[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVNSMwYp2HEzUFQ7c7BfyfC90oUszw9FEzm4WkDOZ8Oc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":15,"requires_at_least":16,"requires_php":15,"tags":17,"homepage":15,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":152,"fingerprints":176},"referer-spam-blocker","Referer Spam Blocker","0.4","WP Maintainer","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmaintainer\u002F","\u003Cp>Referer spam has been growing and clogging up website analytics data (such as Google Analytics) with fraudulent traffic statistics. Millions of users are reporting issues and it has become a major nuisance.\u003C\u002Fp>\n\u003Cp>Block these malicious sites easily. All major referer spam domains blocked out of the box and you can customize the domain keyword lists to block any domains you wish. Brought to you by the team of WordPress experts at WP Maintainer.\u003C\u002Fp>\n","Block\u002Fblacklist known (and custom) spam referring domains at the WordPress level with an HTTP 403 Forbidden page.",80,3397,60,2,"","4.2",[18,19,20,21,22],"block","domain","referer","referer-spam","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freferer-spam-blocker.zip",100,0,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"wpmaintainer",90,93,30,89,"2026-04-04T01:08:53.511Z",[37,61,83,102,126],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":24,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":58,"download_link":59,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"email-and-domain-blocker","Email and Domain Blocker for WooCommerce","1.1","Kaleem Abbasi","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaleemabbasi\u002F","\u003Cp>Tired of fake signups and spam accounts in your WooCommerce store?\u003Cbr \u002F>\n\u003Cstrong>Email and Domain Blocker for WooCommerce\u003C\u002Fstrong> lets you block unwanted emails or domains from registering — keeping your store clean and your customers real.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Block specific email addresses (e.g. \u003Ccode>baduser@gmail.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Block entire domains (e.g. \u003Ccode>@spam.com\u003C\u002Fcode>)\u003Cbr \u002F>\n* Wildcard support (e.g. \u003Ccode>*@gmail.com\u003C\u002Fcode>, \u003Ccode>*@*.ru\u003C\u002Fcode>)\u003Cbr \u002F>\n* Test Email Checker (instantly check if an email is allowed or blocked)\u003Cbr \u002F>\n* Optional logging of blocked attempts\u003Cbr \u002F>\n* Logs tab to view, clear, and download blocked attempts as CSV\u003Cbr \u002F>\n* Simple admin UI with usage examples\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use cases:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Stop spam signups with disposable or free mail services\u003Cbr \u002F>\n* Block competitors or fraud-prone domains\u003Cbr \u002F>\n* Restrict registrations to company emails only\u003C\u002Fp>\n","Block emails or domains from WooCommerce signups. Supports wildcards, logging, CSV export, and test email checker.",300,2068,3,"2025-09-03T21:51:00.000Z","6.6.5","5.8","7.2",[53,54,55,56,57],"domain-blocker","email-blocker","registration","spam-prevention","woocommerce","https:\u002F\u002Fkaleemabbasi.com\u002Femail-and-domain-blocker-for-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-and-domain-blocker.1.1.zip","2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":45,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":15,"tags":75,"homepage":80,"download_link":81,"security_score":82,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"wp-block-referral-spam","Block Referral Spam","1.2.1","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwpdeveloper.net\u002F\" rel=\"nofollow ugc\">WPDeveloper.net\u003C\u002Fa> brings ‘Block Referral Spam’ for all WordPress user for free.\u003C\u002Fp>\n\u003Cp>This plugins blocks the most number of Referral Spams. Now no more notice from Google and no more weird report in Google Analytics.\u003C\u002Fp>\n\u003Cp>Its super simple to use, nothing to setup, just install and activate the plugin, we will protect from 375+ separate domain (thanks to the user contribution) that spam your Google Analytics. This domain list is always increasing and biggest list available online.\u003C\u002Fp>\n\u003Cp>You could give feedback to us directly, and suggest new spam domain, \u003Ca href=\"https:\u002F\u002Fwpdeveloper.net\u002Fgo\u002FBRS-UO\" rel=\"nofollow ugc\">click here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Here is our \u003Ca href=\"https:\u002F\u002Fwpdeveloper.net\u002Fgo\u002FBlog-BRS-A1\" rel=\"nofollow ugc\">blog post\u003C\u002Fa>, on how to get Top Referrer right from your WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Check Our Other Plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-analytify\u002F\" rel=\"ugc\">Analytify – Ultimate Google Analytics Dashboard\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftwitter-cards-meta\u002F\" rel=\"ugc\">Twitter Cards Meta\u003C\u002Fa>\u003C\u002Fstrong> \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpdeveloper.net\u002Ffree-plugin\u002Fwp-scheduled-posts\u002F\" rel=\"nofollow ugc\">WP Scheduled Posts\u003C\u002Fa>\u003C\u002Fstrong> \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffacebook-secret-meta\u002F\" rel=\"ugc\">Facebook Secret Meta\u003C\u002Fa>\u003C\u002Fstrong> \u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-author-report-free\u002F\" rel=\"ugc\">WP Author Report Free\u003C\u002Fa>\u003C\u002Fstrong> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Contribute in GitHub!!\u003C\u002Fstrong>\u003Cbr \u002F>\n  Contribute in GitHub. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FARCommunications\u002FBlock-Referral-Spam\" rel=\"nofollow ugc\">Click here\u003C\u002Fa>!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>This plugin is a great example of OpenSource community. Pull request are very welcome and usually accepted within 24hr. Together we fight with evil spam bot.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Don’t get confused with the term \u003Cem>Referrer Spam\u003C\u002Fem> or \u003Cem>Referral Spam\u003C\u002Fem> or \u003Cem>Referer Spam\u003C\u002Fem>. Google basically calls it \u003Cem>Referral Traffic\u003C\u002Fem>. It’s all mean the same thing.\u003C\u002Fp>\n\u003Ch3>Donation\u003C\u002Fh3>\n\u003Cp>You could use our free & pro plugins fro link below.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fwpdeveloper.net\u002F\u003C\u002Fp>\n","This plugins blocks maximum Referral Spams. Now no more notice from Google and no more weird report in Google Analytics.",9296,82,9,"2017-06-08T21:58:00.000Z","4.8.28","2.5.0",[76,21,77,78,79],"google-analytics-referral-spam","referral-spam","referral-traffic","referrer-spam","https:\u002F\u002Fwpdeveloper.net\u002Ffree-plugin\u002Fblock-referral-spam\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-block-referral-spam.1.2.1.zip",85,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":24,"downloaded":91,"rating":24,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":15,"requires_php":15,"tags":95,"homepage":100,"download_link":101,"security_score":82,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":60},"block-email-formidable-form","Blacklist Unwanted Email – Formidable Forms","1.0","abahalkar","https:\u002F\u002Fprofiles.wordpress.org\u002Fabahalkar\u002F","\u003Ch4>Description\u003C\u002Fh4>\n\u003Cp>Blacklist Unwanted Email – Formidable Forms plugin is designed to restrict Blacklisted, Spam, Generic and Competitor Email domains preventing your valuable downloadable resources or limiting registrations on your website blogs. It’s allow you to allow only business email for form submissions. The plugin is Free and allows blacklisting of around 4750+ free and unwanted domains. Whether you have a small startup or an established online portal you can use our plugin to restrict your undesired subscribers.\u003C\u002Fp>\n\u003Cp>Through Formidable Form – Blacklist unwanted emails plugin, site admin can manage email field validation. Create a list of unwanted email domains that could cause a validation error and block them e.g. Gmail.com, Yahoo.com, Live.com or YourCompetitorsDomain.com, etc.\u003C\u002Fp>\n\u003Cp>Default settings can be added in the ‘Blacklist Unwanted Email – Formidable Forms plugin’ > Enter ‘Email field ID list to validate’ > Enter ‘Error message text’ > Enter ‘Domains list to be blacklist’ followed by a comma.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Restrict free domains (e.g. gmail.com, yahoo.com, etc.) from registrations and submissions.\u003C\u002Fli>\n\u003Cli>Block to registrations and submissions from a specific form.\u003C\u002Fli>\n\u003Cli>Block a specific email field in case there are multiple email fields in the form.\u003C\u002Fli>\n\u003Cli>Inbuilt plugin functionalities offers blacklisting around 4750+ free and spam domains. \u003C\u002Fli>\n\u003Cli>Restrict your competitors from access & spying to your valuable resources.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details please visit [Official website:] ( \u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwppffal\" rel=\"nofollow ugc\"> http:\u002F\u002Fwpstudio.org \u003C\u002Fa> )\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Here is a demo link for this plugin:\u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwppffdl\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Enjoy! And please don’t forget to rate us and ask for support if you face any troubles.\u003C\u002Fp>\n","This is a free add-on plugin for Formidable Forms , which validates the email field and restrict unwanted email submission as well as allowed only bus &hellip;",2334,1,"2019-10-17T19:43:00.000Z","5.3.21",[96,97,98,99,22],"blacklist-email-domain-for-formidable-forms","block-email","block-email-domain-for-formidable-forms","formidable-forms","http:\u002F\u002Fwpstudio.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-email-formidable-form.1.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":124,"vuln_count":14,"unpatched_count":25,"last_vuln_date":125,"fetched_at":60},"email-address-encoder","Email Address Encoder","1.0.24","Till Krüss","https:\u002F\u002Fprofiles.wordpress.org\u002Ftillkruess\u002F","\u003Cp>A lightweight plugin that protects plain email addresses and mailto links from email-harvesting robots, by encoding them into decimal and hexadecimal entities. Has an effect on the posts, pages, comments, excerpts, text widgets and other filtered content. Works without JavaScript — just simple spam protection.\u003C\u002Fp>\n\u003Cp>To see whether all your email addresses are properly protected, use the free \u003Ca href=\"https:\u002F\u002Fencoder.till.im\u002Fscanner?utm_source=wp-plugin&utm_medium=readme\" rel=\"nofollow ugc\">page scanner\u003C\u002Fa> tool.\u003C\u002Fp>\n\u003Cp>Other content (like phone numbers) can be protected using \u003Ccode>[encode]\u003C\u002Fcode> shortcode:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[encode]+1 (555) 123-4567[\u002Fencode]\n[encode link=\"tel:+15551234567\"]+1 (555) 123-4567[\u002Fencode]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full-page protection\u003C\u002Fstrong> that catches all email addresses\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hardened protection\u003C\u002Fstrong> using JavaScript and CSS techniques\u003C\u002Fli>\n\u003Cli>Improved \u003Cstrong>phone number\u003C\u002Fstrong> protection\u003C\u002Fli>\n\u003Cli>Built-in plugin support for \u003Cstrong>ACF\u003C\u002Fstrong>, \u003Cstrong>Jetpack\u003C\u002Fstrong>, \u003Cstrong>WooCommerce\u003C\u002Fstrong> and many others\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check out the \u003Ca href=\"https:\u002F\u002Fencoder.till.im\u002Fdownload?utm_source=wp-plugin&utm_medium=readme\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> version of Email Address Encoder.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcoderisk.com\u002Fwp\u002Fplugin\u002Femail-address-encoder\u002FRIPS-r0bJqKvBws\" rel=\"nofollow ugc\">\u003C\u002Fa>\u003C\u002Fp>\n","A lightweight plugin that protects email addresses from email-harvesting robots, by encoding them into decimal and hexadecimal entities.",100000,1552799,84,160,"2025-01-20T21:35:00.000Z","6.7.5","2.0","5.3",[18,119,120,121,22],"crawler","encryption","protection","https:\u002F\u002Fencoder.till.im\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-address-encoder.1.0.24.zip",91,"2024-08-26 00:00:00",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":136,"num_ratings":137,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":147,"download_link":148,"security_score":149,"vuln_count":150,"unpatched_count":25,"last_vuln_date":151,"fetched_at":60},"iq-block-country","iQ Block Country","1.2.26","Pascal","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqpascal\u002F","\u003Cp>iQ Block Country is a plugin that allows you to limit access to your website content. You can either allow or disallow visitors from defined countries to (parts of) your content.\u003C\u002Fp>\n\u003Cp>For instance if you have content that should be restricted to a limited set of countries you can do so.\u003Cbr \u002F>\nIf you want to block rogue countries that cause issues like for instance hack attempts, spamming of your comments etc you can block them as well.\u003C\u002Fp>\n\u003Cp>Do you want secure your WordPress Admin backend site to only your country? Entirely possible! You can even block all countries and only allow your ip address.\u003C\u002Fp>\n\u003Cp>And even if you block a country you can still allow certain visitors by putting their ip address on the allow list just like you can allow a country but put ip addresses on the block list from that country.\u003C\u002Fp>\n\u003Cp>You can show blocked visitors a message which you can style by using CSS or you can redirect them to a page within your WordPress site. Or you can redirect the visitors to an external website.\u003C\u002Fp>\n\u003Cp>You can (dis)allow visitors to blog articles, blog categories or pages or all content.\u003C\u002Fp>\n\u003Cp>Stop visitors from doing harmful things on your WordPress site or limit the countries that can access your blog. Add an additional layer of security to your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin uses the GeoLite database from Maxmind. It has a 99.5% accuracy so that is pretty good for a free database. If you need higher accuracy you can buy a license from MaxMind directly.\u003Cbr \u002F>\nIf you cannot or do not want to download the GeoIP database from Maxmind you can use the GeoIP API website available on https:\u002F\u002Fwebence.net\u002F\u003Cbr \u002F>\nIf you want to use the GeoLite database from Maxmind you will have to download the GeoIP database from MaxMind directly and upload it to your site.\u003Cbr \u002F>\nThe WordPress license does not allow this plugin to download the MaxMind Geo database for you.\u003C\u002Fp>\n\u003Cp>Please be aware that although this plugin can help you greatly with reducing the number of ‘bad’ visitors on your website it is not fool proof and those who really want to visit your site may find a away.\u003Cbr \u002F>\nThis is not a security issue but a simple fact of today. Nobody can guarantee you 100% security as it is a constant battle between the good guys and the bad guys.\u003C\u002Fp>\n\u003Cp>If you are sure your webhosting or yourself does not use any form of caching or proxying we recommend setting the “Override IP information” on the Home tab to REMOTE_ADDR\u003C\u002Fp>\n\u003Cp>Do you need help with this plugin? Please email support@webence.net.\u003C\u002Fp>\n\u003Ch4>GDPR Information\u003C\u002Fh4>\n\u003Cp>This plugin stores data about your visitors in your local WordPress database. The number of days this data is stores can be configured on the settings page. You can also disable logging any data.\u003C\u002Fp>\n\u003Cp>Data which is stored of blocked visitors:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>IP Address\u003C\u002Fli>\n\u003Cli>Date and time of the visit\u003C\u002Fli>\n\u003Cli>URL that was requested\u003C\u002Fli>\n\u003Cli>Country of the IP address\u003C\u002Fli>\n\u003Cli>If the block happened on your backend or your frontend\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Data which is stored on non blocked visitors:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Nothing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you allow tracking (yeah if you do!) you share some information with us. This is only the IP address of a blocked request on your backend. No other information is send and only the IP address is logged on our systems to gather how many times that IP address have attempted to login to a backend. We do not log which site was visited or which URL just only the IP address So we cannot lead an ip address back to a specific website or user. If an IP address is not blocked again within a month we will remove the IP address from the list.\u003C\u002Fp>\n\u003Cp>If you use the GeoIP API service you send the IP address of your visitor to one of our servers. This IP Address is however in no way stored at our servers and only used to convert it to a country id.\u003C\u002Fp>\n\u003Ch4>Using this plugin with a caching plugin\u003C\u002Fh4>\n\u003Cp>Please note that many of the caching plugins are not compatible with this plugin. The nature of caching is that a dynamically build web page is cached into a static page.\u003Cbr \u002F>\n If a visitor is blocked this plugin sends header data where it supplies info that the page should not be cached. Many plugins however disregard this info and cache the page or the redirect. Resulting in valid visitors receiving a message that they are blocked. This is not a malfunction of this plugin.\u003C\u002Fp>\n\u003Cp>Disclaimer: No guarantees are made but after some light testing the following caching plugins seem to work: Comet Cache, WP Super Cache\u003Cbr \u002F>\nPlugins that do NOT work: W3 Total Cache, Hyper cache, WPRocket\u003C\u002Fp>\n\u003Cp>Warning: Caching & Geo Blocking do not work well together.\u003C\u002Fp>\n\u003Cp>In the best case scenario countries or IP’s you want to block get served a page from cache and when visiting non cached pages they get blocked. This is due to the fact when pages are served from cache the iQ Block Country plugin does not get started and can’t do it’s job.\u003C\u002Fp>\n\u003Cp>If the caching plugin however ignores the caching headers you risk the chance that the block message gets cached and everyone gets to see they are blocked even the countries that you did not block.\u003C\u002Fp>\n\u003Cp>If you’re fine with blocked countries getting served the page from cache then you’re fine using the iQ Block Country plugin.\u003C\u002Fp>\n\u003Cp>If you’re not you should disable either the cache or the Geo Blocking. Or search for another solution outside WordPress (for instance by using the Varnish software) where you can GeoBlock at a caching level.\u003C\u002Fp>\n\u003Ch3>GeoIP API\u003C\u002Fh3>\n\u003Cp>For your convenience we offer a GeoIP API service. This API is not mandatory to use as you can always use the free MaxMind GeoIP Database.\u003C\u002Fp>\n\u003Cp>If you do not want or can’t go through the hassle of updating your MaxMind GeoIP database we provide an API service to convert the IP address of your visitors to a country.\u003C\u002Fp>\n\u003Cp>If you decide to purchase an GeoIP API Key via https:\u002F\u002Fwebence.net you’ll get an eMail with your API Key (License Key).\u003Cbr \u002F>\nOnce you enter this key in your iQ Block Country settings your license key will be validated at our API service and a the nearest API server to you will be chosen. To do this your website will contact all API servers once to request\u003Cbr \u002F>\nan empty file.\u003C\u002Fp>\n\u003Cp>Once you use the API service the IP address of your visitors and your API key are send to one of the API servers and converted to a country. The plugin checks if the visitor should be blocked based on that country or not.\u003C\u002Fp>\n\u003Cp>What is logged on our end?\u003Cbr \u002F>\n* Upon validation of your license key your request will be logged in our webserver logs. (This will be the IP address of your webserver).\u003Cbr \u002F>\n* Upon checking an IP address of your visitor this IP address is only used to convert it to the country it belongs to and is not logged. We have no way to link a visitors IP address to your website.\u003Cbr \u002F>\n  What is logged is your API Key and the Website URL making the request.\u003C\u002Fp>\n\u003Cp>If you decide to purchase the GeoIP API key your chosen payment account will be charged by on a time basis. This subscription will not renew itself unless you subscribed to our service prior to September 2024.\u003C\u002Fp>\n\u003Cp>Privacy policy regarding this service specific can be found here: https:\u002F\u002Fwebence.nl\u002Fwp-content\u002Fuploads\u002F2022\u002F06\u002FPrivacy-Policy-Webence-API.pdf\u003C\u002Fp>\n\u003Ch3>MaxMind Database Usage\u003C\u002Fh3>\n\u003Cp>This plugin uses the Free version of the MaxMind GeoIP2 Country Database. You can also use the paid version but will have to make sure it is uploaded to the same location with the filename of Free database.\u003C\u002Fp>\n\u003Cp>MaxMind Terms of Use: https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Fterms-of-use\u003Cbr \u002F>\nMaxMind Privacy Policy: https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Fprivacy-policy\u003C\u002Fp>\n","Allow or disallow visitors from certain countries accessing (parts of) your website",20000,1194369,78,163,"2026-03-13T14:42:00.000Z","6.9.4","3.5.2","7.4",[143,18,144,145,146],"ban-countries","block-countries","block-spam","geoblocking","https:\u002F\u002Fwebence.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiq-block-country.1.2.26.zip",99,5,"2022-09-26 00:00:00",{"attackSurface":153,"codeSignals":159,"taintFlows":167,"riskAssessment":168,"analyzedAt":175},{"hooks":154,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":25,"unprotectedCount":25},[],[],[],[],[],{"dangerousFunctions":160,"sqlUsage":161,"outputEscaping":163,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":166},[],{"prepared":25,"raw":25,"locations":162},[],{"escaped":164,"rawEcho":25,"locations":165},14,[],[],[],{"summary":169,"deductions":170},"Based on the provided static analysis and vulnerability history, the \"referer-spam-blocker\" plugin v0.4 exhibits a very strong security posture. The analysis reveals an exceptionally clean codebase with no identified dangerous functions, no direct SQL queries (all prepared statements), and complete output escaping. Furthermore, there are no file operations or external HTTP requests, minimizing potential attack vectors.\n\nThe absence of any identified CVEs, past or present, coupled with the clean code signals, suggests a proactive and secure development approach for this version. The plugin also appears to have a minimal attack surface, with zero AJAX handlers, REST API routes, shortcodes, or cron events, all of which are reported as unprotected. This lack of entry points significantly reduces the opportunities for attackers.\n\nWhile the plugin's current state is highly commendable and demonstrates excellent security practices, the complete lack of capability checks and nonce checks on its (hypothetical) entry points, if they were to exist, could be a minor concern in scenarios where functionality might be added in future versions without proper security considerations. However, given the current zero attack surface, this is purely a theoretical point. In its current state, the plugin appears to be extremely secure.",[171,173],{"reason":172,"points":150},"No nonce checks on entry points",{"reason":174,"points":150},"No capability checks on entry points","2026-03-16T21:23:32.103Z",{"wat":177,"direct":186},{"assetPaths":178,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[179,180],"\u002Fwp-content\u002Fplugins\u002Freferer-spam-blocker\u002Fincludes\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Freferer-spam-blocker\u002Fincludes\u002Fjs\u002Fadmin-script.js",[],[180],[184,185],"\u002Fwp-content\u002Fplugins\u002Freferer-spam-blocker\u002Fincludes\u002Fcss\u002Fadmin-style.css?ver=","\u002Fwp-content\u002Fplugins\u002Freferer-spam-blocker\u002Fincludes\u002Fjs\u002Fadmin-script.js?ver=",{"cssClasses":187,"htmlComments":188,"htmlAttributes":189,"restEndpoints":190,"jsGlobals":191,"shortcodeOutput":192},[],[],[],[],[],[]]