Does ShieldGate have any unpatched vulnerabilities?

No. All known vulnerabilities in ShieldGate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ShieldGate compatible with WordPress 6.9.4?

According to WordPress.org data, ShieldGate 1.0.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is ShieldGate updated?

ShieldGate was last updated on Feb 13, 2026. Frequent updates are generally a positive security signal.

What is ShieldGate's security score?

ShieldGate has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ShieldGate Security & Risk Analysis

wordpress.org/plugins/shieldgate

Protect your site by hiding the login page with a secret slug and limiting failed login attempts.

0 active installs v1.0.3 PHP + WP 5.0+ Updated Feb 13, 2026

hide-loginlimit-loginloginprotectsecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is ShieldGate Safe to Use in 2026?

Generally Safe

Score 100/100

ShieldGate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "shieldgate" v1.0.3 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified entry points in AJAX handlers, REST API routes, shortcodes, or cron events significantly reduces the attack surface. Furthermore, the code demonstrates excellent security practices by utilizing prepared statements for all SQL queries and properly escaping all output. The presence of a nonce check is also a positive sign. There are no recorded vulnerabilities in its history, indicating a stable and potentially secure development process.

However, the lack of capability checks on any potential entry points (even though none were found) represents a missed opportunity for defense in depth. While the current analysis shows no flows reaching sensitive functions, the absence of these checks could become a risk if the attack surface expands in future versions. The bundling of Freemius v1.0, while not explicitly stated as outdated, carries an inherent risk as bundled libraries can become vectors for vulnerabilities if not actively maintained and updated.

Overall, "shieldgate" v1.0.3 appears to be a secure plugin with well-implemented basic security measures. The primary areas for improvement lie in adding capability checks for enhanced defense and ensuring the bundled Freemius library is kept up-to-date. The current data suggests minimal immediate risk, but vigilance regarding bundled dependencies and potential future attack surface expansion is recommended.

Key Concerns

Bundled Freemius v1.0 library
Missing capability checks on entry points

Vulnerabilities

None known

ShieldGate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ShieldGate Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

100% escaped12 total outputs

Attack Surface

ShieldGate Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionwp_login_failedclass-shieldgate-security-handler.php:40

actionlogin_headclass-shieldgate-security-handler.php:41

actionadmin_menuclass-shieldgate-security-handler.php:42

actionadmin_initclass-shieldgate-security-handler.php:43

actioninitclass-shieldgate-security-handler.php:44

Maintenance & Trust

ShieldGate Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 13, 2026

PHP min version

Downloads138

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ShieldGate Alternatives

Titan Anti-spam & Security

anti-spam

Block spam comments, defend against login attempts, and strengthen site security with anti-spam, brute-force protection, and two-factor authentication …

60K 3 CVEs

WPOrLogin – Custom Login, Social Login, Limit Attempts, Hide Login & reCAPTCHA

wporlogin

100

Stop installing 7 plugins! WPOrLogin is the All-in-One Suite: Custom Login Design, Social Login (Google), Hide Login URL, Limit Attempts & reCAPTCHA.

2K No CVEs

WPHH SECURE – AIO WordPress Security With File Locking & WP Hide Login

wphhsecure

100

Secure your WordPress site with one-click file locking, login path hiding, role-based access, and smart dashboard visibility.

70 No CVEs

Anti-Brute Force, Login Fraud Detector WordPress plugin

anti-brute-force-login-fraud-detector

Anti-Brute Force, Login Fraud Detector Wordpress plugin is a security plugin that detects and blocks malicious IP addresses attempting to log into Wor …

40 No CVEs

Simple Login Guard – Monitor & Block Attempts

simple-login-guard

100

Monitor failed login attempts and automatically block IPs after multiple failures. Lightweight and easy to use.

0 No CVEs

Developer Profile

ShieldGate Developer Profile

damcen123

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ShieldGate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/shieldgate/assets/css/shieldgate-admin-style.css/wp-content/plugins/shieldgate/assets/js/shieldgate-admin-script.js/wp-content/plugins/shieldgate/assets/js/shieldgate-frontend.js

Script Paths

/wp-content/plugins/shieldgate/assets/js/shieldgate-admin-script.js/wp-content/plugins/shieldgate/assets/js/shieldgate-frontend.js

Version Parameters

shieldgate/assets/css/shieldgate-admin-style.css?ver=shieldgate/assets/js/shieldgate-admin-script.js?ver=shieldgate/assets/js/shieldgate-frontend.js?ver=

HTML / DOM Fingerprints

FAQ