[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKq2XgGHzvA8ddTZLHTvZxdwOnSdMR8aWLeiAC2GPYHA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":139,"fingerprints":158},"strict-security-headers","Strict Security Headers","0.1.0","Justin Kopepasah","https:\u002F\u002Fprofiles.wordpress.org\u002Fkopepasah\u002F","\u003Cp>Strict Security Headers is a straightforward and lightweight plugin designed to enhance the security of your WordPress website by implementing modern security headers. Simply activate the plugin, and the headers are automatically added, there’s absolutely no configuration needed!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Simple and Lightweight:\u003C\u002Fstrong> No configuration needed, just activate the plugin to enhance your website security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security:\u003C\u002Fstrong> Helps in protecting your website against various types of attacks and vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Performance Impact:\u003C\u002Fstrong> Strict Security Headers is developed to have minimal impact on your website’s performance.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>For any issues, queries, or enhancements, please refer to the plugin support forum. Regular updates and enhancements will be rolled out to ensure optimum functionality and security of the plugin.\u003C\u002Fp>\n\u003Cp>Please consider sponsoring development to support the continued development and maintenance of this plugin: https:\u002F\u002Fgithub.com\u002Fsponsors\u002Fkopepasah\u003C\u002Fp>\n","Easily enable modern security headers for your website with the Strict Security Headers plugin, with no configuration required.",10,753,0,"","6.3.8","5.5",[18,19,20,21],"headers","http-headers","security","security-headers","https:\u002F\u002Fdualfocus.dev\u002Fproducts\u002Fstrict-security-headers\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstrict-security-headers.0.1.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"kopepasah",7,90,87,30,85,"2026-04-04T03:46:40.822Z",[37,62,82,102,120],{"slug":19,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":61},"HTTP Headers","1.19.2","Dimitar Ivanov","https:\u002F\u002Fprofiles.wordpress.org\u002Fzinoui\u002F","\u003Cp>HTTP Headers gives your control over the http headers returned by your blog or website.\u003C\u002Fp>\n\u003Cp>Headers supported by HTTP Headers includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Access-Control-Allow-Origin\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Credentials\u003C\u002Fli>\n\u003Cli>Access-Control-Max-Age\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Methods\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Headers\u003C\u002Fli>\n\u003Cli>Access-Control-Expose-Headers\u003C\u002Fli>\n\u003Cli>Age \u003C\u002Fli>\n\u003Cli>Content-Security-Policy\u003C\u002Fli>\n\u003Cli>Content-Security-Policy-Report-Only\u003C\u002Fli>\n\u003Cli>Cache-Control\u003C\u002Fli>\n\u003Cli>Clear-Site-Data\u003C\u002Fli>\n\u003Cli>Connection\u003C\u002Fli>\n\u003Cli>Content-Encoding\u003C\u002Fli>\n\u003Cli>Content-Type\u003C\u002Fli>\n\u003Cli>Cross-Origin-Embedder-Policy\u003C\u002Fli>\n\u003Cli>Cross-Origin-Opener-Policy\u003C\u002Fli>\n\u003Cli>Cross-Origin-Resource-Policy\u003C\u002Fli>\n\u003Cli>Expect-CT\u003C\u002Fli>\n\u003Cli>Expires\u003C\u002Fli>\n\u003Cli>Feature-Policy\u003C\u002Fli>\n\u003Cli>NEL\u003C\u002Fli>\n\u003Cli>Permissions-Policy\u003C\u002Fli>\n\u003Cli>Pragma\u003C\u002Fli>\n\u003Cli>P3P\u003C\u002Fli>\n\u003Cli>Referrer-Policy\u003C\u002Fli>\n\u003Cli>Report-To\u003C\u002Fli>\n\u003Cli>Strict-Transport-Security\u003C\u002Fli>\n\u003Cli>Timing-Allow-Origin\u003C\u002Fli>\n\u003Cli>Vary\u003C\u002Fli>\n\u003Cli>WWW-Authenticate\u003C\u002Fli>\n\u003Cli>X-Content-Type-Options\u003C\u002Fli>\n\u003Cli>X-DNS-Prefetch-Control\u003C\u002Fli>\n\u003Cli>X-Download-Options\u003C\u002Fli>\n\u003Cli>X-Frame-Options\u003C\u002Fli>\n\u003Cli>X-Permitted-Cross-Domain-Policies\u003C\u002Fli>\n\u003Cli>X-Powered-By\u003C\u002Fli>\n\u003Cli>X-Robots-Tag\u003C\u002Fli>\n\u003Cli>X-UA-Compatible\u003C\u002Fli>\n\u003Cli>X-XSS-Protection\u003C\u002Fli>\n\u003C\u002Ful>\n","HTTP Headers adds CORS & security HTTP headers to your website.",50000,715994,86,70,"2024-12-22T11:49:00.000Z","6.7.5","3.2","5.3",[53,54,55,19,21],"cors-headers","csp-header","custom-headers","https:\u002F\u002Fgithub.com\u002Friverside\u002Fhttp-headers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttp-headers.1.19.2.zip",91,4,"2023-07-13 00:00:00","2026-03-15T15:16:48.613Z",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":46,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":14,"download_link":81,"security_score":34,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":61},"csp-manager","Content Security Policy Manager","1.2.1","Patrick Sletvold","https:\u002F\u002Fprofiles.wordpress.org\u002F16patsle\u002F","\u003Cp>\u003Cstrong>Content Security Policy Manager\u003C\u002Fstrong> is a WordPress plugin that allows you to easily configure \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FHTTP\u002FCSP\" rel=\"nofollow ugc\">Content Security Policy headers\u003C\u002Fa> for your site. You can have different CSP headers for the admin interface, the frontend for logged in users, and the frontend for regular visitors. The CSP directives can be individually enabled, and each policy can be set to enforce, report or be disabled.\u003C\u002Fp>\n\u003Cp>Please note that this plugin offers limited help in figuring out what the contents of the policy should be. It only lets you configure the CSP in a easy to use interface.\u003C\u002Fp>\n","Plugin for configuring Content Security Policy headers for your site. Allows different CSP headers for admin, logged inn frontend and regular visitors",2000,33739,6,"2022-08-09T17:33:00.000Z","6.1.10","4.6","7.2",[78,79,20,21,80],"content-security-policy","csp","xss","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcsp-manager.1.2.1.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":24,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":14,"download_link":101,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":61},"security-header","HTTP Security Header","3.1","MOHIT GOYAL","https:\u002F\u002Fprofiles.wordpress.org\u002Fmohitgoyal1108\u002F","\u003Cp>\u003Cstrong>HTTP Security Header\u003C\u002Fstrong> helps protect your WordPress site by adding critical HTTP headers to each response — with no code required. These headers provide additional layers of protection against attacks such as cross-site scripting (XSS), clickjacking, content injection, and resource leaks.\u003C\u002Fp>\n\u003Cp>This plugin offers a modern, responsive admin dashboard with validation, fallback safety, and full control over each header’s default or custom value.\u003C\u002Fp>\n\u003Ch3>🔎 Scan Your Website Security Headers\u003C\u002Fh3>\n\u003Cp>Before configuring headers, instantly check your website’s current security score using our online header scanner:\u003C\u002Fp>\n\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Finspiredmonks.com\u002Fhttp-security-header-scanner\u002F\" rel=\"nofollow ugc\">Scan Your Website Security Headers\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>✔ Enter your website URL\u003Cbr \u002F>\n✔ Get instant Security Grade (A+ to F)\u003Cbr \u002F>\n✔ See which headers are Present or Missing\u003Cbr \u002F>\n✔ Get clear, actionable recommendations\u003Cbr \u002F>\n✔ Easily fix them using this plugin\u003C\u002Fp>\n\u003Cp>Used by thousands of websites to enhance security and protect user data.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features Include:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Visual toggles for enabling\u002Fdisabling headers\u003Cbr \u002F>\n– Option to use \u003Cstrong>default or custom header values\u003C\u002Fstrong>\u003Cbr \u002F>\n– Secure fallback if a header is misconfigured\u003Cbr \u002F>\n– Integrated \u003Cstrong>header validation\u003C\u002Fstrong>\u003Cbr \u002F>\n– Support for all major browser-supported headers\u003Cbr \u002F>\n– Nonce-based saving and admin notices\u003Cbr \u002F>\n– WP Multisite compatible\u003Cbr \u002F>\n– “Disable All” and “Reset to Important Headers” actions\u003Cbr \u002F>\n– Per-header input validation with real-time error fallback\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supported Headers:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Strict-Transport-Security (HSTS)\u003Cbr \u002F>\n* X-Frame-Options\u003Cbr \u002F>\n* X-Content-Type-Options\u003Cbr \u002F>\n* Referrer-Policy\u003Cbr \u002F>\n* Content-Security-Policy\u003Cbr \u002F>\n* Permissions-Policy\u003Cbr \u002F>\n* X-XSS-Protection\u003Cbr \u002F>\n* X-Permitted-Cross-Domain-Policies\u003Cbr \u002F>\n* Expect-CT\u003Cbr \u002F>\n* Cross-Origin-Opener-Policy (COOP)\u003Cbr \u002F>\n* Cross-Origin-Resource-Policy (CORP)\u003Cbr \u002F>\n* Cross-Origin-Embedder-Policy (COEP)\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Lightweight and performance-focused  \u003C\u002Fli>\n\u003Cli>No front-end impact  \u003C\u002Fli>\n\u003Cli>Choose default or custom header values  \u003C\u002Fli>\n\u003Cli>Secure validation and auto-fallbacks  \u003C\u002Fli>\n\u003Cli>Seamless plugin compatibility (including WP Rocket)  \u003C\u002Fli>\n\u003Cli>Fully translation-ready and i18n-compliant  \u003C\u002Fli>\n\u003Cli>Nonce-protected admin save actions  \u003C\u002Fli>\n\u003Cli>Optional reset-to-default support  \u003C\u002Fli>\n\u003Cli>Reset or disable all headers with one click\u003C\u002Fli>\n\u003C\u002Ful>\n","Add and manage essential HTTP security headers with ease. Protect your WordPress site from XSS, clickjacking, and other common vulnerabilities.",800,4254,3,"2025-12-30T17:44:00.000Z","6.9.4","5.0","7.0",[98,78,99,21,100],"clickjacking","http-security-header","wordpress-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecurity-header.3.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":95,"requires_php":96,"tags":116,"homepage":118,"download_link":119,"security_score":34,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":61},"firstpage-sg-security-headers","Security Headers","1.0.0","Joseph Mendez","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoshme21\u002F","\u003Cp>Security headers are directives used by web applications to configure security defenses.\u003C\u002Fp>\n\u003Ch3>Why security headers important?\u003C\u002Fh3>\n\u003Cp>When auditing websites, security headers are frequently forgotten.\u003C\u002Fp>\n\u003Cp>Although some may argue that website security is unrelated to SEO, it does become so when a site is compromised and search traffic completely disappears.\u003C\u002Fp>\n\u003Cp>Everyone who publishes content online should pay special attention to security headers.\u003C\u002Fp>\n\u003Cp>Getting hacked is not good. You lose traffic, customers and it’s a pain to resolve all the issues.\u003C\u002Fp>\n\u003Cp>But good thing you’re smart and have searched for this plugin :).\u003C\u002Fp>\n","Security headers are directives used by web applications to configure security defenses.",700,4275,60,2,"2022-09-24T01:34:00.000Z","6.0.11",[21,117],"seo-security-headers","https:\u002F\u002Fwww.firstpagedigital.sg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirstpage-sg-security-headers.1.0.0.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":72,"last_updated":131,"tested_up_to":96,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":137,"download_link":138,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":61},"security-header-generator","Security Header Generator","5.4.77","Kevin Pirnie","https:\u002F\u002Fprofiles.wordpress.org\u002Fkevp75\u002F","\u003Cp>This plugin generates the proper security HTTP response headers, attempts to generate a valid Content Security Policy, and sets browser permissions if configured.\u003C\u002Fp>\n","This plugin generates the proper security HTTP response headers to keep your site secured.",500,24333,96,"2026-02-03T14:10:00.000Z","6.0.9","8.2",[78,135,136,20,21],"permissions","permissions-policy","https:\u002F\u002Fkevinpirnie.com\u002Fblog\u002F2021\u002F10\u002F13\u002Fwordpress-plugin-security-header-generator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecurity-header-generator.5.4.77.zip",{"attackSurface":140,"codeSignals":146,"taintFlows":153,"riskAssessment":154,"analyzedAt":157},{"hooks":141,"ajaxHandlers":142,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":13,"unprotectedCount":13},[],[],[],[],[],{"dangerousFunctions":147,"sqlUsage":148,"outputEscaping":150,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":152},[],{"prepared":13,"raw":13,"locations":149},[],{"escaped":13,"rawEcho":13,"locations":151},[],[],[],{"summary":155,"deductions":156},"The 'strict-security-headers' v0.1.0 plugin exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history.  The absence of any detected entry points, dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or taint flows indicates meticulous development practices. The plugin appears to be designed with security as a primary concern, and the lack of any known vulnerabilities further reinforces this positive assessment.  Its vulnerability history is clean, with no recorded CVEs, suggesting a stable and secure codebase. The plugin's strengths lie in its minimal attack surface and its apparent adherence to secure coding principles, with no identified weaknesses in the analyzed areas. The only area of potential concern, albeit minor given the other strong signals, is the complete absence of capability checks and nonce checks, which could be a point of hardening if the plugin were to evolve to handle more sensitive operations or user interactions.",[],"2026-03-16T23:12:55.799Z",{"wat":159,"direct":188},{"assetPaths":160,"generatorPatterns":173,"scriptPaths":174,"versionParams":175},[161,162,163,164,165,166,167,168,169,170,171,172],"\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fcsp.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fcsp.css","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fsts.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fsts.css","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fpermissions.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fpermissions.css","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Freferrer.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Freferrer.css","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fxcontenttypeoptions.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fxcontenttypeoptions.css","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fxframeoptions.js","\u002Fwp-content\u002Fplugins\u002Fstrict-security-headers\u002Fbuild\u002Fxframeoptions.css",[],[161,163,165,167,169,171],[176,177,178,179,180,181,182,183,184,185,186,187],"strict-security-headers\u002Fbuild\u002Fcsp.js?ver=","strict-security-headers\u002Fbuild\u002Fcsp.css?ver=","strict-security-headers\u002Fbuild\u002Fsts.js?ver=","strict-security-headers\u002Fbuild\u002Fsts.css?ver=","strict-security-headers\u002Fbuild\u002Fpermissions.js?ver=","strict-security-headers\u002Fbuild\u002Fpermissions.css?ver=","strict-security-headers\u002Fbuild\u002Freferrer.js?ver=","strict-security-headers\u002Fbuild\u002Freferrer.css?ver=","strict-security-headers\u002Fbuild\u002Fxcontenttypeoptions.js?ver=","strict-security-headers\u002Fbuild\u002Fxcontenttypeoptions.css?ver=","strict-security-headers\u002Fbuild\u002Fxframeoptions.js?ver=","strict-security-headers\u002Fbuild\u002Fxframeoptions.css?ver=",{"cssClasses":189,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[],[],[],[],[],[]]