[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5jqgva-1hl2N1Y9XBIrKSI-FcM73FAs45Qi-tmxPTJY":3,"$flQM3xVMNAUUZSuuqONLHXu-nuS724w_7qL2jFtq6F-s":230,"$fYTiOsgoOffycBipGjBeLOJNcLlTVT2w5ZiYPnS9xtqM":235},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":38,"analysis":141,"fingerprints":203},"randomize-password","Randomize Password","1.0.0","Usman Ali Qureshi","https:\u002F\u002Fprofiles.wordpress.org\u002Fusmanaliqureshi\u002F","\u003Cp>This plugin will help you to change the password for users depending on the schedule in settings (only set by administrators) of the plugin. It will add a new option on the profile page of each user to activate the schedule to randomly change their password.\u003C\u002Fp>\n","This plugin allows administrators to set a schedule for automatic password changes. Users can enable this feature on their profile page to enhance sec &hellip;",0,1371,"2024-12-05T12:44:00.000Z","6.6.5","4.0","7.4",[18,19,20,21,22],"password","password-reset","random","reset","security","https:\u002F\u002Fgithub.com\u002Fusmanaliqureshi\u002Frandomize-password","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frandomize-password.1.0.0.zip",92,null,"2026-03-15T15:16:48.613Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"usmanaliqureshi",4,4010,98,30,93,"2026-05-19T23:29:22.388Z",[39,62,79,105,123],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":14,"requires_at_least":52,"requires_php":16,"tags":53,"homepage":59,"download_link":60,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":61},"reset-password-removed","Reset Password Removed","1.2","Md Taufiqur Rahman","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmartshovon\u002F","\u003Cp>Easily enhance the security of your WordPress site by removing the ability for non-admin users to change or reset their passwords. The “Reset Password Removed” plugin ensures that only administrators have the power to modify password settings, reducing the risk of unauthorized access.\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Restrict Password Resets:\u003C\u002Fstrong> Prevents non-admin users from resetting their passwords, adding an extra layer of security to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Control:\u003C\u002Fstrong> Keeps password management accessible only to site administrators, ensuring critical access remains in trusted hands.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Streamlined User Experience:\u003C\u002Fstrong> Automatically removes the “Lost your password?” link from the login page for non-admin users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Efficient:\u003C\u002Fstrong> The plugin is built to be lightweight, ensuring it doesn’t slow down your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Choose Reset Password Removed?\u003C\u002Fh3>\n\u003Cp>If you’re looking to enhance your WordPress security without complicating user management, this plugin is the perfect solution. Ideal for websites where password security is paramount, it simplifies control and prevents potential vulnerabilities from password resets.\u003C\u002Fp>\n\u003Cp>Compatible with: WordPress 6.x and PHP 7.4+\u003C\u002Fp>\n","Enhance the security of your blogs by preventing password reset over email function.",20,2968,100,1,"2024-11-03T13:58:00.000Z","5.0",[54,55,56,57,58],"admin-only-password-control","disable-password-reset","secure-login-management","wordpress-password-security","wordpress-user-security-plugin","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Freset-password-removed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freset-password-removed.1.2.zip","2026-04-16T10:56:18.058Z",{"slug":63,"name":64,"version":6,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":11,"downloaded":69,"rating":11,"num_ratings":11,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":73,"download_link":77,"security_score":78,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":61},"disable-lost-your-password","Disable Lost Your Password","Great Guide Info","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreatguideinfo\u002F","\u003Cp>If you are worried about the security of the wordpress website, then Disable Lost Your Password Plugin can help you with it a little bit.\u003Cbr \u002F>\nWith this plugin you can disable the lost your password option that appears on the WordPress login screen, so that no one can recover the password from the login screen.\u003Cbr \u002F>\nIf you forget your password then you have nothing to worry about. You can change wordpress password from phpMyAdmin, here it has been given full information. [change password Using phpMyAdmin] (https:\u002F\u002Fgoo.gl\u002FFGwvcQ “change password Using phpMyAdmin”).\u003Cbr \u002F>\nAll you have to do is install it on your dashboard and activate it.\u003C\u002Fp>\n\u003Ch3>Help\u003C\u002Fh3>\n\u003Cp>Do you need any help or you are having trouble using the Disable Lost Your Password plugin, or you want to ask something about it, you can contact us by visiting our website. Use this link for this. [Contact developer] (https:\u002F\u002Fgoo.gl\u002F7qa7JH “Contact developer”) or you can send us a mail at admin@greatguideinfo.com.\u003Cbr \u002F>\nWe will complete the answers to your questions.\u003C\u002Fp>\n","License URI: http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html Disable Wordpress Login Screen \"Lost Yoyr Password?\" Option Usign Disable Lost Your P &hellip;",1312,"2018-11-25T10:46:00.000Z","4.9.29","4.4","",[75,63,19,76],"disable","wordpress-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-lost-your-password.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":73,"download_link":101,"security_score":102,"vuln_count":103,"unpatched_count":11,"last_vuln_date":104,"fetched_at":61},"password-policy-manager","Password Policy Manager | Password Manager","2.0.6","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpassword-policy-manager\" rel=\"nofollow ugc\">Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsetup-password-policy-manager-to-enforce-wordpress-password-security\" rel=\"nofollow ugc\">Setup Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fpassword-policy-manager#free-demo\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Enforce Strong and Secure Password Policies with Password Policy Manager\u003C\u002Fh3>\n\u003Cp>The miniOrange \u003Cstrong>Password Policy Manager\u003C\u002Fstrong> plugin helps you enforce strong and secure password policies with features like \u003Cstrong>password reset\u003C\u002Fstrong>, \u003Cstrong>password expiry\u003C\u002Fstrong>, \u003Cstrong>password score\u003C\u002Fstrong>, and \u003Cstrong>strong password rules\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You can manage user passwords efficiently using the user password manager, password strength meter, and history manager to enhance overall password security.\u003Cbr \u002F>\nIn case of a breach, take quick action with one-click password reset, lock inactive users, and enforce random password rules.\u003C\u002Fp>\n\u003Cp>This ensures complete protection by securing passwords, and managing both active and lock inactive users to prevent password-based attacks.\u003Cbr \u002F>\nHave questions? Reach us at \u003Cstrong>mfasupport@xecurify.com\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What is the Password Policy Manager Plugin for WordPress?\u003C\u002Fh3>\n\u003Cp>WordPress plugin for password expiry, strength check, and secure policy enforcement. Easy to install and configure, this Password Security plugin secures your site without disrupting the user experience.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZnwEDbedz1A?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>WordPress PPM Key Features (Free Version)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Enforce strong passwords:\u003C\u002Fstrong> Force all users to create strong passwords according to the password policy set by the admin for high Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-setup-password-policy-setting-wordpress-password-policy-plugin\" rel=\"nofollow ugc\">Users password manager:\u003C\u002Fa>\u003C\u002Fstrong> User password manager allows the admin to manage the users’ passwords (like password strength, how many passwords are strong, etc) to check the Password Security. [password policy setup guide]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforce password change:\u003C\u002Fstrong> Administrators can force users to change their password on their next login using this functionality use to enforce strong passwords on their users and ensure strong Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-one-click-reset-password-setting-wordpress-password-policy-plugin\" rel=\"nofollow ugc\">One click reset password:\u003C\u002Fa>\u003C\u002Fstrong> This feature allows the admin to invalidate the current password and force their users to generate a new strong password. This can be done for all users in case of any breach. This will kill all the current sessions and users will be forced to set a new strong password via email hence reinforcing the Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-password-score-or-password-strength-checker-password-policy\" rel=\"nofollow ugc\">Password Score:\u003C\u002Fa>\u003C\u002Fstrong> It will show all the users’ password strengths. You can check whether the passwords being used are strong, medium or weak. Based on that you can use the enforce strong passwords feature to improve Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-setup-password-expiry-time-wordpress-password-policy-plugin\" rel=\"nofollow ugc\">Auto Password Expiry:\u003C\u002Fa>\u003C\u002Fstrong> This feature allows the admin to enforce a custom time-based password expiry to improve Password Security. Once the password has expired, the users will be forced to create a new password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password strength:\u003C\u002Fstrong> The admin can set the minimum and maximum length of the password. You can also add constraints that you want your users to follow while setting a strong password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Users:\u003C\u002Fstrong> There is no user limit on the password policy manager plugin and it can be used to create password policies for unlimited users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Which Key Features does Password Policy Manager support in the Enterprise Plan?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Role-Based Enforce Strong Password on First Login:\u003C\u002Fstrong> Force specific users roles to create strong passwords according to the password policy set by the admin on their first login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Based One-click password Reset and Logout:\u003C\u002Fstrong> Admin can reset passwords of users at once and terminate their logged-in sessions with just one click in case of any suspicious activity using the One-click reset password. Admin can then send password reset links over email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Redirect URL:\u003C\u002Fstrong> The admin can redirect their users to a different \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-custom-redirect-url-password-policy-manager-on-wordpress\" rel=\"nofollow ugc\">custom URL\u003C\u002Fa> using this functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Active & Inactive Users Activity Log:\u003C\u002Fstrong> The admin can track the activity of all active as well as lock inactive users using this tool of the Password Policy Enterprise plan.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logout Inactive Users:\u003C\u002Fstrong> When this setting is enabled, a user is logged out and their session is destroyed if they are inactive for more than the customizable set time limit.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite:\u003C\u002Fstrong> The Password Policy Manager Enterprise plugin is multisite compatible and can be used to create password policies for an entire multisite network.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>For any customization-related queries, reach us at mfasupport@xecurify.com or call us at +1 9786589387.\u003C\u002Fp>\n\u003Ch3>Upgrade to miniOrange Password Policy Manager Premium Plan for Advanced Security\u003C\u002Fh3>\n\u003Cp>The premium plan of miniOrange WordPress Password Policy Manager gives you complete control over how users can secure passwords, helping you enforce policies across all roles, customize the login experience, and secure even the most complex WordPress setups.\u003C\u002Fp>\n\u003Cp>With the premium \u003Cstrong>Password Policy Manager\u003C\u002Fstrong> plugin offers advanced \u003Cstrong>password security features\u003C\u002Fstrong>, including role-based and user-based password policies. It also supports custom login forms like WooCommerce, Elementor, Ultimate Member, and more.\u003C\u002Fp>\n\u003Ch4>Premium Features List\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-password-policy-role-based\" rel=\"nofollow ugc\">Role-Based and User-Based Password Policies:\u003C\u002Fa>\u003C\u002Fstrong> Admin can set different [role-based as well as user-based policies] and enforce password policy changes to ensure strong Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Based Enforce Strong Password on First Login:\u003C\u002Fstrong> Force a specific set of users to create strong passwords according to the password policy set by the admin on their first login to maintain strong Password Security. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Enforce Password Change:\u003C\u002Fstrong> Administrators can enforce specific sets of roles to change their passwords on their next login using this configuration to enhance Password Security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-one-click-reset-password-policy-role-based\" rel=\"nofollow ugc\">Role-Based One-click password Reset and Logout:\u003C\u002Fa>\u003C\u002Fstrong> Using [one-click reset password])  feature, the admin can reset passwords of all users \u002F particular roles at once and terminate all logged-in sessions with just one click in case of any suspicious activity. Admin can then send the password reset link over email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-generate-random-password\" rel=\"nofollow ugc\">Generate Random Passwords:\u003C\u002Fa>\u003C\u002Fstrong> Generate random passwords generates a random strong password containing all variations to make the password security strong and secure against brute force attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-apply-automatically-lock-inactive-user\" rel=\"nofollow ugc\">Automatically Lock Inactive Users:\u003C\u002Fa>\u003C\u002Fstrong> It will lock the user automatically if the user is inactive for the custom-specified time period. This can be set for particular roles as well as users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fhow-to-set-password-history-management\" rel=\"nofollow ugc\">Password History Manager:\u003C\u002Fa>\u003C\u002Fstrong> It will manage the history of all the recently used passwords for each user, so no user can reuse a previous password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Active Users Activity Log:\u003C\u002Fstrong> The admin can track the activity of all Active Users using this setting of the Password Policy Premium plan.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Login Forms Supported:\u003C\u002Fstrong>  The Premium plan also supports the following custom login forms: WooCommerce, Ultimate Member, Elementor Pro, BBPress, Gravity Forms, Ninja Forms, Buddy Press, User Registration, User Pro, MemberPress, and many others.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Single Site:\u003C\u002Fstrong> The Password Policy Manager Premium plugin is single-site compatible and can be used to create password policies on only one site at a time.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch3>Why You Need to Register with miniOrange\u003C\u002Fh3>\n\u003Cp>Some advanced features in the \u003Cstrong>Password Policy Manager\u003C\u002Fstrong> plugin, like one-click password reset and random password generation.\u003Cbr \u002F>\nCore functionalities such as enforcing strong password policies, password expiry, password history, and locking inactive users work without registration.\u003C\u002Fp>\n\u003Cp>Customized solutions and active support for the miniOrange Password Policy Manager plugin are available. Email us at mfasupport@xecurify.com or call us at +1 9786589387.\u003C\u002Fp>\n","Enforce strong passwords with expiry, reset, score checks, inactive user lock, and user password management using Password Policy Manager.",6000,95476,88,14,"2025-10-20T08:18:00.000Z","6.8.5","4.6","5.3.0",[96,97,98,99,100],"password-security","password-strength","reset-password","secure-password","strong-password","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-policy-manager.2.0.6.zip",97,2,"2025-10-24 18:09:09",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":49,"num_ratings":115,"last_updated":116,"tested_up_to":92,"requires_at_least":93,"requires_php":117,"tags":118,"homepage":120,"download_link":121,"security_score":36,"vuln_count":103,"unpatched_count":11,"last_vuln_date":122,"fetched_at":61},"bdvs-password-reset","Password Reset with Code for WordPress REST API","0.0.17","dominic_ks","https:\u002F\u002Fprofiles.wordpress.org\u002Fdominic_ks\u002F","\u003Cp>A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process:\u003C\u002Fp>\n\u003Col>\n\u003Cli>User requests a password reset. A code is emailed to their registered email address\u003C\u002Fli>\n\u003Cli>The user enters the code when setting a new password, which is only set if the code is valid and has not expired\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>It is also possible to check the validity of a code without resetting the password which enables the possibility of setting the password by other means, or having a two stage process for checking the code and resetting the password if desired.\u003C\u002Fp>\n\u003Cp>Default settings are to use an 8 digit code consisting of numbers, upper and lower case letters and special characters, which has a life span of 15 minutes, afterwhich a new code would need to be requested. By default a user can attempt to use or validate a code up to 3 times before automatically invalidating it.\u003C\u002Fp>\n\u003Ch3>Endpoints\u003C\u002Fh3>\n\u003Cp>The plugin adds two new endpoints to the REST API:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Endpoint: \u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Freset-password\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fset-password\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003Cbr \u002F>\n— password\u003Cbr \u002F>\n— code\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cem>\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fvalidate-code\u003C\u002Fem>\u003Cbr \u002F>\n— HTTP Verb: POST\u003Cbr \u002F>\n— Parameters (\u003Cstrong>all required\u003C\u002Fstrong>):\u003Cbr \u002F>\n— email\u003Cbr \u002F>\n— code\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Example Requests (jQuery)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Freset-password',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fset-password',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n    code: '1234',\n    password: 'Pa$$word1',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>$.ajax({\n  url: '\u002Fwp-json\u002Fbdpwr\u002Fv1\u002Fvalidate-code',\n  method: 'POST',\n  data: {\n    email: 'example@example.com',\n    code: '1234',\n  },\n  success: function( response ) {\n    console.log( response );\n  },\n  error: function( response ) {\n    console.log( response );\n  },\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Example Success Responses (JSON)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"A password reset email has been sent to your email address.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"Password reset successfully.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"data\": {\n        \"status\": 200\n    },\n    \"message\": \"The code supplied is valid.\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Example Error Responses (JSON)\u003C\u002Fh3>\n\u003Ch3>Reset Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_email\",\n    \"message\": \"No user found with this email address.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Set New Password\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_request\",\n    \"message\": \"You must request a password reset code before you try to set a new password.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Validate Code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"code\": \"bad_request\",\n    \"message\": \"The reset code provided is not valid.\",\n    \"data\": {\n        \"status\": 500\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>A number of WordPress filters have been added to help customise the process, please feel free to request additional filters or submit a pull request with any that you required.\u003C\u002Fp>\n\u003Ch3>Filter the length of the code\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_length' , function( $length ) {\n  return 4;\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter Expiration Time\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_expiration_seconds' , function( $seconds ) {\n  return 900;\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the date format used by the plugin to display expiration times\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwd_date_format' , function( $format ) {\n  return 'H:i';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the reset email subject\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_email_subject' , function( $subject ) {\n  return 'Password Reset';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the email content\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_code_email_text' , function( $text , $email , $code , $expiry ) {\n  return $text;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter maximum attempts allowed to use a reset code, default is 3, -1 for unlimmited\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_max_attempts' , function( $attempts ) {\n  return 3;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter whether to include upper and lowercase letters in the code as well as numbers, default is false\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_include_letters' , function( $include ) {\n  return false;\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the characters to be used when generating a code, you can use any string you want, default is 0123456789\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_selection_string' , function( $string ) {\n  return '0123456789';\n}, 10 , 4 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter the WP roles allowed to reset their password with this plugin, default is any, example below shows removing administrators\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_allowed_roles' , function( $roles ) {\n\n  $key = array_search( 'administrator' , $roles );\n\n  if( $key !== false ) {\n    unset( $roles[ $key ] );\n  }\n\n  return $roles;\n\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Filter to add custom namespace for REST API\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>add_filter( 'bdpwr_route_namespace' , function( $route_namespace ) {\n  return 'xyz\u002Fv1';\n}, 10 , 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon \u002F banner image by \u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fphotos\u002FCWL6tTDN31w\" rel=\"nofollow ugc\">Sincerely Media\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process:",1000,18276,10,"2025-06-05T15:06:00.000Z","5.4",[19,119],"wp-api","https:\u002F\u002Fwww.bedevious.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbdvs-password-reset.0.0.17.zip","2025-08-28 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":92,"requires_at_least":136,"requires_php":73,"tags":137,"homepage":138,"download_link":139,"security_score":34,"vuln_count":103,"unpatched_count":11,"last_vuln_date":140,"fetched_at":61},"emergency-password-reset","Emergency password reset","9.4","andy_moyle","https:\u002F\u002Fprofiles.wordpress.org\u002Fandy_moyle\u002F","\u003Cp>This plugin does 3 things\u003Cbr \u002F>\n1) It will check you don’t have a username called “admin” which is asking to be hacked\u003Cbr \u002F>\n2) It will allow you to reset all passwords, with an password reset link sent to all users to warn them.\u003Cbr \u002F>\nFollowing a couple of reviews from v7.0 the plugin will allow you to set the email from address, name, subject and message\u003Cbr \u002F>\n3) You can also change the SALTS which forces a logout of all users.\u003C\u002Fp>\n","This plugin allows the admin to reset all the passwords and automatically email out the link to reset",800,28208,68,12,"2025-11-24T12:02:00.000Z","2.7.0",[124],"http:\u002F\u002Fwww.themoyles.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femergency-password-reset.zip","2025-09-22 00:00:00",{"attackSurface":142,"codeSignals":187,"taintFlows":195,"riskAssessment":196,"analyzedAt":202},{"hooks":143,"ajaxHandlers":179,"restRoutes":180,"shortcodes":181,"cronEvents":182,"entryPointCount":11,"unprotectedCount":11},[144,150,154,158,160,164,167,171,175],{"type":145,"name":146,"callback":147,"file":148,"line":149},"filter","cron_schedules","rp_add_custom_intervals","randomize-password.php",86,{"type":151,"name":152,"callback":153,"file":148,"line":36},"action","rp_wp_schedule","rp_schedule_password",{"type":151,"name":155,"callback":156,"file":148,"line":157},"show_user_profile","rp_user_settings",99,{"type":151,"name":159,"callback":156,"file":148,"line":49},"edit_user_profile",{"type":151,"name":161,"callback":162,"file":148,"line":163},"personal_options_update","rp_save_user_settings",106,{"type":151,"name":165,"callback":162,"file":148,"line":166},"edit_user_profile_update",107,{"type":151,"name":168,"callback":169,"file":148,"line":170},"admin_menu","rp_plugin_page",116,{"type":151,"name":172,"callback":173,"file":148,"line":174},"admin_init","rp_settings_page_init",117,{"type":151,"name":176,"callback":177,"priority":115,"file":148,"line":178},"update_option_rp_options","rp_update_schedule",118,[],[],[],[183,185],{"hook":152,"callback":152,"file":148,"line":184},142,{"hook":152,"callback":152,"file":148,"line":186},729,{"dangerousFunctions":188,"sqlUsage":189,"outputEscaping":191,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":103,"bundledLibraries":194},[],{"prepared":11,"raw":11,"locations":190},[],{"escaped":192,"rawEcho":11,"locations":193},6,[],[],[],{"summary":197,"deductions":198},"The \"randomize-password\" v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis.  The absence of dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), and proper output escaping are significant strengths.  Furthermore, the plugin has no recorded vulnerabilities, including CVEs, and no known critical or high-severity issues, indicating a history of stable and secure development.  The limited attack surface, with no AJAX handlers, REST API routes, or shortcodes, further contributes to its security.  The presence of capability checks on the two cron events is also a positive indicator of controlled execution.  However, a notable absence is the lack of nonce checks, which is a concern for any entry point, even if currently none are identified as unprotected.  The complete absence of taint analysis results is unusual and could indicate either a very small and simple plugin or a limitation in the analysis performed, preventing the identification of potential indirect vulnerabilities.",[199],{"reason":200,"points":201},"Missing nonce checks",5,"2026-03-17T06:22:40.238Z",{"wat":204,"direct":209},{"assetPaths":205,"generatorPatterns":206,"scriptPaths":207,"versionParams":208},[],[],[],[],{"cssClasses":210,"htmlComments":211,"htmlAttributes":224,"restEndpoints":227,"jsGlobals":228,"shortcodeOutput":229},[],[212,213,214,215,216,217,218,219,220,221,222,223],"Intruders aren't allowed.","Plugin Core Class","Holds the values to be used throughout the plugin","You know what this method is don't you :o ?","Initialization","Plugin Activation - This method will be executed when the plugin will be activated.","Plugin Deactivation - This method will be executed when the plugin will be deactivated.","Adding custom time intervals - This method will add new time intervals like weekly and monthly which\n         * are not present in WordPress cron intervals by default.","Scheduling - This method will be added to the cron schedule hook","Randomize Password User Settings - This method will add Randomize Password's user related setting on the user profile page.","Saving Randomize Password User Settings - This method will save the settings according to user's selection.","Notification to the User with new generated password",[225,226],"data-toggle","data-target",[],[],[],{"error":231,"url":232,"statusCode":233,"statusMessage":234,"message":234},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Frandomize-password\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":236},[]]