[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fX88g8iigf6qB1u4hLu-qfCFf6hnK7eC1ABnzBqjajYc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":143,"fingerprints":218},"secure-wp-admin","Secure WP Admin","1.4.2","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>Want to lock your WP-admin login screen with some PIN to make it more secure? Then this is the right plugin. Using Secure WP Admin you can lock your wp-admin login form with a seceret PIN just to make it little more secure.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set password to protect your wp-admin login screen.\u003C\u002Fli>\n\u003Cli>Set your own logo or use default logo.\u003C\u002Fli>\n\u003Cli>Change placeholder text for Secure WP Admin login form.\u003C\u002Fli>\n\u003Cli>Change Submit button label for Secure WP Admin’s login form.\u003C\u002Fli>\n\u003Cli>Change Error text for Secure WP Admin’s login form.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>Will be available soon.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are looking for WordPress Securtiy Maintenace, use our Free WP SECURE MAINTENANCE plugin.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-secure-maintainance\u002F\" rel=\"ugc\">WP SECURE MAINTENANCE\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Interested in contributing to Secure WP Admin?\u003C\u002Fstrong>\u003Cbr \u002F>\nHead over to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002FSecure-WP-Admin\" rel=\"nofollow ugc\">Secure WP Admin \u003Cstrong>GitHub Repository\u003C\u002Fstrong>\u003C\u002Fa> to find out how you can pitch in 😉\u003C\u002Fp>\n","Want to lock your WP-admin login screen with some PIN to make it more secure? Then this is the right plugin.",80,5238,0,"2024-11-01T08:16:00.000Z","6.6.5","4.0","",[19,4,20],"secure-admin","site-security","https:\u002F\u002Fwpexperts.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecure-wp-admin.1.4.2.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"saadiqbal",84,1428520,96,287,76,"2026-04-03T19:57:23.698Z",[36,60,84,106,124],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"lockdown-wp-admin","Lockdown WP Admin","2.3.2","Sean Fisher","https:\u002F\u002Fprofiles.wordpress.org\u002Fsean212\u002F","\u003Cp>This plugin will hide WordPress Admin (\u002Fwp-admin\u002F) when a user isn’t logged in. If a user isn’t logged in and they attempt to access WP Admin directly, they will be unable to and it will return a 404. It can also rename the login URL.\u003C\u002Fp>\n\u003Cp>Also, you can add HTTP authentication directly from WP Admin and add custom username\u002Fpassword combinations for the HTTP auth or use the WordPress credentials.\u003C\u002Fp>\n\u003Cp>This doesn’t touch any .htaccess files or change the WordPress core files. All the CSS\u002FImages under \u002Fwp-admin\u002F are still accessible, just not the .php ones.\u003C\u002Fp>\n\u003Cp>If you enable HTTP authentication, it will add HTTP authentication to the PHP files in \u002Fwp-admin\u002F.\u003C\u002Fp>\n\u003Cp>To contribute to the development, check out \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsrtfisher\u002FLockdown-WPAdmin\" rel=\"nofollow ugc\">the GitHub Repository\u003C\u002Fa>.\u003C\u002Fp>\n","Lockdown WP Admin conceals the administration and login screen from intruders. It can hide WordPress Admin (\u002Fwp-admin\u002F) and and login (\u002Fwp-login.",10000,340310,78,54,"2017-11-28T06:00:00.000Z","4.3.34","3.6",[52,53,54,55,56],"lockdown","secure","security","vulnerability","website-security","http:\u002F\u002Fseanfisher.co\u002Flockdown-wp-admin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flockdown-wp-admin.2.3.2.zip",85,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":44,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":13,"last_vuln_date":83,"fetched_at":25},"protect-wp-admin","Protect WP Admin","4.2","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>Protect WP Admin adds an extra security layer to your WP site by allowing you to rename and secure the wp-admin and wp-login.php URLs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change default admin URL (e.g., \u002Fwp-admin to \u002Fmyadmin)\u003C\u002Fli>\n\u003Cli>Restrict access to dashboard by roles or specific user IDs\u003C\u002Fli>\n\u003Cli>Customize login page colors and logo\u003C\u002Fli>\n\u003Cli>Block access to default login URLs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Stop bots and hackers from brute-forcing your login page. This plugin is ideal for any site looking to increase login security without modifying core files.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video Demo:\u003C\u002Fstrong>\u003Cbr \u002F>\nhttps:\u002F\u002Fyoutu.be\u002FMxr2MLDNACE\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Add-on Available:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro\" rel=\"nofollow ugc\">Click here to download add-on\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Define Custom WP Admin Login URL (e.g., http:\u002F\u002Fyourdomain.com\u002Fmyadmin)\u003C\u002Fli>\n\u003Cli>Add custom logo and styling to login page\u003C\u002Fli>\n\u003Cli>Restrict wp-admin access to only admin or defined user IDs\u003C\u002Fli>\n\u003Cli>Redirect all unauthorized users and bots\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Rename wp-admin completely\u003C\u002Fli>\n\u003Cli>Set login attempt limits\u003C\u002Fli>\n\u003Cli>Track login history\u003C\u002Fli>\n\u003Cli>Change usernames\u003C\u002Fli>\n\u003Cli>More style controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Get the Pro Version:\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=15off\" rel=\"nofollow ugc\">Protect WP Admin Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n","Protect your WP site by changing the default wp-admin URL and customizing the login page for enhanced security.",533784,72,50,"2026-02-05T17:04:00.000Z","6.9.4","6.0",[75,76,77,19,78],"admin-url","hack-prevention","protect-admin","secure-login","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fprotect-wp-admin-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprotect-wp-admin.4.2.zip",93,4,"2025-12-15 00:00:00",{"slug":85,"name":86,"version":87,"author":7,"author_profile":8,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":69,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":101,"download_link":102,"security_score":103,"vuln_count":104,"unpatched_count":13,"last_vuln_date":105,"fetched_at":25},"wp-secure-maintainance","WP Secure Maintenance","1.7","\u003Cp>Want to lock your site for Maintenance or Development? Then this is the right Plugin. Using WP Secure Maintenance you can lock the whole site with a seceret PIN.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set password to protect your site for maintenance or development\u003C\u002Fli>\n\u003Cli>Set your own logo or use default logo\u003C\u002Fli>\n\u003Cli>Change placeholder text for WP Secure Maintenance login form\u003C\u002Fli>\n\u003Cli>Change Submit button label for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003Cli>Change Error text for WP Secure Maintenance’s login form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Docs & Support\u003C\u002Fh4>\n\u003Cp>Will be available soon.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you are looking for WordPress Admin Security, use our Free WP SECURE ADMIN plugin.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecure-wp-admin\u002F\" rel=\"ugc\">WP SECURE ADMIN\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Interested in contributing to WP Secure Maintenance\u003C\u002Fstrong>\u003Cbr \u002F>\nHead over to the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpexpertsio\u002FWP-Secure-Maintainance\" rel=\"nofollow ugc\">WP Secure Maintenance \u003Cstrong>GitHub Repository\u003C\u002Fstrong>\u003C\u002Fa> to find out how you can pitch in 😉\u003C\u002Fp>\n","Want to lock your site for Maintenance or Development? Then this is the right Plugin",1000,56320,5,"2024-06-20T07:15:00.000Z","6.5.8","5.2","7.0",[98,99,100,20],"development","maintenance","maintenance-lock","https:\u002F\u002Fwpexperts.io\u002Fproducts\u002Fwp-secure-maintenance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-secure-maintainance.1.7.zip",91,1,"2024-06-21 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":104,"last_updated":117,"tested_up_to":72,"requires_at_least":16,"requires_php":96,"tags":118,"homepage":17,"download_link":123,"security_score":116,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"ip-blocker-lite","IP & Country Blocker Lite","3.0.0","Nurul Islam","https:\u002F\u002Fprofiles.wordpress.org\u002Ffaqnurul\u002F","\u003Cp>IP & Country Blocker Lite is a comprehensive WordPress security plugin that provides multiple layers of protection for your website. Block unwanted visitors based on IP addresses or countries, and add an extra layer of security with two-factor authentication (2FA).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>IP Address Blocking\u003C\u002Fstrong>: Block or allow specific IP addresses, IP ranges, or subnets\u003Cbr \u002F>\n* \u003Cstrong>Country-Based Blocking\u003C\u002Fstrong>: Restrict access based on visitors’ countries\u003Cbr \u002F>\n* \u003Cstrong>Two-Factor Authentication\u003C\u002Fstrong>: Secure admin logins with email-based 2FA or authenticator apps\u003Cbr \u002F>\n* \u003Cstrong>Recovery Codes\u003C\u002Fstrong>: Backup access codes for account recovery\u003Cbr \u002F>\n* \u003Cstrong>Emergency Recovery\u003C\u002Fstrong>: Generate secure recovery URLs to disable the plugin if locked out\u003Cbr \u002F>\n* \u003Cstrong>Advanced Security Dashboard\u003C\u002Fstrong>: Monitor blocked attempts and security events\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Benefits:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Protect against spam, bots, and malicious traffic\u003Cbr \u002F>\n* Prevent brute force attacks on admin login\u003Cbr \u002F>\n* Block entire countries or regions\u003Cbr \u002F>\n* Easy-to-use admin interface with real-time monitoring\u003Cbr \u002F>\n* Lightweight and fast performance\u003Cbr \u002F>\n* No external dependencies for core functionality\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Management:\u003C\u002Fstrong>\u003Cbr \u002F>\n* One-click blocking\u002Funblocking\u003Cbr \u002F>\n* Intuitive admin panel with tabbed interface\u003Cbr \u002F>\n* Real-time activity logs\u003Cbr \u002F>\n* Bulk operations support\u003Cbr \u002F>\n* Custom blocked page templates\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Monitoring & Analytics:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Track blocked IP attempts\u003Cbr \u002F>\n* View country-wise access statistics\u003Cbr \u002F>\n* Monitor security events\u003Cbr \u002F>\n* Export blocking rules\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy & Compliance:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Uses free IP-API.com service for geolocation\u003Cbr \u002F>\n* No personal data storage\u003Cbr \u002F>\n* GDPR compliant\u003Cbr \u002F>\n* Respects user privacy\u003C\u002Fp>\n\u003Ch3>Data Collection & Privacy\u003C\u002Fh3>\n\u003Cp>For transparency, here’s what data the plugin collects and why:\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Essential Data Collection (Always Required for Functionality):\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>IP Addresses\u003C\u002Fstrong>: Collected for security blocking and geolocation features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Enable IP\u002Fcountry blocking, security monitoring, and access control\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Storage\u003C\u002Fstrong>: Temporary (not stored in database, only processed in memory)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third Parties\u003C\u002Fstrong>: Sent to IP-API.com for country lookup (free service)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Country Information\u003C\u002Fstrong>: Derived from IP addresses via geolocation\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Enable country-based blocking and access statistics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Storage\u003C\u002Fstrong>: Not stored permanently (only used for blocking decisions)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Third Parties\u003C\u002Fstrong>: Retrieved from IP-API.com (free geolocation service)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>Optional Data Collection (Only with User Consent):\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Plugin Usage Statistics\u003C\u002Fstrong>: Anonymous plugin performance data\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Improve plugin quality and fix bugs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: Plugin version, WordPress version, PHP version, activation date\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Storage\u003C\u002Fstrong>: Remote server (only if user consents)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: Completely anonymous, no personal identifiers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Feedback\u003C\u002Fstrong>: Plugin reviews and feedback submissions\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Understand user needs and improve features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Collected\u003C\u002Fstrong>: Feedback text, rating, plugin version, PHP version\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Storage\u003C\u002Fstrong>: Remote server (only if user consents)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: Anonymous feedback, no personal data required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy\u003C\u002Fstrong>: http:\u002F\u002Fcodecanvasbd\u002Fprivacy-policy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>Data Collection Controls:\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Consent Required\u003C\u002Fstrong>: Optional data collection requires explicit user consent\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Opt-out\u003C\u002Fstrong>: Users can decline consent at any time\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Automatic Collection\u003C\u002Fstrong>: No data sent without user permission\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Transparent Process\u003C\u002Fstrong>: Clear consent modal explains what data is collected\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>Third-Party Services:\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>IP-API.com\u003C\u002Fstrong>: Free geolocation service for country detection\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: Visitor IP addresses\u003C\u002Fli>\n\u003Cli>Purpose: Determine visitor country for blocking features\u003C\u002Fli>\n\u003Cli>Privacy: IP-API.com privacy policy applies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remote Analytics Server\u003C\u002Fstrong> (optional, consent required):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: Anonymous usage statistics\u003C\u002Fli>\n\u003Cli>Purpose: Plugin improvement and support\u003C\u002Fli>\n\u003Cli>Privacy: No personal data, fully anonymous\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>GDPR Compliance:\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✅ No personal data storage without consent\u003C\u002Fli>\n\u003Cli>✅ Clear consent mechanisms\u003C\u002Fli>\n\u003Cli>✅ Easy opt-out options\u003C\u002Fli>\n\u003Cli>✅ Transparent data practices\u003C\u002Fli>\n\u003Cli>✅ Data minimization principles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>IP & Country Blocking:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Block specific IP addresses or ranges (CIDR notation supported)\u003Cbr \u002F>\n* Block entire countries or allow only specific countries\u003Cbr \u002F>\n* Whitelist important IPs for access\u003Cbr \u002F>\n* Real-time blocking with immediate effect\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two-Factor Authentication (2FA):\u003C\u002Fstrong>\u003Cbr \u002F>\n* Email-based 2FA for easy setup\u003Cbr \u002F>\n* Authenticator app support (Google Authenticator, Authy, etc.)\u003Cbr \u002F>\n* Recovery codes for account access\u003Cbr \u002F>\n* Secure code generation and validation\u003Cbr \u002F>\n* Admin email verification\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Emergency Recovery System:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Generate secure recovery URLs to disable plugin if locked out\u003Cbr \u002F>\n* Time-limited recovery hashes (24 hours expiration)\u003Cbr \u002F>\n* One-click plugin deactivation via recovery URL\u003Cbr \u002F>\n* Secure hash verification to prevent unauthorized access\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Admin Interface:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Modern, responsive dashboard\u003Cbr \u002F>\n* Tabbed navigation for easy access\u003Cbr \u002F>\n* Real-time statistics and charts\u003Cbr \u002F>\n* Activity logs with filtering\u003Cbr \u002F>\n* Bulk operations for efficiency\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Monitoring:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Track blocked access attempts\u003Cbr \u002F>\n* Country-wise visitor statistics\u003Cbr \u002F>\n* Failed login monitoring\u003Cbr \u002F>\n* Security event logging\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance Optimized:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Lightweight codebase\u003Cbr \u002F>\n* Minimal database queries\u003Cbr \u002F>\n* Fast IP lookups\u003Cbr \u002F>\n* Caching support\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses the IP-API.com service to detect the user’s location based on their IP address.\u003Cbr \u002F>\n– \u003Cstrong>Service\u003C\u002Fstrong>: IP-API.com (http:\u002F\u002Fip-api.com)\u003Cbr \u002F>\n– \u003Cstrong>Purpose\u003C\u002Fstrong>: IP geolocation for country-based blocking\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: User’s IP address only\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: http:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003Cbr \u002F>\n– \u003Cstrong>Data Storage\u003C\u002Fstrong>: No personal data is stored by this plugin\u003C\u002Fp>\n\u003Cp>The plugin works without this service but country blocking features will be limited.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, bug reports, or feature requests:\u003Cbr \u002F>\n– \u003Cstrong>WordPress.org Support Forum\u003C\u002Fstrong>: https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fip-blocker-lite\u002F\u003Cbr \u002F>\n– \u003Cstrong>GitHub Issues\u003C\u002Fstrong>: Report bugs and request features\u003Cbr \u002F>\n– \u003Cstrong>Email\u003C\u002Fstrong>: Contact through WordPress.org profile\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Contributions are welcome! Please feel free to submit pull requests or open issues on GitHub.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Developer\u003C\u002Fstrong>: Nurul Islam (faqnurul)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Icons\u003C\u002Fstrong>: Dashicons (WordPress)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Geolocation\u003C\u002Fstrong>: IP-API.com (free tier)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Charts\u003C\u002Fstrong>: Chart.js library\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003Cbr \u002F>\nLicense URI: http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Cp>Take control of your website’s security and protect it from unwanted visitors with IP & Country Blocker Lite!\u003C\u002Fp>\n","Advanced WordPress security plugin with IP\u002Fcountry blocking and two-factor authentication for comprehensive website protection.",300,1883,100,"2026-01-05T16:17:00.000Z",[119,120,121,122,56],"country-blocker","ip-blocker","login-security","two-factor-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fip-blocker-lite.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":104,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":17,"tags":138,"homepage":141,"download_link":142,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"recaptcha-for-login-and-registration","Recaptcha for Login and registration","1.14","Gilblas Ngunte Possi","https:\u002F\u002Fprofiles.wordpress.org\u002Fempoweringprowebsite\u002F","\u003Cp>Recaptcha for Login and registration is a plugin that enables users to add captcha on their login and registration page. The whole idea with this plugin is to allow users to safely permit their subscribers or customers to create an account on their websites. I do believe that it will widely contribute to stopping spammers from creating and accounting on users’ WordPress websites remotely. The plugin is currently available in English, but the code is translation ready. At a glance, the plugin will do the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>An administrator can get Recaptcha v3 API Key and secret from Google\u003C\u002Fli>\n\u003Cli>The administrator can add the API information by visiting the plugin setting at settings -> prositecaptcha\u003C\u002Fli>\n\u003Cli>It the API is added, then the plugin will automatically protect the login and registration page against spams.\u003C\u002Fli>\n\u003Cli>Users will see the Recaptcha v3 badge at the bottom of the page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In the upcoming release, we intend to add more Recaptcha versions and more options.\u003C\u002Fp>\n\u003Cp>A few notes about how to get recaptcha v3:\u003C\u002Fp>\n\u003Cp>To get Recaptcha v3, you need to do the following steps:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Visit the website https:\u002F\u002Fwww.google.com\u002Frecaptcha\u003C\u002Fli>\n\u003Cli>If you have a Gmail account, log in to gain access to the Recaptcha dashboard\u003C\u002Fli>\n\u003Cli>In case you don’t have one, you may need to create one.\u003C\u002Fli>\n\u003Cli>Once you are on the dashboard, click on the plus sign to your right just after the setting icon.\u003C\u002Fli>\n\u003Cli>At this point, you will have to fill the form with some necessary pieces of information. Information requested are, for example, your email, websites, the title of your captcha and the version of the captcha you want to use.\u003C\u002Fli>\n\u003Cli>Remember to select version 3 in this case.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Recaptcha for Login and registration\u003C\u002Fh3>\n\u003Cp>Adds Google reCAPTCHA to login and registration pages to improve security and prevent spam.\u003C\u002Fp>\n\u003Ch3>What is a captcha?\u003C\u002Fh3>\n\u003Cp>A captcha is a program intended to distinguish human from machine input. Most of the time, spam will study your website using the programming language. Once they find forms, they will use code to submit information without being physically present in front of computers. As a result, you could receive a lot of unsolicited emails or have users that are not real “customers.” In some extreme cases, spammers find a way to hack your website when it is not protected.\u003C\u002Fp>\n\u003Ch3>Is Google Recaptcha the only option for website protection?\u003C\u002Fh3>\n\u003Cp>No, Google Recaptcha is not the only option. There are many types of captcha among which Math problems, WordPress problems. In my opinion, Google Recaptcha is the most popular.\u003C\u002Fp>\n\u003Ch3>3- Why Google Recaptcha V3?\u003C\u002Fh3>\n\u003Cp>Google Recaptcha v3 is the latest version. One of the particularities of that version is that it does not necessarily appear to all users. Unlike version 2 that all the users had to select the checkbox before accessing the website. The V3 would popup the box, unlike if the system suspects that there is spam.\u003C\u002Fp>\n","Recaptcha for Login and registration is a plugin that enables users to add captcha on their login and registration page. The whole idea with this plug &hellip;",200,4387,20,"2024-12-01T12:17:00.000Z","6.7.5","4.9",[139,140,56],"recaptcha","spam","https:\u002F\u002Fwww.prositeweb.ca\u002Fen\u002Fgoogle-recaptcha-for-wordpress-login-registration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecaptcha-for-login-and-registration.zip",{"attackSurface":144,"codeSignals":191,"taintFlows":211,"riskAssessment":212,"analyzedAt":217},{"hooks":145,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":190,"entryPointCount":13,"unprotectedCount":13},[146,151,156,158,161,164,168,172,177,180,183],{"type":147,"name":148,"callback":149,"file":150,"line":92},"action","carbon_fields_register_fields","wsa_attach_theme_options","includes\\class-swpa-plugin-settings.php",{"type":147,"name":152,"callback":153,"priority":154,"file":155,"line":29},"wp_enqueue_scripts","enqueue_styles",10,"includes\\class-swpa-plugin-template.php",{"type":147,"name":152,"callback":157,"priority":154,"file":155,"line":59},"enqueue_scripts",{"type":147,"name":159,"callback":159,"priority":154,"file":155,"line":160},"admin_enqueue_scripts",87,{"type":147,"name":159,"callback":162,"priority":154,"file":155,"line":163},"admin_enqueue_styles",88,{"type":147,"name":165,"callback":166,"priority":13,"file":155,"line":167},"init","load_localisation",95,{"type":147,"name":169,"callback":170,"file":171,"line":134},"after_setup_theme","carbon_fields_boot_plugin","includes\\option_fields\\carbon-fields-plugin.php",{"type":147,"name":173,"callback":174,"file":175,"line":176},"admin_head","setup","includes\\option_fields\\core\\Libraries\\Plugin_Update_Warning\\Plugin_Update_Warning.php",19,{"type":147,"name":178,"callback":157,"file":175,"line":179},"admin_footer",33,{"type":147,"name":178,"callback":181,"file":175,"line":182},"closure",38,{"type":147,"name":165,"callback":184,"priority":134,"file":185,"line":186},"swpa_display_security_form","includes\\swpa_functions.php",113,[],[],[],[],{"dangerousFunctions":192,"sqlUsage":193,"outputEscaping":195,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":210},[],{"prepared":13,"raw":13,"locations":194},[],{"escaped":92,"rawEcho":196,"locations":197},8,[198,201,203,204,205,206,208,209],{"file":175,"line":199,"context":200},41,"raw output",{"file":175,"line":202,"context":200},69,{"file":185,"line":163,"context":200},{"file":185,"line":163,"context":200},{"file":185,"line":163,"context":200},{"file":185,"line":207,"context":200},94,{"file":185,"line":31,"context":200},{"file":185,"line":116,"context":200},[],[],{"summary":213,"deductions":214},"The \"secure-wp-admin\" plugin v1.4.2 exhibits a strong security posture based on the provided static analysis. The complete absence of entry points like AJAX handlers, REST API routes, shortcodes, and cron events, coupled with a lack of dangerous functions, file operations, and external HTTP requests, significantly limits the potential attack surface. Furthermore, the fact that all identified SQL queries (though none are present in this analysis) would use prepared statements is a positive indicator of secure database interaction practices. The vulnerability history shows no known CVEs, which is excellent and suggests a well-maintained codebase over time.\n\nHowever, a notable concern arises from the output escaping analysis, where only 38% of the 13 identified outputs are properly escaped. This suggests a potential for Cross-Site Scripting (XSS) vulnerabilities if user-supplied data or dynamic content is directly outputted without adequate sanitization. The absence of nonce checks and capability checks on any identified entry points (though there are none) is not a direct risk given the current attack surface, but it's a practice that would be a significant concern if entry points were present. The lack of taint analysis results is also peculiar; ideally, some flows would be analyzed to confirm the absence of unsanitized paths. Overall, while the plugin's minimal attack surface is a major strength, the unescaped output is the primary weakness that requires attention.",[215],{"reason":216,"points":196},"Low output escaping (38%)","2026-03-16T21:25:08.517Z",{"wat":219,"direct":232},{"assetPaths":220,"generatorPatterns":225,"scriptPaths":226,"versionParams":227},[221,222,223,224],"\u002Fwp-content\u002Fplugins\u002Fsecure-wp-admin\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fsecure-wp-admin\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fsecure-wp-admin\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fsecure-wp-admin\u002Fassets\u002Fjs\u002Fadmin.js",[],[],[228,229,230,231],"secure-wp-admin\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","secure-wp-admin\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","secure-wp-admin\u002Fassets\u002Fcss\u002Fadmin.css?ver=","secure-wp-admin\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":233,"htmlComments":235,"htmlAttributes":236,"restEndpoints":237,"jsGlobals":238,"shortcodeOutput":239},[234],"swpa_plugin_template",[],[],[],[],[]]