[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFMKi7Mp4SxN74e3-zXzRLuWuS8lryjHjtC7SerX9Y2g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":91,"crawl_stats":38,"alternatives":99,"analysis":205,"fingerprints":319},"protect-wp-admin","Protect WP Admin","4.2","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>Protect WP Admin adds an extra security layer to your WP site by allowing you to rename and secure the wp-admin and wp-login.php URLs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change default admin URL (e.g., \u002Fwp-admin to \u002Fmyadmin)\u003C\u002Fli>\n\u003Cli>Restrict access to dashboard by roles or specific user IDs\u003C\u002Fli>\n\u003Cli>Customize login page colors and logo\u003C\u002Fli>\n\u003Cli>Block access to default login URLs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Stop bots and hackers from brute-forcing your login page. This plugin is ideal for any site looking to increase login security without modifying core files.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video Demo:\u003C\u002Fstrong>\u003Cbr \u002F>\nhttps:\u002F\u002Fyoutu.be\u002FMxr2MLDNACE\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Add-on Available:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro\" rel=\"nofollow ugc\">Click here to download add-on\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Define Custom WP Admin Login URL (e.g., http:\u002F\u002Fyourdomain.com\u002Fmyadmin)\u003C\u002Fli>\n\u003Cli>Add custom logo and styling to login page\u003C\u002Fli>\n\u003Cli>Restrict wp-admin access to only admin or defined user IDs\u003C\u002Fli>\n\u003Cli>Redirect all unauthorized users and bots\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Rename wp-admin completely\u003C\u002Fli>\n\u003Cli>Set login attempt limits\u003C\u002Fli>\n\u003Cli>Track login history\u003C\u002Fli>\n\u003Cli>Change usernames\u003C\u002Fli>\n\u003Cli>More style controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Get the Pro Version:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=15off\" rel=\"nofollow ugc\">Protect WP Admin Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n","Protect your WP site by changing the default wp-admin URL and customizing the login page for enhanced security.",10000,533784,72,50,"2026-02-05T17:04:00.000Z","6.9.4","6.0","",[20,21,22,23,24],"admin-url","hack-prevention","protect-admin","secure-admin","secure-login","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-wp-admin.4.2.zip",93,4,0,"2025-12-15 00:00:00","2026-03-15T15:16:48.613Z",[33,48,62,76],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-64249","protect-wp-admin-missing-authorization","Protect WP Admin \u003C= 4.1 - Missing Authorization","The Protect WP Admin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 4.1. This makes it possible for unauthenticated attackers to perform an unauthorized action.",null,"\u003C=4.1","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-02-06 17:35:14",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F801f7c4d-472d-4f0d-9d99-3b3a28f5e3f9?source=api-prod",54,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":40,"cvss_score":41,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2023-3139","protect-wp-admin-unauthenticated-information-disclosure-to-protection-bypass","Protect WP Admin \u003C= 3.8 - Unauthenticated Information Disclosure to Protection Bypass","The Protect WP Admin plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 3.8. This is due to a data leak when performing a redirect after processing a crafted request. This makes it possible for unauthenticated attackers to disclose the URL of the admin panel and bypass intended protections.","\u003C=3.8","4.0","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2023-06-12 00:00:00","2024-01-22 19:56:02",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7012b34d-8d65-4575-9965-417739206b5f?source=api-prod",225,{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":38,"affected_versions":67,"patched_in_version":68,"severity":40,"cvss_score":69,"cvss_vector":70,"vuln_type":71,"published_date":72,"updated_date":58,"references":73,"days_to_patch":75},"WF-878671d2-572c-43f9-8fba-f2e2e955b7a6-protect-wp-admin","protect-wp-admin-cross-site-scripting","Protect WP Admin \u003C= 3.7 - Cross-Site Scripting","The Protect WP Admin plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.7 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C=3.7","3.8",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2022-08-05 00:00:00",[74],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F878671d2-572c-43f9-8fba-f2e2e955b7a6?source=api-prod",536,{"id":77,"url_slug":78,"title":79,"description":80,"plugin_slug":4,"theme_slug":38,"affected_versions":81,"patched_in_version":82,"severity":83,"cvss_score":84,"cvss_vector":85,"vuln_type":86,"published_date":87,"updated_date":58,"references":88,"days_to_patch":90},"CVE-2021-24906","protect-wp-admin-unauthenticated-plugin-deactivation","Protect WP Admin \u003C= 3.6 - Unauthenticated Plugin Deactivation","The Protect WP Admin WordPress plugin before 3.7 does not check for authorisation in the lib\u002Fpwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request","\u003C=3.6","3.7","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Incorrect Authorization","2021-12-23 00:00:00",[89],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2295b532-7833-4f5d-9778-de26390b04bd?source=api-prod",761,{"slug":92,"display_name":7,"profile_url":8,"plugin_count":93,"total_installs":94,"avg_security_score":95,"avg_patch_time_days":96,"trust_score":97,"computed_at":98},"india-web-developer",21,29940,92,347,73,"2026-04-04T05:24:56.968Z",[100,118,140,163,185],{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":29,"num_ratings":29,"last_updated":110,"tested_up_to":111,"requires_at_least":68,"requires_php":18,"tags":112,"homepage":116,"download_link":117,"security_score":95,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"protect-admin-login","Protect Admin Login","3.0.0","ViitorCloud Technologies Pvt Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fviitorcloudvc\u002F","\u003Cp>A simple plugin allows to overwrite wp-admin url to login backend.\u003C\u002Fp>\n\u003Cp>If you run a WordPress website, you must use “Protect Admin Login” to secure it against hackers.\u003C\u002Fp>\n\u003Cp>It blocks default wp-admin login link.\u003C\u002Fp>\n\u003Cp>You can add new url in backend in Settings\u002FPermalinks section.\u003C\u002Fp>\n\u003Ch4>Get Involved\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fviitorcloud.com\u002F\" rel=\"nofollow ugc\">ViitorCloud\u003C\u002Fa> believes in active community support. So, with our plugins, we aim to try to make life easy for developers & customers. Subscribe to our newsletter for more updates.\u003C\u002Fp>\n","A simple plugin allows to overwrite wp-admin url to login backend.",20,1023,"2024-05-24T09:27:00.000Z","6.5.8",[113,114,101,115,23],"change-wp-admin","custom-admin-url","protect-backend","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-admin-login.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":29,"num_ratings":29,"last_updated":128,"tested_up_to":16,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":135,"download_link":136,"security_score":137,"vuln_count":138,"unpatched_count":29,"last_vuln_date":139,"fetched_at":31},"echbay-admin-security","EchBay Admin Security","1.3.1","Dao Quoc Dai","https:\u002F\u002Fprofiles.wordpress.org\u002Fitvn9online\u002F","\u003Cp>If you run a WordPress website, you should absolutely use echbay-admin-security to secure it against hackers.\u003C\u002Fp>\n\u003Cp>Protect WP-Admin fixes a glaring security hole in the WordPress community: the well-known problem of the admin panel URL.\u003Cbr \u002F>\nEveryone knows where the admin panel, and this includes hackers as well.\u003C\u002Fp>\n\u003Cp>Protect WP-Admin helps solve this problem by allowing webmasters to setup PIN number or password for login page.\u003C\u002Fp>\n\u003Cp>The plugin also comes with some access filters, allowing webmasters to restrict guest and registered users access to wp-admin, just in case you want some of your editors to log in the classic way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Fitvn9online\u002F5\" rel=\"nofollow ugc\"> Thanks for donate \u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect Your Website Admin Against Hackers & Modify Login Page Design ( Nhiệm vụ: chặn mọi truy cập trực tiếp vào trang quản trị wordpress dưới dạ &hellip;",100,11190,"2025-11-28T02:58:00.000Z","4.8",[131,132,133,134,23],"change-admin-url","change-wp-admin-url","protect-wordpress-admin","rename-admin-url","https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwordpresseb","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fechbay-admin-security.zip",99,1,"2025-11-20 19:30:13",{"slug":141,"name":142,"version":143,"author":144,"author_profile":145,"description":146,"short_description":147,"active_installs":148,"downloaded":149,"rating":126,"num_ratings":150,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":154,"tags":155,"homepage":160,"download_link":161,"security_score":126,"vuln_count":138,"unpatched_count":29,"last_vuln_date":162,"fetched_at":31},"temporary-login-without-password","Temporary Login Without Password","1.9.7","storeapps","https:\u002F\u002Fprofiles.wordpress.org\u002Fstoreapps\u002F","\u003Cp>Create secure, self-expiring ⏱️, automatic login links 🔗 for WordPress. Give them to developers when they ask for admin access to your site. Or an editor for a quick review of work done. Login works just by opening the link, no password needed.\u003C\u002Fp>\n\u003Cp>Using the “Temporary Login Without Password” plugin you can create a self-expiring account for someone and give them a special link with which they can login to your WordPress without needing a username and password.\u003C\u002Fp>\n\u003Cp>You can choose when the login expires, as well as the role of the temporary account.\u003C\u002Fp>\n\u003Cp>Really useful when you need to give admin access to a developer for support or for performing routine tasks.\u003C\u002Fp>\n\u003Cp>Read \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F\" rel=\"nofollow ugc\">this article\u003C\u002Fa> to know more about what’s the Current Problem – Creating a Separate Admin Login for Outsiders (Devs\u002F Guest bloggers) and how to avoid this pain, Top Benefits of using this plugin & Why and Who need Temporary Login links.\u003C\u002Fp>\n\u003Ch4>\u003Cstrong>Benefits of Temporary Logins\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>➡️  Create unlimited temporary logins\u003Cbr \u002F>\n  ➡️  Create temporary logins with any role\u003Cbr \u002F>\n  ➡️  No username & password required. Login with just a simple link\u003Cbr \u002F>\n  ➡️  Set account expiry. So, a temporary user can’t login after the expiry time\u003Cbr \u002F>\n  ➡️  Various expiration options like one day, one week, one month, and many more. Also, set a custom date\u003Cbr \u002F>\n  ➡️  Redirect user to a specific page after login\u003Cbr \u002F>\n  ➡️  Set a language for a temporary user\u003Cbr \u002F>\n  ➡️  See the last logged in time of a temporary user\u003Cbr \u002F>\n  ➡️  Also see, how many times a temporary user accessed your setup\u003Cbr \u002F>\n  ➡️  Track user activity with detailed logs to know what each temporary user did\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>\u003Cstrong>For Developers\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cp>If you need an admin access to your client’s WordPress setup to resolve any issues, use following template to ask your client to give you a temporary access to their WordPress setup.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Hi {%customer_name%},\u003C\u002Fp>\n\u003Cp>To allow me to investigate on your site, install & activate the free WordPress plugin – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"ugc\">Temporary Login Without Password\u003C\u002Fa>, and give me admin access to your site via the temporary link generated. Once I’ll get the admin access, I’ll check your site & will try to resolve the issue.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong>:\u003Cbr \u002F>\n  Keep the expiry of a temporary login link for one month. Send the created login link as a reply to this email.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Temporary Login Without Password Pro Features\u003C\u002Fh3>\n\u003Cp>➡️ Limit Link Usage: Set a maximum number of times a temporary login link can be used, ensuring controlled, secure access.\u003C\u002Fp>\n\u003Cp>➡️ Instant Admin Alerts: Receive notifications each time a temporary login is accessed, keeping you informed of all activity.\u003C\u002Fp>\n\u003Cp>➡️ Activity Log: View detailed activity of each temporary user to monitor what actions they performed while logged in.\u003C\u002Fp>\n\u003Cp>Ready to take your security and convenience to the next level?\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.icegram.com\u002F?buy-now=445245&qty=1&coupon=tlwp-pro-20&with-cart=1\" rel=\"nofollow ugc\">Upgrade to TLWP Pro\u003C\u002Fa>\u003C\u002Fstrong> today to unlock our advanced features. Experience the full power of secure, temporary, passwordless access for your WordPress \u002F WooCommerce site.\u003C\u002Fp>\n\u003Ch4>What users have to say about Temporary Login Without Password?\u003C\u002Fh4>\n\u003Cp>👉 \u003Cstrong>It works with WordPress.com business plan!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I love this plugin! I got the impression that Temporary Login Without Password plugin would only work with WordPress.org sites. When I had a problem with another plugin, I reached out to their tech support. They recommended Temporary Login. I crossed my fingers, installed it, and it worked like a charm. No more worrying about possibly compromising my sites. When tech support was done, I went into the settings and revoked access. This is a game changer!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fit-works-with-wordpress-com-business-plan\u002F\" rel=\"ugc\">Suzanne Loeb\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Convenient. No rabbit holes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I can’t say I’ve used a whole bunch of these plugins, but I can say I’ve used 2 or 3. This one was the most straight forward and rushing through it I still didn’t run into any issues. The login was shot to the company I needed to let in and I was able to get back to marking things off of my checklist. Highly recommend to anyone that is needing to make a temporary user account for the first time. There’s literally nowhere to get confused from my personal experience\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fconvenient-no-rabbit-holes\u002F\" rel=\"ugc\">Peter Higgins\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Clear and efficient.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Clear and efficient. Nothing to add !\u003Cbr \u002F>\n  Continue like that !\u003Cbr \u002F>\n  Make the world of the web even more fun for all pro and amateur users!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fclear-and-efficient-2\u002F\" rel=\"ugc\">muten7\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>Excellent Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Having problems with another plugin the developer recommended TPWP. It does exactly as it states. The developer was able to identify the bug, done without comprising security. The fact it records the access you have granted is a another advantage.\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fexcellent-plugin-3772\u002F\" rel=\"ugc\">mickpamg\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>👉 \u003Cstrong>A huge help and easy!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin was just what I needed to make it easy for support people to come in and get their assessments done then I don’t have to worry about revoking permission…this takes care of that for me! Love it!!!\u003Cbr \u002F>\n  – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fa-huge-help-and-easy\u002F\" rel=\"ugc\">bfauscette\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F\" rel=\"ugc\">Temporary Login Without Password plugin review section\u003C\u002Fa> and read our recent reviews.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spread The Love ❤️\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like Temporary Login Without Password, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftemporary-login-without-password\u002Freviews\u002F#new-post\" rel=\"ugc\">five stars ⭐⭐⭐⭐⭐\u003C\u002Fa> and also spread the word about it via \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fsharer.php?u=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?url=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftemporary-login-without-password\u002F\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>. That helps fellow website owners assess Temporary Login Without Password easily and benefit from it!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s Next\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you like this plugin then consider checking out our other solutions:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-subscribers\u002F\" rel=\"ugc\">Icegram Express\u003C\u002Fa> – A complete newsletter plugin which lets you collect leads, send automated new blog post notification emails, create & send broadcasts, and also manage them all in one single place.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-mailer\u002F\" rel=\"ugc\">Icegram Mailer\u003C\u002Fa> – Reliable built‑in email delivery for WordPress & WooCommerce with real‑time logs, analytics, and a free 200‑email plan.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram\u002F\" rel=\"ugc\">Icegram Engage\u003C\u002Fa> – Popups, Welcome Bar, Opt-ins & Lead Generation plugin\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-rainmaker\u002F\" rel=\"ugc\">Icegram Collect\u003C\u002Fa> – Best form plugin on WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsmart-manager-for-wp-e-commerce\u002F\" rel=\"ugc\">Smart Manager\u003C\u002Fa> – Manage & Bulk edit Products, Orders & more..\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foffermative-discount-pricing-related-products-upsell-funnels-for-woocommerce\u002F\" rel=\"ugc\">Offermative\u003C\u002Fa> – Dynamic discount pricing, related product recommendations, upsells and funnels for WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fduplicate-post-page-copy-clone-wp\u002F\" rel=\"ugc\">Post \u002F Page Duplicate\u003C\u002Fa> – Ultimate one‑click content duplicator for WordPress, letting you clone posts, pages & custom post types effortlessly\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ficegram-cookie-manager\u002F\" rel=\"ugc\">Icegram Cookie Manager\u003C\u002Fa> – Customizable cookie consent banner with privacy policy links and styling options for WordPress\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fswitch-user-login-by-icegram\u002F\" rel=\"ugc\">Switch User Login\u003C\u002Fa> – Instantly switch between WordPress user accounts from the admin bar for seamless testing, debugging, and multisite\u002FWooCommerce management\u003C\u002Fp>\n\u003Cp>Also, check our other \u003Ca href=\"https:\u002F\u002Fwww.storeapps.org\u002Fshop\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=sa_products_upsell&utm_content=readme\" rel=\"nofollow ugc\">Premium WooCommerce plugins.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you use WooCommerce? Our analytics tool \u003Ca href=\"https:\u002F\u002Fwww.putler.com\u002F?utm_source=wprepo&utm_medium=tlwp&utm_campaign=putler_outreach&utm_content=readme\" rel=\"nofollow ugc\">Putler\u003C\u002Fa> will help you enriches your store data. Using Putler, you’ll understand your business better and make profitable decisions quickly.\u003C\u002Fp>\n","Create self-expiring, temporary admin accounts. Easily share direct login links (no need for username\u002Fpassword) with your developers or editors.",100000,1865629,1499,"2025-12-22T11:48:00.000Z","6.8.5","3.0.1","5.3",[156,157,158,24,159],"developer-access","magic-pin","passwordless-login","temporary-access","http:\u002F\u002Fwww.storeapps.org\u002Fcreate-secure-login-without-password-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftemporary-login-without-password.1.9.7.zip","2021-11-15 00:00:00",{"slug":164,"name":165,"version":166,"author":167,"author_profile":168,"description":169,"short_description":170,"active_installs":171,"downloaded":172,"rating":126,"num_ratings":173,"last_updated":174,"tested_up_to":16,"requires_at_least":175,"requires_php":176,"tags":177,"homepage":18,"download_link":182,"security_score":183,"vuln_count":138,"unpatched_count":29,"last_vuln_date":184,"fetched_at":31},"login-me-now","Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPress","1.14","Pluginly","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginly\u002F","\u003Ch4>What is Login Me Now?\u003C\u002Fh4>\n\u003Cp>Login Me Now is a modern login and access control solution for WordPress. It helps you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Grant temporary access with secure one-time links\u003C\u002Fli>\n\u003Cli>Log in without passwords\u003C\u002Fli>\n\u003Cli>Offer Google and Facebook social login\u003C\u002Fli>\n\u003Cli>Switch between user accounts instantly\u003C\u002Fli>\n\u003Cli>Use browser extensions for one-click dashboard access\u003C\u002Fli>\n\u003Cli>Verify users with SMS-based one-time passwords\u003C\u002Fli>\n\u003Cli>Track login history and activity\u003C\u002Fli>\n\u003Cli>Manage modules, integrations, and features from a single hub\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>New: Phone OTP Login\u003Cbr \u002F>\nAllow users to verify identity with one-time passwords delivered via SMS using Firebase or Twilio.\u003C\u002Fp>\n\u003Cp>Improved Email Magic Link\u003Cbr \u002F>\nRefined modal, confirmation step, and updated email template for a more professional experience.\u003C\u002Fp>\n\u003Ch4>Video Overview\u003C\u002Fh4>\n\u003Cp>Watch a quick 38-second overview of the problem, solution, and features:\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmLKvHphKX0E?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Ch3>Passwordless & Temporary Login\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Generate secure login links with expiration time (hours or days)\u003C\u002Fli>\n\u003Cli>No passwords needed — secure login with one click\u003C\u002Fli>\n\u003Cli>Control access using validity periods and conditional settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Social Login\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Google and Facebook login support\u003C\u002Fli>\n\u003Cli>Use shortcodes to place login buttons anywhere\u003C\u002Fli>\n\u003Cli>Pro: Sync profile photo and name\u003C\u002Fli>\n\u003Cli>Pro: Redirect users to any page after login\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Phone OTP Login (New)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>OTP delivery through Firebase or Twilio Verify\u003C\u002Fli>\n\u003Cli>Rate limiting, resend cooldown, and reCAPTCHA supported\u003C\u002Fli>\n\u003Cli>Country flag selector and restriction options\u003C\u002Fli>\n\u003Cli>Store and normalize phone numbers in user profiles\u003C\u002Fli>\n\u003Cli>Works via shortcode or wp-login.php login provider interface\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>User Switching\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Instantly switch between user accounts\u003C\u002Fli>\n\u003Cli>No logout\u002Flogin cycles required\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Email Magic Link\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Single-use secure login links\u003C\u002Fli>\n\u003Cli>Clean modal with validation and success confirmation\u003C\u002Fli>\n\u003Cli>Friendly email template with clear CTA\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Activity Log\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Integrates with Simple History\u003C\u002Fli>\n\u003Cli>Track who logged in and how they authenticated\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Browser Extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fchrome.google.com\u002Fwebstore\u002Fdetail\u002Flogin-me-now-wordpress-lo\u002Fkkkofomlfhbepmpiplggmfpomdnkljoh\" rel=\"nofollow ugc\">Chrome Extension\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faddons.mozilla.org\u002Fen-US\u002Ffirefox\u002Faddon\u002Flogin-me-now\u002F\" rel=\"nofollow ugc\">Firefox Add-on\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Uses encrypted JWT tokens for secure and fast access\u003C\u002Fli>\n\u003Cli>No passwords are stored in the extension\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Modules Hub (New)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Toggle modules, integrations, and upcoming features from one dashboard\u003C\u002Fli>\n\u003Cli>Search, filter, and manage active, available, and upcoming modules\u003C\u002Fli>\n\u003Cli>Module state persists automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>Use these shortcodes to display login buttons anywhere:\u003C\u002Fp>\n\u003Cp>[login_me_now_google_button]\u003Cbr \u002F>\n[login_me_now_facebook_button]\u003Cbr \u002F>\n[login_me_now_phone_otp_button]\u003Cbr \u002F>\n[login_me_now_email_magic_link_button]\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Site Owners: Give temporary access without sharing passwords\u003C\u002Fli>\n\u003Cli>Developers: Request secure client access instead of asking for admin credentials\u003C\u002Fli>\n\u003Cli>Agencies: Switch between multiple user accounts easily\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>All-in-One Content Restriction\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads\u003C\u002Fli>\n\u003Cli>Directorist\u003C\u002Fli>\n\u003Cli>Simple History\u003C\u002Fli>\n\u003Cli>Fluent Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Coming Soon: Tutor LMS, BuddyBoss, BuddyPress, Dokan, bbPress\u003C\u002Fp>\n\u003Ch4>Why Choose Login Me Now?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Encrypted, time-sensitive authentication\u003C\u002Fli>\n\u003Cli>Faster, smoother login flows\u003C\u002Fli>\n\u003Cli>Works for both beginners and power users\u003C\u002Fli>\n\u003Cli>Actively updated and maintained\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Social login profile sync (name, avatar)\u003C\u002Fli>\n\u003Cli>Custom redirect after login\u003C\u002Fli>\n\u003Cli>More integrations (coming soon)\u003C\u002Fli>\n\u003Cli>WooCommerce express login (coming soon)\u003C\u002Fli>\n\u003Cli>Advanced OTP enhancements (coming soon)\u003C\u002Fli>\n\u003Cli>Priority support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro version:\u003Cbr \u002F>\nhttps:\u002F\u002Floginmenow.com\u002Fpricing\u002F\u003C\u002Fp>\n\u003Ch3>FIND AN ISSUE?\u003C\u002Fh3>\n\u003Cp>Support forum:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Flogin-me-now\u002F\u003C\u002Fp>\n\u003Cp>Please search existing topics before opening a new one.\u003C\u002Fp>\n","Login Me Now combines Passwordless Login, Email Magic Links, Phone OTP Verification, Temporary Logins, Social Logins (Google & Facebook), User Swi &hellip;",400,13043,9,"2026-01-12T11:26:00.000Z","5.6","7.4",[178,179,24,180,181],"login","password","social-login","wp-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-me-now.1.14.zip",98,"2025-02-26 00:00:00",{"slug":186,"name":187,"version":188,"author":189,"author_profile":190,"description":191,"short_description":192,"active_installs":126,"downloaded":193,"rating":29,"num_ratings":29,"last_updated":194,"tested_up_to":195,"requires_at_least":196,"requires_php":18,"tags":197,"homepage":202,"download_link":203,"security_score":204,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"admin-ssl-secure-admin","Admin SSL","2.0-b2","blenjee","https:\u002F\u002Fprofiles.wordpress.org\u002Fblenjee\u002F","\u003Cp>Admin SSL secures login page, admin area, posts, pages – whatever you want – using Private SSL.\u003Cbr \u002F>\nOnce you have activated the plugin please go to the Admin SSL config page to enable SSL, and\u003Cbr \u002F>\nread the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Each time you update Admin SSL, please read the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003Cbr \u002F>\nand \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> in\u003Cbr \u002F>\ncase there is some important information relating to the update.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Forces SSL on all pages where passwords can be entered.\u003C\u002Fli>\n\u003Cli>Works with Private SSL.\u003C\u002Fli>\n\u003Cli>Custom additional URLS (e.g. wp-admin\u002F) can be secured through the config page.\u003C\u002Fli>\n\u003Cli>You can choose where you want the Admin SSL config page to appear!\u003C\u002Fli>\n\u003Cli>Works on WordPress 3.0 – 3.1.1; for previous versions of WordPress please use version 1.4.1,\u003Cbr \u002F>\nbut note it is no longer supported – you should upgrade to the latest WordPress version.\u003C\u002Fli>\n\u003C\u002Fol>\n","Admin SSL secures login page, admin area, posts, pages - whatever you want - using Private SSL.",53005,"2011-04-24T15:21:00.000Z","3.1.4","3.0",[198,24,199,200,201],"private-ssl","security","shared-ssl","ssl","http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-ssl-secure-admin.2.0.zip",85,{"attackSurface":206,"codeSignals":284,"taintFlows":298,"riskAssessment":299,"analyzedAt":318},{"hooks":207,"ajaxHandlers":280,"restRoutes":281,"shortcodes":282,"cronEvents":283,"entryPointCount":29,"unprotectedCount":29},[208,214,219,223,227,231,234,239,244,248,253,255,258,261,264,265,268,272,276],{"type":209,"name":210,"callback":211,"file":212,"line":213},"action","admin_menu","init_pwa_admin_menu","protect-wp-admin.php",22,{"type":209,"name":215,"callback":216,"priority":217,"file":212,"line":218},"admin_bar_menu","toolbar_link_to_pwa",999,32,{"type":209,"name":220,"callback":221,"file":212,"line":222},"admin_init","init_pwa_options_fields",58,{"type":209,"name":224,"callback":225,"file":212,"line":226},"admin_enqueue_scripts","init_pwa_admin_scripts",285,{"type":209,"name":228,"callback":229,"file":212,"line":230},"admin_notices","permalink_structure_admin_notice",295,{"type":209,"name":220,"callback":232,"file":212,"line":233},"pwa_flush_rewrite_rules",361,{"type":235,"name":236,"callback":237,"priority":108,"file":212,"line":238},"filter","gettext","pwa_custom_checkemail_link",403,{"type":209,"name":240,"callback":241,"priority":242,"file":212,"line":243},"upgrader_process_complete","pwa_upgrade_function",10,443,{"type":209,"name":245,"callback":246,"file":212,"line":247},"init","init_pwa_admin_rewrite_rules",453,{"type":209,"name":249,"callback":250,"file":251,"line":252},"login_enqueue_scripts","pwa_load_jquery","pwa-class.php",46,{"type":209,"name":245,"callback":246,"file":251,"line":254},47,{"type":209,"name":245,"callback":256,"file":251,"line":257},"pwa_admin_url_redirect_conditions",48,{"type":209,"name":249,"callback":259,"priority":108,"file":251,"line":260},"check_login_status",49,{"type":209,"name":220,"callback":262,"file":251,"line":263},"pwa_logout_user_after_settings_save",53,{"type":209,"name":220,"callback":262,"file":251,"line":47},{"type":209,"name":249,"callback":266,"file":251,"line":267},"pwa_update_login_page_logo",217,{"type":235,"name":269,"callback":270,"file":251,"line":271},"login_headerurl","pwa_login_logo_url",258,{"type":235,"name":273,"callback":274,"priority":242,"file":251,"line":275},"pre_update_option_pwa_rewrite_text","pwa_update_field_rewrite_text",267,{"type":235,"name":277,"callback":278,"priority":108,"file":251,"line":279},"retrieve_password_message","pwa_reset_password_message",320,[],[],[],[],{"dangerousFunctions":285,"sqlUsage":286,"outputEscaping":288,"fileOperations":29,"externalRequests":29,"nonceChecks":138,"capabilityChecks":28,"bundledLibraries":297},[],{"prepared":29,"raw":29,"locations":287},[],{"escaped":289,"rawEcho":290,"locations":291},24,2,[292,295],{"file":212,"line":293,"context":294},130,"raw output",{"file":212,"line":296,"context":294},131,[],[],{"summary":300,"deductions":301},"The 'protect-wp-admin' v4.2 plugin exhibits a mixed security posture. On the positive side, static analysis reveals a minimal attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication or proper permission checks. The code also demonstrates good practices regarding SQL queries, with 100% using prepared statements, and a high percentage of output being properly escaped, reducing XSS risks. A single nonce check and four capability checks suggest some awareness of security principles. \n\nHowever, the vulnerability history is a significant concern. The plugin has a history of four known CVEs, with one high and three medium severity vulnerabilities in its past. The fact that the last vulnerability was dated 2025-12-15, and there are currently no unpatched vulnerabilities, is positive. Yet, the types of past vulnerabilities, including missing authorization, exposure of sensitive information, and cross-site scripting, indicate a recurring pattern of security flaws. The absence of taint analysis findings and an apparent lack of dangerous functions in this version are encouraging, but the historical context warrants caution.\n\nIn conclusion, while version 4.2 of 'protect-wp-admin' appears to have addressed many potential entry points and implemented some good coding practices, its past vulnerability record suggests a need for ongoing vigilance. The minimal attack surface and improved code signals are strengths, but the historical trend of authorization and data exposure issues means users should remain aware of potential risks until the plugin demonstrates a sustained period of security improvements.",[302,305,307,309,312,314,316],{"reason":303,"points":304},"High historical vulnerability count",15,{"reason":306,"points":242},"Past high severity vulnerabilities",{"reason":308,"points":173},"Past medium severity vulnerabilities",{"reason":310,"points":311},"Past 'Missing Authorization' vulnerabilities",8,{"reason":313,"points":311},"Past 'Exposure of Sensitive Information' vulnerabilities",{"reason":315,"points":311},"Past 'Cross-site Scripting' vulnerabilities",{"reason":317,"points":28},"Low percentage of unescaped output","2026-03-16T17:39:03.741Z",{"wat":320,"direct":331},{"assetPaths":321,"generatorPatterns":325,"scriptPaths":326,"versionParams":327},[322,323,324],"\u002Fwp-content\u002Fplugins\u002Fprotect-wp-admin\u002Fjs\u002Fpwa-admin-script.js","\u002Fwp-content\u002Fplugins\u002Fprotect-wp-admin\u002Fcss\u002Fpwa-admin-style.css","\u002Fwp-content\u002Fplugins\u002Fprotect-wp-admin\u002Fjs\u002Fcolorpicker.js",[],[322,324],[328,329,330],"protect-wp-admin\u002Fjs\u002Fpwa-admin-script.js?ver=","protect-wp-admin\u002Fcss\u002Fpwa-admin-style.css?ver=","protect-wp-admin\u002Fjs\u002Fcolorpicker.js?ver=",{"cssClasses":332,"htmlComments":340,"htmlAttributes":341,"restEndpoints":364,"jsGlobals":365,"shortcodeOutput":367},[333,334,335,336,337,338,339],"pwa-admin-settings-wrapper","pwa-tab-menu","pwa-tab-links","pwa-setting","pwa-tab","pwa-toolbar-page","pwa_menu_item_class",[],[342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363],"id=\"pwa-settings-form-admin\"","id=\"check_permalink\"","id=\"pwa-tab-menu\"","id=\"pwa-general\"","id=\"pwa-admin-style\"","id=\"pwa-support\"","id=\"div-pwa-general\"","id=\"pwa_active\"","id=\"pwa_rewrite_text\"","id=\"pwa_restrict\"","id=\"pwa_allow_custom_users\"","id=\"div-pwa-admin-style\"","id=\"pwa_logo_path\"","id=\"pwa_login_page_bg_color\"","id=\"pwa_login_page_color\"","class=\"pwa-admin-settings-wrapper\"","class=\"pwa-tab-menu\"","class=\"pwa-tab-links active\"","class=\"pwa-setting\"","class=\"pwa-tab\"","class=\"color-field\"","class=\"upload_image button\"",[],[366],"window.send_to_editor",[]]