[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIAGEC3jYj1n3bFgV_bPGB87xTDyCeTf2w0ZvAaoL2ak":3,"$fYRh4p2fgjQrIRl7ySKKBjIWpyb3a6SQcILdymPBg4xs":197,"$fSVpJ2Hhw_49zLI4J8F6F7kvEtM7s7baouBV8EbA_ifE":202},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":136,"fingerprints":172},"user-agent-blocker","User Agent Blocker","1.0.2","Adhitya Rachman","https:\u002F\u002Fprofiles.wordpress.org\u002Fadhitya03\u002F","\u003Cp>Block bad robots, unwanted robots, unwanted users or crawler from your site by it’s User-Agent using .htaccess.\u003C\u002Fp>\n","Block robots using it's User-Agent in .htaccess",70,2098,0,"2019-05-31T21:01:00.000Z","5.2.24","4.6","5.6",[19,20,21,22],"bad-robot","block","htaccess","user-agent","https:\u002F\u002Fwww.adhityar.com\u002Fplugins\u002Fblock-bots-by-user-agent","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-agent-blocker.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"adhitya03",2,80,30,84,"2026-05-20T10:59:36.343Z",[38,58,81,97,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":33,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":52,"download_link":57,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"spiderblocker","Spider Blocker","1.3.7","Niteo","https:\u002F\u002Fprofiles.wordpress.org\u002Fniteoweb\u002F","\u003Cp>Spider Blocker blocks most common bots that consume bandwidth and slow down your blog.\u003Cbr \u002F>\nIt accomplishes this by using .htaccess file to minimize impact on your website. It’s hidden from external scanners.\u003C\u002Fp>\n\u003Cp>Spider Blocker is specifically designed for Apache servers with mod_rewrite enabled, allowing you to effortlessly safeguard your website from the most prevalent bots that hamper performance and drain resources.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block Unlimited bots from viewing your site\u003C\u002Fli>\n\u003Cli>Easy Export\u002FImport rules (comes with most common list of bots)\u003C\u002Fli>\n\u003Cli>Zero Footprint\u003C\u002Fli>\n\u003C\u002Ful>\n","SpiderBlocker will block most common bots that consume bandwidth and slow down your blog.",20000,613211,5,"2024-05-07T13:39:00.000Z","6.5.8","4.0","",[54,20,55,21,56],"apache","bots","seo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspiderblocker.1.3.7.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":52,"download_link":78,"security_score":79,"vuln_count":69,"unpatched_count":69,"last_vuln_date":80,"fetched_at":27},"htaccess-ip-blocker","HTACCESS IP Blocker","1.0","Taraprasad Swain","https:\u002F\u002Fprofiles.wordpress.org\u002Fswaintara\u002F","\u003Cp>Blocks failed attempted IPs in htaccess\u003C\u002Fp>\n","Blocks failed attempted IPs in htaccess",1000,2558,100,1,"2020-07-21T19:07:00.000Z","5.4.19","5.4","7.0",[20,21,75,76,77],"ip","ip-blocker","login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtaccess-ip-blocker.zip",63,"2025-09-26 00:00:00",{"slug":82,"name":83,"version":61,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":32,"last_updated":91,"tested_up_to":52,"requires_at_least":52,"requires_php":52,"tags":92,"homepage":52,"download_link":96,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"htaccess-ip-block","\u003C.htaccess> IP block","EazyServer","https:\u002F\u002Fprofiles.wordpress.org\u002Feazyserver\u002F","\u003Cp>Utilising Apache server to block IP addresses should reduce the load on php and\u002For mySql servers. As this plugin will eliminate the need to process HTTP requests and then matching the referrer IP address with blacklist stored on mySql.\u003C\u002Fp>\n\u003Cp>This plugin can also integrate with Wordfence Security (if installed) to import blocked IPs from Wordfence and also block IPs on Wordfence.\u003C\u002Fp>\n\u003Cp>How to use:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Install the plugin and activate it.\u003C\u002Fli>\n\u003Cli>Go to Control Panel of the plugin and make sure to follow the instructions exactly. The instructions are tailored to your site.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin uses the power of Apache server to block unwanted IP addresses from accessing or harming your Wordpress site.",10,1868,60,"2016-10-16T17:49:00.000Z",[21,82,93,94,95],"htaccesss-ip","ip-block","ip-security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtaccess-ip-block.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":13,"downloaded":105,"rating":13,"num_ratings":13,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":52,"download_link":113,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":114},"scraperguard","ScraperGuard – AI Scraper Blocker","1.0.0","KNEET","https:\u002F\u002Fprofiles.wordpress.org\u002Fkneet\u002F","\u003Cp>ScraperGuard helps you block known AI scrapers (often called “good bots”) by matching their User-Agent string.\u003C\u002Fp>\n\u003Cp>You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select specific bots to block, or block all known bots.\u003C\u002Fli>\n\u003Cli>Add your own custom User-Agent substrings (one per line).\u003C\u002Fli>\n\u003Cli>Block via Apache \u003Ccode>.htaccess\u003C\u002Fcode> (fast, before WordPress loads) \u003Cstrong>or\u003C\u002Fstrong> via WordPress-level blocking (can show basic stats).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin can block “good bots” that identify themselves. It cannot stop “bad bots” that ignore rules and\u002For spoof User-Agents. For that you may need additional security measures (WAF, rate limiting, bot protection).\u003C\u002Fli>\n\u003Cli>\u003Ccode>.htaccess\u003C\u002Fcode> blocking works on Apache hosting only, and requires a writable \u003Ccode>.htaccess\u003C\u002Fcode> file.\u003C\u002Fli>\n\u003Cli>WordPress-level blocking only affects requests that reach WordPress (it won’t block direct hits to static files unless they route through WordPress).\u003C\u002Fli>\n\u003Cli>Country blocking (geo blocking) can use a country header (fast) or an IP lookup (works without Cloudflare but is slower).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The settings page is under \u003Cstrong>Tools \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> ScraperGuard\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin can optionally connect to third-party IP geolocation services to determine the visitor’s country for country-based blocking. This feature is \u003Cstrong>disabled by default\u003C\u002Fstrong> and only activates when you explicitly enable “Country blocking” in the settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When country blocking is enabled and the “Country detection method” is set to “Auto” or “IP lookup”:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service used\u003C\u002Fstrong>: The plugin uses either ipwho.is or ipapi.co (configurable in settings)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data sent\u003C\u002Fstrong>: The visitor’s IP address is sent to the selected service\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent\u003C\u002Fstrong>: Only when a request is received and no country header is available from your server\u002Fproxy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: To determine the visitor’s country code (ISO-2) for geo-blocking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Caching\u003C\u002Fstrong>: Results are cached locally for 24 hours by default (configurable 1-168 hours) to minimize requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy\u003C\u002Fstrong>: IP addresses are sent to external services. Ensure compliance with your privacy policy and local regulations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>ipwho.is (default provider):\u003C\u002Fstrong>\u003Cbr \u002F>\n* Service provider: ipwho.is\u003Cbr \u002F>\n* Privacy policy: https:\u002F\u002Fipwho.is\u002F\u003Cbr \u002F>\n* Terms of service: https:\u002F\u002Fipwho.is\u002F\u003Cbr \u002F>\n* No API key required\u003C\u002Fp>\n\u003Cp>\u003Cstrong>ipapi.co (alternative provider):\u003C\u002Fstrong>\u003Cbr \u002F>\n* Service provider: ipapi.co\u003Cbr \u002F>\n* Privacy policy: https:\u002F\u002Fipapi.co\u002Fprivacy\u002F\u003Cbr \u002F>\n* Terms of service: https:\u002F\u002Fipapi.co\u002Fterms\u002F\u003Cbr \u002F>\n* No API key required for basic usage\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: If you keep the “Country detection method” set to “Header only” (the default), or if you don’t enable country blocking at all, no data is sent to external services.\u003C\u002Fp>\n","Block “good bots” (AI scrapers) by User-Agent. Optional Apache .htaccess rules and WordPress-level blocking with basic stats.",153,"2026-03-14T01:02:00.000Z","6.9.4","5.8","7.4",[111,55,21,112,22],"ai","scraper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscraperguard.1.0.0.zip","2026-04-06T09:54:40.288Z",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":107,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":134,"download_link":135,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"classic-editor","Classic Editor","1.6.7","WordPress.org","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordpressdotorg\u002F","\u003Cp>Classic Editor is an official plugin maintained by the WordPress team that restores the previous (“classic”) WordPress editor and the “Edit Post” screen. It makes it possible to use plugins that extend that screen, add old-style meta boxes, or otherwise depend on the previous editor.\u003C\u002Fp>\n\u003Cp>Classic Editor is an official WordPress plugin, and will be fully supported and maintained until 2024, or as long as is necessary.\u003C\u002Fp>\n\u003Cp>At a glance, this plugin adds the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Administrators can select the default editor for all users.\u003C\u002Fli>\n\u003Cli>Administrators can allow users to change their default editor.\u003C\u002Fli>\n\u003Cli>When allowed, the users can choose which editor to use for each post.\u003C\u002Fli>\n\u003Cli>Each post opens in the last editor used regardless of who edited it last. This is important for maintaining a consistent experience when editing content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, the Classic Editor plugin includes several filters that let other plugins control the settings, and the editor choice per post and per post type.\u003C\u002Fp>\n\u003Cp>By default, this plugin hides all functionality available in the new block editor (“Gutenberg”).\u003C\u002Fp>\n","Enables the previous \"classic\" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.",9000000,85987852,98,1225,"2025-12-08T10:40:00.000Z","4.9","5.2.4",[131,116,132,133],"block-editor","editor","gutenberg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-editor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclassic-editor.1.6.7.zip",{"attackSurface":137,"codeSignals":149,"taintFlows":164,"riskAssessment":165,"analyzedAt":171},{"hooks":138,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":13,"unprotectedCount":13},[139],{"type":140,"name":141,"callback":142,"file":143,"line":144},"action","admin_menu","uab_submenu","user-agent-blocker.php",34,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":48,"externalRequests":13,"nonceChecks":69,"capabilityChecks":13,"bundledLibraries":163},[],{"prepared":13,"raw":13,"locations":152},[],{"escaped":48,"rawEcho":154,"locations":155},3,[156,159,161],{"file":143,"line":157,"context":158},111,"raw output",{"file":143,"line":160,"context":158},188,{"file":143,"line":162,"context":158},210,[],[],{"summary":166,"deductions":167},"The user-agent-blocker plugin v1.0.2 exhibits a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and there are no recorded external HTTP requests. The presence of a nonce check and the generally low number of file operations and outputs suggest a focused and well-implemented functionality. Taint analysis showing zero flows with unsanitized paths further bolsters this positive assessment.  The plugin's vulnerability history is also clean, with no known CVEs, which is a significant indicator of its security maturity.  While the output escaping is not perfect (63% properly escaped), the overall picture is one of a secure plugin with minimal exploitable weaknesses.  The primary concern, albeit minor, lies in the less than ideal output escaping percentage. However, given the limited attack surface and the lack of other critical security findings, the plugin is considered to be in a good security state.",[168],{"reason":169,"points":170},"Output escaping not fully implemented",4,"2026-03-16T21:36:24.548Z",{"wat":173,"direct":179},{"assetPaths":174,"generatorPatterns":176,"scriptPaths":177,"versionParams":178},[175],"\u002Fwp-content\u002Fplugins\u002Fuser-agent-blocker\u002Fuser-agent-blocker.php",[],[],[],{"cssClasses":180,"htmlComments":190,"htmlAttributes":193,"restEndpoints":194,"jsGlobals":195,"shortcodeOutput":196},[181,182,183,184,185,186,187,188,189],"red","gr","gy","bi","t","c","l","r","psbmt",[191,192],"BEGIN USER AGENT BLOCKER","END USER AGENT BLOCKER",[],[],[],[],{"error":198,"url":199,"statusCode":200,"statusMessage":201,"message":201},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fuser-agent-blocker\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":69,"versions":203},[204],{"version":6,"download_url":205,"svn_tag_url":206,"released_at":26,"has_diff":207,"diff_files_changed":208,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":209,"is_current":198},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-agent-blocker.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fuser-agent-blocker\u002Ftags\u002F1.0.2\u002F",false,[],[]]