[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7Pr2VmyYmwVb2RFNBvPoz0bH99XfWB0IqVDxQI4dbIA":3,"$fvU8lLdESTLkqYzyBlODyWKSTU0kqVaJx4XWXVY0ISi4":252,"$faxtZQfh0-QKP6VXbDtGRAxfKwDTUVjZPh4P_rOway58":257},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":136,"fingerprints":228},"signed-posts","Signed Posts","0.5","Marc Armengou","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarc4\u002F","\u003Cp>Signed Posts allows authors to sign posts, assuring content integrity. Signature verification proves post-signing alteration hasn’t occurred.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>In-browser verification:\u003C\u002Fstrong> The signature verification is done on the client side (in the visitor’s browser).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Methods:\u003C\u002Fstrong> OpenPGP (ASCII-armored detached signature) and DID (did:key, did:web) using Ed25519 detached JWS (b64=false).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Source of trust:\u003C\u002Fstrong> For OpenPGP, the author specifies the URL of their public key in their profile. For DID, the author sets their DID (did:key or did:web). For did:web, the plugin fetches \u003Ccode>https:\u002F\u002F\u003Chost>\u002F.well-known\u002Fdid.json\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Status block:\u003C\u002Fstrong> An informative block is automatically added to the end of each signed article, showing the verification status (valid, invalid, or error).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Author badge:\u003C\u002Fstrong> The author name in posts is enhanced with an icon and KeyID\u002Ffingerprint text.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Source Code and Libraries\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>OpenPGP.js\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Cstrong>Version:\u003C\u002Fstrong> 6.2.2\u003Cbr \u002F>\n* \u003Cstrong>License:\u003C\u002Fstrong> LGPL-3.0-or-later\u003Cbr \u002F>\n* \u003Cstrong>Public Source Code:\u003C\u002Fstrong> https:\u002F\u002Fgithub.com\u002Fopenpgpjs\u002Fopenpgpjs\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Web Crypto API\u003C\u002Fstrong>\u003Cbr \u002F>\n* Used to verify Ed25519 signatures for DID.\u003C\u002Fp>\n","Signed Posts allows authors to sign posts, assuring content integrity. Signature verification proves post-signing alteration hasn't occurred.",0,308,"2026-03-07T18:29:00.000Z","6.9.4","6.9","8.2",[18,19,20,21,22],"did","openpgp","security","signature","verification","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsigned-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsigned-posts.0.5.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"marc4",5,280,30,94,"2026-05-20T10:11:52.422Z",[38,59,80,96,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":25,"downloaded":46,"rating":25,"num_ratings":47,"last_updated":48,"tested_up_to":14,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":57,"download_link":58,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"24tt-document-verifier","24TT Document Verifier","2.0.0","24 Tech Time (U) Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002F24techtime\u002F","\u003Cp>The \u003Cstrong>24TT Document Verifier\u003C\u002Fstrong> is a powerful, enterprise-grade solution designed for institutions, universities, businesses, and government bodies globally to prove the authenticity of their issued documents.\u003C\u002Fp>\n\u003Cp>By embedding a secure verification portal directly into your WordPress website, you instantly protect your institution’s credibility and prevent the dissemination of counterfeit certificates, fake ID cards, and forged official letters.\u003C\u002Fp>\n\u003Ch3>🚀 What’s New in Version 2.0.0? (The Architecture Overhaul)\u003C\u002Fh3>\n\u003Cp>Version 2.0.0 represents a massive leap forward in security, performance, and user experience, completely rebuilding the engine to meet global enterprise standards.\u003Cbr \u002F>\n* \u003Cstrong>The “Kill Switch” (Global Settings):\u003C\u002Fstrong> Instant, granular control over your data. Easily toggle which document categories (e.g., hiding internal ‘Receipts’ while keeping ‘Certificates’ public) are accessible via the public search portal.\u003Cbr \u002F>\n* \u003Cstrong>Native File Uploads:\u003C\u002Fstrong> Ditch the manual URLs. V2.0.0 integrates directly with the native WordPress Media Library, allowing you to visually upload and attach PDF or JPG files to any document record.\u003Cbr \u002F>\n* \u003Cstrong>Dynamic UI Customizer:\u003C\u002Fstrong> Change the frontend search label (e.g., from “Enter Document ID:” to “Enter Employee ID:”) instantly from the Settings dashboard, without touching a single line of code.\u003Cbr \u002F>\n* \u003Cstrong>The “Clean Workspace” Engine:\u003C\u002Fstrong> A brand new, Elementor-style premium admin dashboard that actively suppresses third-party marketing banners and popups, giving you a pristine, professional workspace.\u003Cbr \u002F>\n* \u003Cstrong>Smart Front-End Rendering:\u003C\u002Fstrong> The verification results panel has been completely redesigned into a beautiful, modern success card that intelligently hides empty data fields for a flawless user presentation.\u003Cbr \u002F>\n* \u003Cstrong>Bulletproof Shortcode Tools:\u003C\u002Fstrong> Re-engineered JavaScript ensures your shortcode copy buttons work flawlessly across all modern browsers and aggressive caching environments.\u003Cbr \u002F>\n* \u003Cstrong>Strict Security:\u003C\u002Fstrong> Upgraded Role-Based Access Control (RBAC) ensures only authorized administrators (\u003Ccode>manage_ttdvr_documents\u003C\u002Fcode>) can access the verification database.\u003C\u002Fp>\n\u003Ch3>Core Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom Verification Database:\u003C\u002Fstrong> Easily manage thousands of verifiable documents (Certificates, Transcripts, MOUs, Invoices) directly within a secure WordPress interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Data Fields:\u003C\u002Fstrong> Store exact details including Verification ID, Recipient Name, Grade\u002FPerformance, Issuing Authority, Expiration Dates, and PDF links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Upload Tool:\u003C\u002Fstrong> Massively accelerate your workflow. Add 10, 50, or 100 documents to the database simultaneously with dynamic, auto-expanding data rows.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend Verification Portal:\u003C\u002Fstrong> Paste the \u003Ccode>[ttdvr_verify_document]\u003C\u002Fcode> shortcode on any page to instantly deploy a beautiful, responsive search form for your users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Category Segmentation:\u003C\u002Fstrong> Organize records effortlessly (e.g., 2024 Graduates, Staff IDs, Corporate Contracts) using custom taxonomy tags.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Empower your stakeholders, employers, and partners to confirm the legitimacy of your documents with absolute confidence.\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>The ultimate enterprise-grade document verification system. Securely issue and verify certificates, ID cards, letters, and receipts directly on your WordPress website.\u003C\u002Fp>\n","The 24TT Document Verifier is a powerful, enterprise-grade solution designed for institutions, universities, businesses, and government bodies globall …",1066,1,"2026-03-09T02:09:00.000Z","5.8","",[52,53,54,55,56],"authenticity","certificate-validation","document-verification","enterprise-security","portal","https:\u002F\u002Fwordpress.24techtime.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F24tt-document-verifier.2.0.0.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":25,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":50,"download_link":79,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"email-otp-login-with-default-login-form","Email OTP Login with default login form","1.0.3","Lalit Yadav","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebnotics\u002F","\u003Cp>This plugin enhances the default WordPress login security by adding a One-Time Password (OTP) verification step via email:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Users log in with their regular email\u002Fusername and password.\u003C\u002Fli>\n\u003Cli>If credentials are valid, an OTP is generated and emailed to the user.\u003C\u002Fli>\n\u003Cli>A popup is shown on the same login page (\u003Ccode>wp-login.php\u003C\u002Fcode>) to enter the OTP.\u003C\u002Fli>\n\u003Cli>Once the correct OTP is entered, the user is logged in.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To help you get started, there’s a comprehensive video tutorial available that guides you through the process of setting.\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FAZ6w1lkltOI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Secure login via OTP sent to user’s email.\u003C\u002Fli>\n\u003Cli>Role-based OTP enforcement.\u003C\u002Fli>\n\u003Cli>Uses native wp-login.php form — no custom forms required.\u003C\u002Fli>\n\u003Cli>Session-based OTP handling for security.\u003C\u002Fli>\n\u003Cli>Expiring OTP (default: 40 seconds).\u003C\u002Fli>\n\u003Cli>No third-party dependencies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donate\u003C\u002Fh3>\n\u003Cp>If you find this plugin useful and want to support its development, you can make a donation via the following link:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdonate.stripe.com\u002F3cI5kE7sv6ex30s5LB5kk2x\" rel=\"nofollow ugc\">Donate Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Your donation helps to ensure that this plugin remains free and receives regular updates!\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The plugin development was supported by [webnotics], [sumitkamboj53]. Contributions and feedback are always welcome.\u003C\u002Fp>\n\u003Ch3>Documentation and Support\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwebnotics.org\u002Femail-otp-login-with-default-login-form\u002F\" title=\"documentation\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nFor detailed documentation, visit https:\u002F\u002Fwebnotics.org\u002Femail-otp-login-with-default-login-form\u002F\u003Cbr \u002F>\nFor support, please contact us at \u003Ca href=\"mailto:support@webnotics.solutions\" rel=\"nofollow ugc\">support@webnotics.solutions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003C\u002Fp>\n","Adds email OTP (One-Time Password) verification after valid login credentials on the default wp-login.php form for added security.",40,761,6,"2025-08-05T04:08:00.000Z","6.8.5","5.0","7.2",[75,76,77,20,78],"email-verification","login","otp","two-factor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-otp-login-with-default-login-form.1.0.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":34,"downloaded":88,"rating":89,"num_ratings":47,"last_updated":90,"tested_up_to":71,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":50,"download_link":95,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"email-otp-login","Email OTP Login","1.0.0","Tushar Sharma","https:\u002F\u002Fprofiles.wordpress.org\u002Fricheal\u002F","\u003Cp>Email OTP Login adds an additional layer of security to your WordPress site by requiring users to verify an OTP sent to their email after entering their username and password. This ensures that only users with access to the registered email can log in.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email OTP verification during \u003Cstrong>login\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>OTP expires in 5 minutes (configurable).\u003C\u002Fli>\n\u003Cli>OTP stored securely using WordPress password hashing.\u003C\u002Fli>\n\u003Cli>Works with the default WordPress login form.\u003C\u002Fli>\n\u003Cli>Uses WordPress built-in \u003Ccode>wp_mail()\u003C\u002Fcode> function (works with SMTP plugins).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin does \u003Cstrong>not modify WordPress core files\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 or later.\u003C\u002Fp>\n\u003Cp>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n","Adds OTP (One-Time Password) verification after login for enhanced security in WordPress. OTP is sent to the user's email.",469,60,"2025-08-29T18:30:00.000Z","6.3","7.4",[75,76,77,20,94],"two-factor-authentication","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-otp-login.1.0.0.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":25,"num_ratings":47,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":50,"tags":109,"homepage":114,"download_link":115,"security_score":116,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"advertsafe","advertSAFE Site Seal","1.1","weptile","https:\u002F\u002Fprofiles.wordpress.org\u002Fweptile\u002F","\u003Cp>The dedicated plugin site: \u003Ca href=\"http:\u002F\u002Fwww.plugin-site-seal.com\u002F\" title=\"advertSAFE dedicated plugin site\" rel=\"nofollow ugc\">Plugin-Site-Seal.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Our main website: \u003Ca href=\"http:\u002F\u002FadvertSAFE.com\u002F\" title=\"advertSAFE main website\" rel=\"nofollow ugc\">advertSAFE.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The advertSAFE site seal plugin is a simple and perfect FREE solution to add instant trust to a website and users. We also pay 25% commission from any new member sign ups through your seal.\u003C\u002Fp>\n\u003Cp>We verify the identity of ordinary internet users and advertisers across the globe. Are users who they say they are? Are they a scammer? Criminal? Really a man or woman? If you don’t ask yourself these questions, your site visitors and potential members certainly do!\u003C\u002Fp>\n\u003Cp>What if you can dispel these fears in one easy step? What if you could provide peace of mind for your site visitors and users?\u003C\u002Fp>\n\u003Cp>Display the advertSAFE partner site seal on your website. This naturally gains more trust and encourages people to become advertSAFE verified. Watch general user confidence, trust and your site’s reputation grow.\u003C\u002Fp>\n\u003Cp>Who can use this site seal?\u003Cbr \u002F>\nThe site seal is perfect for community and listings based websites to promote trust for the site and users. Ideal for forums, classified ad sites, online dating, holiday home rental and any site where users can advertise or create a user profile.\u003C\u002Fp>\n\u003Cp>How do I earn money from the site seal?\u003Cbr \u002F>\nOnce you have installed the plugin and the site seal is clearly visible throughout your site. Complete a short form in the plugin settings and we will email you a code to place in a field within settings.\u003C\u002Fp>\n\u003Cp>advertSAFE pays 25% commission on sales with no cookie expiry. This includes membership fees or upgrades. Any partner site joining us through your site seal will also earn you 10% override commission from their sales, so make sure your site seal is positioned well throughout your website.\u003C\u002Fp>\n","Add trust to your website and users with the advertSAFE site seal plugin. Plus earn 25% commission from any new member sign ups through your seal.",10,4394,"2013-10-01T09:18:00.000Z","3.6.1","3.3",[110,111,112,20,113],"check-id","free-site-seal","id-verification","site-seal","http:\u002F\u002Fwww.weptile.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvertsafe.1.1.2.zip",85,{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":104,"downloaded":125,"rating":25,"num_ratings":47,"last_updated":126,"tested_up_to":14,"requires_at_least":127,"requires_php":92,"tags":128,"homepage":133,"download_link":134,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":135},"authyo-otp-for-contact-form-7","Authyo OTP for Contact Form 7","1.0.23","Konceptwise Digital Media Pvt Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fkonceptwise\u002F","\u003Cp>\u003Cstrong>Authyo OTP for Contact Form 7\u003C\u002Fstrong> adds one-time password (OTP) verification to Contact Form 7 forms, ensuring that only verified users can submit entries.\u003C\u002Fp>\n\u003Cp>The plugin supports OTP delivery via \u003Cstrong>Email, SMS, WhatsApp, and Voice Call\u003C\u002Fstrong>, helping reduce spam, prevent fake submissions, and improve overall form security.\u003C\u002Fp>\n\u003Cp>It also includes a \u003Cstrong>per-form redirect option\u003C\u002Fstrong>, allowing site owners to redirect users to a thank-you page or any custom URL after a successful and verified form submission.\u003C\u002Fp>\n\u003Cp>This plugin is an \u003Cstrong>independent add-on for Contact Form 7\u003C\u002Fstrong>, developed and maintained by \u003Cstrong>Konceptwise Digital Media Pvt. Ltd.\u003C\u002Fstrong>, and integrates securely with the Authyo OTP service.\u003C\u002Fp>\n\u003Cp>“This plugin is an add-on for Contact Form 7 and is not developed by or affiliated with the Contact Form 7 authors.”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– OTP verification field for Contact Form 7\u003Cbr \u002F>\n– Secure one-time password handling\u003Cbr \u002F>\n– Customizable messages for sent, verified, and failed OTP states\u003Cbr \u002F>\n– Seamless integration with the Authyo OTP service\u003Cbr \u002F>\n– Email, SMS, WhatsApp, and Voice Call OTP support\u003Cbr \u002F>\n– Per-form redirect option after successful submission\u003Cbr \u002F>\n– Google Sheets Integration: Sync form data to Google Sheets automatically\u003Cbr \u002F>\n– Multi-Sheet Support: Route different forms to separate tabs within the same Google Sheet\u003Cbr \u002F>\n– Custom Column Mapping: Map form fields to specific Google Sheet column headers\u003Cbr \u002F>\n– Improved spam protection and form security\u003C\u002Fp>\n\u003Ch4>Live Demo\u003C\u002Fh4>\n\u003Cp>Check the live demo here:\u003Cbr \u002F>\nhttps:\u002F\u002Fwpplugins.authyo.io\u002Fauthyo-otp-for-contact-form-7\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video Tutorial How to Use Authyo OTP for Contact Form 7\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FhhBnj1WWDdI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Authyo API to send and verify one-time passwords (OTPs).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service used:\u003C\u002Fstrong> Authyo (https:\u002F\u002Fapp.authyo.io)\u003Cbr \u002F>\n\u003Cstrong>Purpose:\u003C\u002Fstrong> To send and verify OTPs for Contact Form 7 submissions.\u003Cbr \u002F>\n\u003Cstrong>Data sent:\u003C\u002Fstrong> User email address or phone number and OTP-related data, solely for verification purposes.\u003Cbr \u002F>\n\u003Cstrong>When:\u003C\u002Fstrong> Data is sent when an OTP is requested and when it is verified.\u003Cbr \u002F>\n\u003Cstrong>Provider:\u003C\u002Fstrong> Authyo Inc.\u003Cbr \u002F>\n\u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fauthyo.io\u002Fterms-service\u003Cbr \u002F>\n\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fauthyo.io\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>This plugin requires the \u003Cstrong>Contact Form 7\u003C\u002Fstrong> plugin to be installed and activated.\u003C\u002Fp>\n\u003Cp>Contact Form 7 is developed by Takayuki Miyoshi and is available for free on WordPress.org:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\u003C\u002Fp>\n","Adds OTP verification (Email, SMS, WhatsApp, Voice Call) and Google Sheets Integration (with Multi-Sheet support) to Contact Form 7.",1645,"2026-03-31T05:23:00.000Z","5.5",[129,75,130,131,132],"contact-form-7","form-security","otp-verification","spam-protection","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauthyo-otp-for-contact-form-7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthyo-otp-for-contact-form-7.1.0.23.zip","2026-04-06T09:54:40.288Z",{"attackSurface":137,"codeSignals":206,"taintFlows":221,"riskAssessment":222,"analyzedAt":227},{"hooks":138,"ajaxHandlers":202,"restRoutes":203,"shortcodes":204,"cronEvents":205,"entryPointCount":11,"unprotectedCount":11},[139,145,148,152,154,158,161,165,167,170,172,176,180,184,189,193,196,199],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","show_user_profile","wppgps_add_user_profile_fields","signed-posts.php",152,{"type":140,"name":146,"callback":142,"file":143,"line":147},"edit_user_profile",153,{"type":140,"name":141,"callback":149,"priority":150,"file":143,"line":151},"wppgps_add_user_profile_fields_did",11,182,{"type":140,"name":146,"callback":149,"priority":150,"file":143,"line":153},183,{"type":140,"name":155,"callback":156,"file":143,"line":157},"personal_options_update","wppgps_save_user_profile_fields",222,{"type":140,"name":159,"callback":156,"file":143,"line":160},"edit_user_profile_update",223,{"type":140,"name":141,"callback":162,"priority":163,"file":143,"line":164},"wppgps_render_cleanup_checkboxes",20,277,{"type":140,"name":146,"callback":162,"priority":163,"file":143,"line":166},278,{"type":140,"name":155,"callback":168,"file":143,"line":169},"wppgps_save_cleanup_checkboxes",302,{"type":140,"name":159,"callback":168,"file":143,"line":171},303,{"type":140,"name":173,"callback":174,"file":143,"line":175},"add_meta_boxes","wppgps_add_metabox",324,{"type":140,"name":177,"callback":178,"file":143,"line":179},"save_post","wppgps_save_post_data",420,{"type":140,"name":181,"callback":182,"file":143,"line":183},"wp_enqueue_scripts","wppgps_enqueue_scripts",484,{"type":185,"name":186,"callback":187,"file":143,"line":188},"filter","the_content","wppgps_append_signature_block",537,{"type":185,"name":190,"callback":191,"priority":163,"file":143,"line":192},"the_author_posts_link","wppgps_append_badge_to_output",594,{"type":185,"name":194,"callback":191,"priority":163,"file":143,"line":195},"the_author",595,{"type":185,"name":197,"callback":191,"priority":163,"file":143,"line":198},"get_the_author",596,{"type":185,"name":200,"callback":191,"priority":163,"file":143,"line":201},"get_the_author_display_name",597,[],[],[],[],{"dangerousFunctions":207,"sqlUsage":208,"outputEscaping":210,"fileOperations":11,"externalRequests":11,"nonceChecks":211,"capabilityChecks":32,"bundledLibraries":220},[],{"prepared":11,"raw":11,"locations":209},[],{"escaped":163,"rawEcho":211,"locations":212},3,[213,216,218],{"file":143,"line":214,"context":215},361,"raw output",{"file":143,"line":217,"context":215},362,{"file":143,"line":219,"context":215},365,[],[],{"summary":223,"deductions":224},"The \"signed-posts\" v0.5 plugin exhibits a strong security posture based on the provided static analysis.  There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that are directly exposed.  Furthermore, the code shows diligent use of security best practices, including the absence of dangerous functions, 100% of SQL queries utilizing prepared statements, a high percentage of properly escaped output (87%), and a significant number of nonce and capability checks (3 and 5 respectively).  The absence of file operations and external HTTP requests also reduces potential attack vectors. The taint analysis revealing zero flows with unsanitized paths is particularly reassuring, indicating no immediate concerns for critical or high severity vulnerabilities originating from data flow.\n\nThe plugin's vulnerability history is also clean, with zero known CVEs recorded. This lack of past vulnerabilities, combined with the robust static analysis, suggests a well-developed and secure plugin.  However, it's worth noting that a 100% output escaping rate would be ideal, and the 13% of unescaped output, while not critical in this context, could potentially become a vector if a new attack surface were introduced or an existing one overlooked in future versions.  Overall, \"signed-posts\" v0.5 appears to be a very secure plugin with a minimal risk profile.",[225],{"reason":226,"points":211},"Minor unescaped output detected","2026-03-17T06:06:31.823Z",{"wat":229,"direct":238},{"assetPaths":230,"generatorPatterns":233,"scriptPaths":234,"versionParams":235},[231,232],"\u002Fwp-content\u002Fplugins\u002Fsigned-posts\u002Fcss\u002Fsigned-posts-frontend.css","\u002Fwp-content\u002Fplugins\u002Fsigned-posts\u002Fjs\u002Fsigned-posts-frontend.js",[],[232],[236,237],"signed-posts\u002Fcss\u002Fsigned-posts-frontend.css?ver=","signed-posts\u002Fjs\u002Fsigned-posts-frontend.js?ver=",{"cssClasses":239,"htmlComments":241,"htmlAttributes":242,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":250},[240],"signed-posts-signature-block",[],[243,244,245,246,247],"data-signed-posts-signature","data-signed-posts-method","data-signed-posts-author-id","data-signed-posts-pgp-key-url","data-signed-posts-did-identifier",[],[],[251],"\u003Cdiv class=\"signed-posts-signature-block\">",{"error":253,"url":254,"statusCode":255,"statusMessage":256,"message":256},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsigned-posts\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":211,"versions":258},[259,265,272],{"version":6,"download_url":24,"svn_tag_url":260,"released_at":26,"has_diff":261,"diff_files_changed":262,"diff_lines":26,"trac_diff_url":263,"vulnerabilities":264,"is_current":253},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsigned-posts\u002Ftags\u002F0.5\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsigned-posts%2Ftags%2F0.4&new_path=%2Fsigned-posts%2Ftags%2F0.5",[],{"version":266,"download_url":267,"svn_tag_url":268,"released_at":26,"has_diff":261,"diff_files_changed":269,"diff_lines":26,"trac_diff_url":270,"vulnerabilities":271,"is_current":261},"0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsigned-posts.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsigned-posts\u002Ftags\u002F0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsigned-posts%2Ftags%2F0.3&new_path=%2Fsigned-posts%2Ftags%2F0.4",[],{"version":273,"download_url":274,"svn_tag_url":275,"released_at":26,"has_diff":261,"diff_files_changed":276,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":277,"is_current":261},"0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsigned-posts.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsigned-posts\u002Ftags\u002F0.3\u002F",[],[]]