Does Simple Login Lockdown have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Login Lockdown have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Login Lockdown compatible with WordPress 3.5.2?

According to WordPress.org data, Simple Login Lockdown 1.1 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Simple Login Lockdown updated?

Simple Login Lockdown was last updated on Nov 28, 2017. Frequent updates are generally a positive security signal.

What is Simple Login Lockdown's security score?

Simple Login Lockdown has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Login Lockdown Security & Risk Analysis

wordpress.org/plugins/simple-login-lockdown

Simple Login Lockdown prevents brute force login attacks/attempts on your WordPress installation.

4K active installs v1.1 PHP + WP 3.2.0+ Updated Nov 28, 2017

loginsecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Login Lockdown Safe to Use in 2026?

Generally Safe

Score 85/100

Simple Login Lockdown has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The static analysis of the "simple-login-lockdown" v1.1 plugin reveals a generally good security posture. The code exhibits strong adherence to best practices, with 100% of SQL queries using prepared statements and 100% of output properly escaped. There are no identified dangerous functions, file operations, external HTTP requests, or bundled libraries that might introduce risks. Furthermore, the absence of any identified taint flows or vulnerabilities in its history suggests a well-developed and secure codebase. The attack surface is also minimal, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed, and importantly, zero unprotected entry points. However, a notable absence of nonce checks and capability checks across any entry points, while currently not an issue due to the zero attack surface, represents a potential future risk if new functionality with entry points is added without proper security controls. This lack of explicit authorization mechanisms is the primary concern, indicating a reliance on the plugin's current limited scope rather than built-in security for broader applicability.

Key Concerns

No nonce checks detected
No capability checks detected

Vulnerabilities

None known

Simple Login Lockdown Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Simple Login Lockdown Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped9 total outputs

Attack Surface

Simple Login Lockdown Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedinc\admin.php:100

actionadmin_initinc\admin.php:113

actionplugins_loadedinc\login.php:90

actionwp_login_failedinc\login.php:103

actionlogin_initinc\login.php:104

actionwp_logininc\login.php:105

Maintenance & Trust

Simple Login Lockdown Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedNov 28, 2017

PHP min version

Downloads61K

Community Trust

Rating88/100

Number of ratings7

Active installs4K

Alternatives

Simple Login Lockdown Alternatives

Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

limit-login-attempts-reloaded

Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.

2.0M 4 CVEs

All-In-One Security (AIOS) – Security and Firewall

all-in-one-wp-security-and-firewall

Protect your website investment with All-In-One Security (AIOS) – a comprehensive and easy to use security plugin designed especially for WordPress.

1.0M 26 CVEs

Loginizer

loginizer

Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.

1.0M 8 CVEs

Security Optimizer – The All-In-One Protection Plugin

sg-security

Secure your WordPress site from brute-force attacks, threats, malware, and bots. Free to use and easy to set up.

1.0M 5 CVEs

SiteGuard WP Plugin

siteguard

SiteGurad WP Plugin is the plugin specialized for the protection against the attack to the management page and login.

600K 1 unpatched

Developer Profile

Simple Login Lockdown Developer Profile

chrisguitarguy

8 plugins · 9K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Simple Login Lockdown

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-login-lockdown/css/admin.css/wp-content/plugins/simple-login-lockdown/js/admin.js

Script Paths

/wp-content/plugins/simple-login-lockdown/js/admin.js

Version Parameters

simple-login-lockdown/css/admin.css?ver=simple-login-lockdown/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

cd-sll-error-messagecd-sll-status-messagecd-sll-form-settings

Data Attributes

data-cd-sll-nonce

JS Globals

cd_sll_admin_ajax_object

FAQ