress%2Ftags%2F1.0.4",[],{"version":246,"download_url":247,"svn_tag_url":248,"released_at":27,"has_diff":189,"diff_files_changed":249,"diff_lines":27,"trac_diff_url":250,"vulnerabilities":251,"is_current":189},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-buddypress.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fprivate-buddypress\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fprivate-buddypress%2Ftags%2F1.0.2&new_path=%2Fprivate-buddypress%2Ftags%2F1.0.3",[],{"version":253,"download_url":254,"svn_tag_url":255,"released_at":27,"has_diff":189,"diff_files_changed":256,"diff_lines":27,"trac_diff_url":257,"vulnerabilities":258,"is_current":189},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-buddypress.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fprivate-buddypress\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fprivate-buddypress%2Ftags%2F1.0.1&new_path=%2Fprivate-buddypress%2Ftags%2F1.0.2",[],{"version":260,"download_url":261,"svn_tag_url":262,"released_at":27,"has_diff":189,"diff_files_changed":263,"diff_lines":27,"trac_diff_url":264,"vulnerabilities":265,"is_current":189},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-buddypress.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fprivate-buddypress\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fprivate-buddypress%2Ftags%2F1.0&new_path=%2Fprivate-buddypress%2Ftags%2F1.0.1",[],{"version":267,"download_url":268,"svn_tag_url":269,"released_at":27,"has_diff":189,"diff_files_changed":270,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":271,"is_current":189},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-buddypress.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fprivate-buddypress\u002Ftags\u002F1.0\u002F",[],[]]