[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDnqTojmz1b-GXeBsSAUBoaFwW18bjuwF7oj8wt843QE":3},{"slug":4,"name":5,"version":6,"author":4,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":10,"num_ratings":10,"last_updated":12,"tested_up_to":13,"requires_at_least":14,"requires_php":15,"tags":16,"homepage":22,"download_link":23,"security_score":24,"vuln_count":10,"unpatched_count":10,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":136,"fingerprints":182},"verifiedvisitors","VerifiedVisitors","1.1.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fverifiedvisitors\u002F","\u003Cp>VerifiedVisitors is a bank grade AI\u002FML bot mitigation platform built from the ground up to support the WordPress community.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How does it work?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>By deploying our agent, VerifiedVisitors helps to protect your web estate from unwanted and malicious bot traffic using the plugin init hook to verify visitors and block unwanted or potentially malicious traffic.\u003Cbr \u002F>\nOur intelligent detectors examine thousands of diverse security signals, separate out the legitimate bots and users from the malicious ones by learning from your traffic.\u003Cbr \u002F>\nOur customers receive security protection from malicious bot activity such as account takeover, credit card attacks, and content scraping, and we can help save you valuable energy resources on web hosting, bandwidth, and CPU.\u003Cbr \u002F>\nAll the bot detection and mitigation happens at the earliest part of the visitors journey – the plugin takes minutes to install. Setup is simple, typically our customers are up and running in minutes, not days.\u003Cbr \u002F>\nWith VerifiedVisitors you will be able to manage all the bots visiting your site, set your bot access list, and automate mitigation through the VerifiedVisitors dashboard.\u003Cbr \u002F>\nIf you use AWS CloudFront or Cloudflare you can install VerifiedVisitors at the edge of network by starting your journey at https:\u002F\u002Fapp.verifiedvisitors.com\u002Fregister\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What does it cost?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>All new accounts automatically get access to our Standard Tier FREE for up to 30 days so you can experience the product for yourselves! We charge on a monthly subscription basis, based on total web request volume for your account, with overages available for all tiers except our Basic tier for ad-hoc burst usage.\u003Cbr \u002F>\nWe have a low cost basic tier for accounts with less than 1M web requests per month for $99 per month.\u003Cbr \u002F>\nFor accounts with higher volumes, upgrades are available via the VerifiedVisitors portal starting from as little as $199 per month.\u003Cbr \u002F>\nBilling is available in both $USD and £GBP.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>External\u002FThird Party services\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>As part of delivering the identification of bots, VerifiedVisitors uses our own fingerprinting service which is external to the WordPress plugin.\u003Cbr \u002F>\nOur terms and privacy policies can be found here: https:\u002F\u002Fwww.verifiedvisitors.com\u002Fterms-of-service and https:\u002F\u002Fwww.verifiedvisitors.com\u002Fcookie-privacy-policy.\u003C\u002Fp>\n\u003Cp>The VerifiedVisitors WordPress plugin may present a CAPTCHA page to visitors when a CAPTCHA rule is triggered, which relies on \u003Ca href=\"https:\u002F\u002Fwww.hcaptcha.com\u002F\" rel=\"nofollow ugc\">hCAPTCHA\u003C\u002Fa>.\u003Cbr \u002F>\nTheir terms and privacy policies can be found here: https:\u002F\u002Fwww.hcaptcha.com\u002Fterms and https:\u002F\u002Fwww.hcaptcha.com\u002Fprivacy.\u003C\u002Fp>\n","VerifiedVisitors is a powerful AI\u002FML bot mitigation plugin to support the Wordpress community. It’s an easy to configure platform to defeat bad bots.",0,2343,"2024-02-27T13:34:00.000Z","6.4.8","4.9","7.2",[17,18,19,20,21],"account-takeover","bot-mitigation","bots","firewall","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fverifiedvisitors.1.1.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":4,"display_name":4,"profile_url":7,"plugin_count":29,"total_installs":10,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,84,"2026-04-04T14:12:12.922Z",[34,56,80,100,116],{"slug":35,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":44,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":53,"download_link":54,"security_score":55,"vuln_count":10,"unpatched_count":10,"last_vuln_date":25,"fetched_at":26},"block-bad-queries","BBQ Firewall – Fast & Powerful Firewall Security","20260205","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cblockquote>\n\u003Cp>🔥 Install, activate, and done!\u003Cbr \u002F>\n  🔥 Powerful protection from WP’s \u003Cstrong>fastest\u003C\u002Fstrong> firewall plugin.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fblock-bad-queries\u002F\" rel=\"nofollow ugc\">BBQ Firewall\u003C\u002Fa> is a lightweight, blazing-fast firewall plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like \u003Ccode>eval(\u003C\u002Fcode>, \u003Ccode>base64_\u003C\u002Fcode>, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a \u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002F8g-firewall\u002F\" rel=\"nofollow ugc\">strong Apache\u002F.htaccess firewall\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>🔥 Adds a strong firewall to ANY WordPress site\u003Cbr \u002F>\n  🔥 Works with all WordPress plugins and themes\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Powerful Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>BBQ protects your site against many threats:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SQL injection attacks\u003C\u002Fli>\n\u003Cli>Executable file uploads\u003C\u002Fli>\n\u003Cli>Directory traversal attacks\u003C\u002Fli>\n\u003Cli>Unsafe character requests\u003C\u002Fli>\n\u003Cli>Excessively long requests\u003C\u002Fli>\n\u003Cli>PHP remote\u002Ffile execution\u003C\u002Fli>\n\u003Cli>XSS, XXE, and related attacks\u003C\u002Fli>\n\u003Cli>Protects against bad bots\u003C\u002Fli>\n\u003Cli>Protects against bad referrers\u003C\u002Fli>\n\u003Cli>Protects against bad POST content\u003C\u002Fli>\n\u003Cli>Protects against many other bad requests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>🔥 Works great with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblackhole-bad-bots\u002F\" rel=\"ugc\">Blackhole for Bad Bots\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbanhammer\u002F\" rel=\"ugc\">Banhammer\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Awesome Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>BBQ provides all the best firewall features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Rated \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblock-bad-queries\u002F#reviews\" rel=\"ugc\">5 stars\u003C\u002Fa> at WordPress.org\u003C\u002Fli>\n\u003Cli>100% plug-&-play, zero configuration\u003C\u002Fli>\n\u003Cli>100% focused on security and performance\u003C\u002Fli>\n\u003Cli>Blocks a wide range of malicious URL requests\u003C\u002Fli>\n\u003Cli>Fastest Web Application Firewall (WAF) for WordPress\u003C\u002Fli>\n\u003Cli>Based on the \u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002F7g-firewall\u002F\" rel=\"nofollow ugc\">7G\u003C\u002Fa>\u002F\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002F8g-firewall\u002F\" rel=\"nofollow ugc\">8G Firewall\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Scans all incoming traffic and blocks bad requests\u003C\u002Fli>\n\u003Cli>Scans all types of requests: GET, POST, PUT, DELETE, etc.\u003C\u002Fli>\n\u003Cli>Protects against known bad bots and referrers\u003C\u002Fli>\n\u003Cli>Works silently behind the scenes to protect your site\u003C\u002Fli>\n\u003Cli>Hassle-free security plugin that’s easy to use\u003C\u002Fli>\n\u003Cli>Thoroughly tested, error-free performance\u003C\u002Fli>\n\u003Cli>Extremely low rate of false positives\u003C\u002Fli>\n\u003Cli>Compatible with other security plugins\u003C\u002Fli>\n\u003Cli>Regularly updated and “future proof”\u003C\u002Fli>\n\u003Cli>Firewall \u003C 10 kilobytes in size\u003C\u002Fli>\n\u003Cli>Lightweight, fast and flexible\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>🔥 For advanced protection and features, check out \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro &raquo;\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Exclusive Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customize firewall via plugin settings\u003C\u002Fli>\n\u003Cli>Easily add or remove firewall patterns\u003C\u002Fli>\n\u003Cli>Easily add Jeff Starr’s \u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fultimate-ai-block-list\u002F\" rel=\"nofollow ugc\">AI Block List\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Send Email Alerts for blocked requests\u003C\u002Fli>\n\u003Cli>Quickly enable\u002Fdisable firewall rules\u003C\u002Fli>\n\u003Cli>Disable firewall for logged-in users\u003C\u002Fli>\n\u003Cli>Block excessively long URI requests\u003C\u002Fli>\n\u003Cli>Protect against XML-RPC exploits\u003C\u002Fli>\n\u003Cli>Block any individual IP address\u003C\u002Fli>\n\u003Cli>Block entire ranges of IP addresses\u003C\u002Fli>\n\u003Cli>Protect against user-ID phishing\u003C\u002Fli>\n\u003Cli>Redirect all blocked requests\u003C\u002Fli>\n\u003Cli>Display a custom “blocked” message\u003C\u002Fli>\n\u003Cli>Set your own response status code\u003C\u002Fli>\n\u003Cli>Complete inline documentation\u003C\u002Fli>\n\u003Cli>Statistics for blocked requests\u003C\u002Fli>\n\u003Cli>Tools to reset options and patterns\u003C\u002Fli>\n\u003Cli>Import and Export firewall patterns\u003C\u002Fli>\n\u003Cli>One-click pattern testing\u003C\u002Fli>\n\u003Cli>Whitelist IP addresses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>..plus everything the free version can do and more.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>🔥 Learn more and \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">get BBQ Pro &raquo;\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>BBQ Firewall is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>🔥 BBQ = Block Bad Queries\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","The fastest firewall plugin for WordPress. Protect against a wide range of threats with minimal performance impact.",100000,3258210,98,156,"2026-02-05T20:29:00.000Z","6.9.4","4.7","7.1",[19,20,51,21,52],"secure","web-application-firewall","https:\u002F\u002Fperishablepress.com\u002Fblock-bad-queries\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-bad-queries.20260205.zip",100,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":77,"vuln_count":78,"unpatched_count":10,"last_vuln_date":79,"fetched_at":26},"wp-simple-firewall","Shield: Blocks Bots, Protects Users, and Prevents Security Breaches","21.2.6","Paul","https:\u002F\u002Fprofiles.wordpress.org\u002Fpaultgoodchild\u002F","\u003Cp>Shield stops bot attacks before they hack your site. Bots CAN be stopped. Shield stops them.\u003C\u002Fp>\n\u003Ch3>Key Security Features At A Glance\u003C\u002Fh3>\n\u003Ch3>[PRO-Only] Zero-Configuration, Fast & Reliable WordPress Backups Included\u003C\u002Fh3>\n\u003Cp>We’ve made WordPress backups faster than ever with our integrated WordPress Disaster Recovery Backups solution – \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fshieldbackups\" rel=\"nofollow ugc\">ShieldBACKUPS\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>No more risky Cloud Storage\u002FOAuth credentials exposed on your sites; Backups that work without relying on a temperamental WordPress cron.\u003C\u002Fp>\n\u003Cp>ShieldBACKUPS keeps your data off-site, encrypted, and far away from hackers.\u003C\u002Fp>\n\u003Ch3>\u003Cem>silent\u003C\u002Fem>CAPTCHA Bad Bot Protection\u003C\u002Fh3>\n\u003Cp>Bad bots are your #1 security threat. They account for nearly all WordPress security probes, attacks, injections, malware, and vulnerability exploitation.\u003C\u002Fp>\n\u003Cp>Google reCAPTCHA and CloudFlare Turnstile are considered the best way to detect bots, but these along with all other CAPTCHAs interrupt the user experience.\u003C\u002Fp>\n\u003Cp>Shield’s exclusive \u003Cem>silent\u003C\u002Fem>CAPTCHA detects bad bots and blocks them from taking any abusive actions on your site, such as brute-force user login attacks and WP Comments SPAM.\u003C\u002Fp>\n\u003Cp>Furthermore, privacy directives from legislation such as Europe’s GDPR restrict what data you may share of your visitors. All \u003Cem>silent\u003C\u002Fem>CAPTCHA data is kept on your WordPress site and ensures full compliance with GDPR regulations.\u003C\u002Fp>\n\u003Ch3>Comprehensive Activity Log\u003C\u002Fh3>\n\u003Cp>Shield’s has best-in-class logging that documents every WP action on your site.\u003C\u002Fp>\n\u003Cp>Unlike existing logging solutions, Shield detects changes to your WordPress sites that happen directly on your database. e.g. by hackers that have infiltrated your defenses via an exposed vulnerability.\u003C\u002Fp>\n\u003Cp>No other WordPress security plugin does this.\u003C\u002Fp>\n\u003Ch3>Limit Login Attempts and Block User Registration SPAM\u003C\u002Fh3>\n\u003Cp>\u003Cem>silent\u003C\u002Fem>CAPTCHA technology is invisible to your visitors and protects your WordPress login, registration and lost password forms from brute force attacks, and eliminates user registration SPAM from bots.\u003C\u002Fp>\n\u003Ch3>User Session Theft Protection\u003C\u002Fh3>\n\u003Cp>Shield can lock user session to browsers, or IP addresses. Combine with 2FA (below), you can protect your users from session theft and account theft.\u003C\u002Fp>\n\u003Ch3>Two-Factor Authentication (2FA) for all users\u003C\u002Fh3>\n\u003Cp>Two-Factor Authentication is a crucial part of WordPress user security. It protects against account theft, takeover, and sharing. Shield supports email-based login code, Google\u002FMicrosoft\u002FLastpass Authenticator, Yubikey One-Time Passwords and Passkeys (pro).\u003C\u002Fp>\n\u003Ch3>Exclusive Security Admin Protection\u003C\u002Fh3>\n\u003Cp>Not only does Shield Security protect your WordPress site, it also provides security against tampering of key WordPress options and the Shield Security plugin itself. With Shield’s exclusive Security Admin feature, you can lockdown the security plugin from other admins to prevent accidental or malicious changes that will impact your security.\u003C\u002Fp>\n\u003Ch3>CrowdSec Partnership\u003C\u002Fh3>\n\u003Cp>Shield is the only WordPress security plugin with strategic partnerships that bring powerful protection to your WordPress sites. With our CrowdSec integration, your WordPress sites benefit from crowd-sourced IP Block Lists so your site can block malicious bots before they can do any damage whatsoever.\u003C\u002Fp>\n\u003Ch3>All The Features You’ll Absolutely Love\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[ShieldPRO] ShieldBACKUPS – Disaster-proof your WordPress site with fast, reliable, easy WordPress backups!\u003C\u002Fli>\n\u003Cli>Exclusive \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fju\" rel=\"nofollow ugc\">silentCAPTCHA Security\u003C\u002Fa> – WordPress-specific bot-detection alternative to Google reCAPTCHA and CloudFlare Turnstile.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj0\" rel=\"nofollow ugc\">Automatic Bot & IP Blocking\u003C\u002Fa> – reputation-based security intelligence to block repeat offenders automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant Bad Bot Blocking with \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fl5\" rel=\"nofollow ugc\">our exclusive CrowdSec Security integration\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Easy To Understand Security Dashboard that highlights quick wins and areas to rapidly improve site security\u003C\u002Fli>\n\u003Cli>[ShieldPRO] \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Flf\" rel=\"nofollow ugc\">Artificial Intelligence based PHP Malware Detection\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Security for your important user forms, by blocking Block Bots:\n\u003Cul>\n\u003Cli>Login Forms\u003C\u002Fli>\n\u003Cli>User Registration Forms\u003C\u002Fli>\n\u003Cli>Lost Password Reset Forms\u003C\u002Fli>\n\u003Cli>[ShieldPRO] WooCommerce & Easy Digital Downloads\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Contact Form SPAM Protection: Contact Form 7, NinjaForms, Elementor, WP Forms, and more!\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Memberpress, LearnPress, BuddyPress, WP Members, ProfileBuilder\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fiw\" rel=\"nofollow ugc\">Brute Force Security Protection, Limit Login Attempts + Login Cooldown\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Powerful Firewall Rules\u003C\u002Fli>\n\u003Cli>Restricted Security Admin Access\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fix\" rel=\"nofollow ugc\">Prevents Unauthorized Changes By Compromised Admins\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>(MFA) \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fiy\" rel=\"nofollow ugc\">Two-Factor \u002F Multi-Factor Login Authentication\u003C\u002Fa>:\n\u003Cul>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Google Authenticator\u003C\u002Fli>\n\u003Cli>Yubikey\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Passkeys\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Backup Login Codes\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Multiple Yubikey per User\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Remember Me (reduces 2FA requests for users)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fiz\" rel=\"nofollow ugc\">Block XML-RPC\u003C\u002Fa> (\u003Cem>including\u003C\u002Fem> Pingbacks and Trackbacks)\u003C\u002Fli>\n\u003Cli>Security firewall for the REST API – block anonymous requests\u003C\u002Fli>\n\u003Cli>Powerful IP Addresses-based Security:\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj0\" rel=\"nofollow ugc\">Automatic IP Address Blocking Using Points-Based System\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Block or Bypass individual IPs\u003C\u002Fli>\n\u003Cli>Block or Bypass IP Subnets\u003C\u002Fli>\n\u003Cli>Full IP Security Analysis in 1 place to review activity on your sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Comprehensive WordPress File Scanner for Intrusions and Hacks\n\u003Cul>\n\u003Cli>Detect File Changes – \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj1\" rel=\"nofollow ugc\">Scan & Repair WordPress Core Files\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj2\" rel=\"nofollow ugc\">Detect Unknown\u002FSuspicious PHP Files\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Detect Abandoned Plugins.\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Malware Scanner – detects known and unknown malware.\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Plugin and Theme Scanning – identify file changes in your plugins\u002Fthemes.\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Detect Plugins\u002FThemes With Known Security Vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj3\" rel=\"nofollow ugc\">Create a \u003Cstrong>Private Secure Login URL\u003C\u002Fstrong> by hiding wp-login.php\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Comment SPAM Blocking – Block \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fjf\" rel=\"nofollow ugc\">Comment SPAM from Bots and Humans\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Never Block Google\u003C\u002Fstrong>: Smart Security Automatically Detects Known Good Bots: GoogleBot, Bing and other Official Search Engines including:\n\u003Cul>\n\u003Cli>Google\u003C\u002Fli>\n\u003Cli>Bing,\u003C\u002Fli>\n\u003Cli>DuckDuckGo\u003C\u002Fli>\n\u003Cli>Yahoo!\u003C\u002Fli>\n\u003Cli>Baidu\u003C\u002Fli>\n\u003Cli>Apple\u003C\u002Fli>\n\u003Cli>Yandex\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Automatically Detects 3rd Party Services and Prevents Blocking Of:\n\u003Cul>\n\u003Cli>ManageWP \u002F iControlWP \u002F MainWP\u003C\u002Fli>\n\u003Cli>Pingdom, NodePing, Statuscake, UptimeRobot, GTMetrix\u003C\u002Fli>\n\u003Cli>Stripe, PayPal IPN\u003C\u002Fli>\n\u003Cli>CloudFlare, SEMRush\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Full Security Activity Log – \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj5\" rel=\"nofollow ugc\">Monitor \u003Cstrong>All\u003C\u002Fstrong> Site Activity, including\u003C\u002Fa>:\n\u003Cul>\n\u003Cli>Activity log for all user login & registration attempts\u003C\u002Fli>\n\u003Cli>Plugin and Theme installation activity logs, including activation & deactivation etc.\u003C\u002Fli>\n\u003Cli>User creation activity log, including detection of administrator promotions\u003C\u002Fli>\n\u003Cli>Activity log for Page\u002FPost create, update, delete\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Advanced User Sessions Control\n\u003Cul>\n\u003Cli>Restrict Multiple User Login\u003C\u002Fli>\n\u003Cli>Restrict Users Session To IP\u003C\u002Fli>\n\u003Cli>Password Security – Block Pwned Passwords\u003C\u002Fli>\n\u003Cli>User Enumeration Blocking – Firewall blocks requests to \u003Ccode>?author=x\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Security for old and idle user account with manual and automatic User Suspend.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Full\u002FAutomatic Support for All IP Address Sources including Proxy Support\u003C\u002Fli>\n\u003Cli>HTTP Request\u002FTraffic Logging – \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj7\" rel=\"nofollow ugc\">Full Traffic Logging and Request Monitoring\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>[ShieldPRO] Traffic Rate Limiting Security – prevent server overload from DoS Attacks\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fj6\" rel=\"nofollow ugc\">HTTP Security Headers & Content Security Policies (CSP)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fshieldfeatures\" rel=\"nofollow ugc\">Full Shield Security Features List\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>Shield is the only security plugin for WordPress that prioritises protection and intrusion prevention before repair. With Shield Security, your site will immediately to block visitors as they probe your site looking for vulnerabilities, and before they can do damage.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No other standalone WordPress security plugin\u003C\u002Fstrong> (including \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fshieldvswordfence\" rel=\"nofollow ugc\">Wordfence\u003C\u002Fa>, WP Cerber, Ninja Firewall, All-In-One Security) approaches security in this way. The 1st step in any good security system is Intrusion Detection\u002FPrevention, the 2nd step is repair. Shield Security does both.\u003C\u002Fp>\n\u003Ch4>Get the highest rated 5* Security Plugin for WordPress\u003C\u002Fh4>\n\u003Cp>Per download, Shield Security \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fjl\" rel=\"nofollow ugc\">has the highest 5* rating\u003C\u002Fa> in the WordPress plugin repository.\u003C\u002Fp>\n\u003Ch3>Leave Behind the Security Marketing Hype and Scare Mongering\u003C\u002Fh3>\n\u003Cp>Our solution isn’t designed to scare you and make you feel unsafe.\u003C\u002Fp>\n\u003Ch3>2 Key WordPress Security Strategies\u003C\u002Fh3>\n\u003Cp>Shield Security uses 2 simple key strategies to protect your WordPress sites:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Intrusion Prevention System – Detect Bots\u002FMalicious IPs that will try to hack and invade your WordPress sites.\u003C\u002Fli>\n\u003Cli>Block & Recover – Block Bad Bots and Repair Hacks\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Key Security Strategy #1: Hacking Prevention\u003C\u002Fh4>\n\u003Cp>Bad Bots are the primary cause for nearly all our security troubles – they’re relentless, automatic and powerful.\u003C\u002Fp>\n\u003Cp>Shield Security is highly focused on their detection and eradication from your WordPress sites.\u003C\u002Fp>\n\u003Cp>Blocking malicious bots before they do damage through malware and exploitation of vulnerabilities is the #1 security strategy to protect and enhance security on a WordPress site.\u003C\u002Fp>\n\u003Cp>Shield detects these malicious visitors, then blocks their access to your site completely. This involves analysing different security bot-signals and combining them to identify a visitor as malicious.\u003C\u002Fp>\n\u003Cp>These security signals include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>site probes that generate 404 errors\u003C\u002Fli>\n\u003Cli>failed logins\u003C\u002Fli>\n\u003Cli>logins with invalid usernames\u003C\u002Fli>\n\u003Cli>xml-rpc access\u003C\u002Fli>\n\u003Cli>fake search engine web crawlers\u003C\u002Fli>\n\u003Cli>invalid user agents\u003C\u002Fli>\n\u003Cli>excessive website requests and resource abuse\u003C\u002Fli>\n\u003Cli>and many more signals our security team have identified.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Early identification and blocking of malicious bots reduces your WordPress site’s vulnerability to any sort of attack.\u003C\u002Fp>\n\u003Ch4>Key Strategy #2: Hacking Recovery\u003C\u002Fh4>\n\u003Cp>Even with the best security efforts, a site can get hacked. This usually involves file modification: either a hack file is added, or a file is changed.\u003C\u002Fp>\n\u003Cp>There are 3 key WordPress assets whose files can be hacked:\u003C\u002Fp>\n\u003Col>\n\u003Cli>WordPress Core\u003C\u002Fli>\n\u003Cli>WordPress Plugins\u003C\u002Fli>\n\u003Cli>WordPress Themes\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Almost every security plugin can now do #1 – it’s easy because WordPress.org provides \u003Cem>checksums\u003C\u002Fem> for core files.\u003C\u002Fp>\n\u003Cp>But, there are no hashes available for plugins and themes, particularly premium plugins, so they can’t do it.\u003C\u002Fp>\n\u003Cp>Shield is \u003Cstrong>the only WordPress security plugin\u003C\u002Fstrong> that offers accurate detection of file modifications for all plugins and themes because we \u003Cstrong>build our own file fingerprints\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Shield can compare the file contents of every plugin & theme in the WordPress.org repository, looking for changed or new files\u003C\u002Fp>\n\u003Cp>And, if you’re a ShieldPRO client, you can protect premium plugins\u002Fthemes too, including Yoast SEO and Advanced Custom Fields Pro.\u003C\u002Fp>\n\u003Cp>Where possible, Shield will repair any unrecognised\u002Fmodified files it detects.\u003C\u002Fp>\n\u003Ch4>Non-stop Security Notifications Are Not Okay.\u003C\u002Fh4>\n\u003Cp>Your security plugin must be smarter, and take responsibility for decisions, so you don’t have to.\u003C\u002Fp>\n\u003Cp>Shield handles many problems for you, making intelligent decisions without noisy email notifications.\u003C\u002Fp>\n\u003Ch3>Dedicated Premium Support When You Go PRO\u003C\u002Fh3>\n\u003Cp>The Shield Security team prioritises email technical support over the WordPress.org forums.\u003Cbr \u002F>\nIndividual, dedicated technical support is only available to customers who have \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fab\" rel=\"nofollow ugc\">purchased Shield Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Discover all the advantages of switching your WordPress security Pro at \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fab\" rel=\"nofollow ugc\">our Shield Security store\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Partnerships & Integrations\u003C\u002Fh3>\n\u003Cp>We believe that \u003Ca href=\"https:\u002F\u002Fclk.shldscrty.com\u002Fol\" rel=\"nofollow ugc\">silentCAPTCHA\u003C\u002Fa> is one of the simplest and most powerful solutions available today for all WordPress site owners to block and eliminate automated bot spam.\u003C\u002Fp>\n\u003Cp>That’s why we’ve started a collaboration campaign with other WordPress plugin developers to adapt their plugins to natively support Shield’s silentCAPTCHA solution, alongside Google reCAPTCHA & Cloudflare Turnstile.\u003C\u002Fp>\n\u003Cp>When you use one of the products from any of our partners, you will be able to activate Shield’s silentCAPTCHA bot spam protection so that your forms are protected from automated spam. You won’t need any site\u002FAPI keys, custom integrations, or JavaScript that can breaks your forms. It all works automatically for you when you enable the feature.\u003C\u002Fp>\n\u003Cp>As of this release, we have partnered with the following WordPress form providers:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-form-builder\u002F\" rel=\"ugc\">Easy Form Builder\u003C\u002Fa> v4+\u003C\u002Fli>\n\u003C\u002Ful>\n","Shield stops bot attacks before they hack your site. Bots CAN be stopped. Shield stops them.",40000,12640449,96,1032,"2026-03-05T10:26:00.000Z","7.0","5.7","7.4",[73,74,19,20,21],"2fa","activity-log","https:\u002F\u002Fclk.shldscrty.com\u002F2f","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-simple-firewall.21.2.6.zip",83,11,"2026-02-18 16:19:04",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":55,"num_ratings":90,"last_updated":91,"tested_up_to":47,"requires_at_least":92,"requires_php":22,"tags":93,"homepage":98,"download_link":99,"security_score":55,"vuln_count":10,"unpatched_count":10,"last_vuln_date":25,"fetched_at":26},"cloudfilt-codes","CloudFilt Bot & Spam Protection","1.0.20","CloudFilt","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudfilt\u002F","\u003Cp>Prevent and block bot traffic, web scraping, Tor traffic, spam submissions (comments and contact forms), online fraud, business logic abuse, and denial-of-service (DDoS) attacks.\u003Cbr \u002F>\nThis plugin inserts the CloudFilt tracking and security codes into your website, enabling the protection services available at https:\u002F\u002Fcloudfilt.com\u002F\u003Cbr \u002F>\nYou can read the full documentation at: https:\u002F\u002Fdocs.cloudfilt.com\u002F\u003C\u002Fp>\n\u003Cp>Terms and Conditions: https:\u002F\u002Fcloudfilt.com\u002Fdocs\u002Fpt_cloudfilt_07302025.pdf\u003C\u002Fp>\n\u003Cp>Tags: web security, bot blocking, web application firewall, antispam, stop bad bots\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Authentification form\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using your public and private key to connect your WordPress website to your CloudFilt account and enable CloudFilt features.\u003C\u002Fli>\n\u003Cli>Check if your website is still connected to your CloudFilt account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enabled CloudFilt features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prevents and stop bots traffic, Web Scraping, Tor traffic, Spam Submissions, Web Fraud, Business logic and Denial of service (DDoS).\u003C\u002Fli>\n\u003Cli>Injects JS into pages to track and detect potentially dangerous users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Login to your CloudFilt account and go to https:\u002F\u002Fapp.cloudfilt.com\u002Fwebsites.\u003C\u002Fli>\n\u003Cli>Select the website and go to Settings > Integration & Plugins.\u003C\u002Fli>\n\u003Cli>In the “WordPress” tab, retrieve the public key and the private key.\u003C\u002Fli>\n\u003Cli>Login to the administration page of your WordPress and select the “CloudFilt” plugin from the menu.\u003C\u002Fli>\n\u003Cli>In the form, paste the keys you retrieved from your CloudFilt account.\u003C\u002Fli>\n\u003Cli>Once it is done, you can go back to https:\u002F\u002Fapp.cloudfilt.com and access to your website’s security statistics. Bots can’t be anymore go on your website and users are tracked.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To learn more, see the screenshots section.\u003C\u002Fp>\n","Prevent and stop bots traffic. This plugin inserts in your website the CloudFilt codes for the security tracking available on https:\u002F\u002Fcloudfilt.com\u002F.",600,18891,3,"2026-02-17T10:43:00.000Z","4.0",[94,95,96,52,97],"antispam","block-bots","stop-bad-bots","web-security","https:\u002F\u002Fcloudfilt.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudfilt-codes.1.0.20.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":10,"num_ratings":10,"last_updated":110,"tested_up_to":47,"requires_at_least":48,"requires_php":71,"tags":111,"homepage":114,"download_link":115,"security_score":55,"vuln_count":10,"unpatched_count":10,"last_vuln_date":25,"fetched_at":26},"zero-budget-bot-shield","Zero Budget Bot Shield","1.0.2","wppropress","https:\u002F\u002Fprofiles.wordpress.org\u002Fwppropress\u002F","\u003Cp>Zero Budget Bot Shield is a WordPress security plugin that provides country blocking and 404 abuse protection without using external APIs or services\u003C\u002Fp>\n\u003Ch3>Country Blocking Without External APIs\u003C\u002Fh3>\n\u003Cp>Most geo-blocking plugins depend on third-party IP lookup services.\u003Cbr \u002F>\nZero Budget Bot Shield does not.\u003C\u002Fp>\n\u003Cp>Instead, it reads country codes directly from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cloudflare IP country headers\u003C\u002Fli>\n\u003Cli>Hosting provider GeoIP headers\u003C\u002Fli>\n\u003Cli>Standard server-level GeoIP integrations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This means:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No API keys\u003C\u002Fli>\n\u003Cli>No outbound IP lookups\u003C\u002Fli>\n\u003Cli>No visitor data sent to external services\u003C\u002Fli>\n\u003Cli>No privacy policy complexity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>All features are available out of the box, with nothing locked behind a paywall.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Country blocking using server-level GeoIP headers\u003C\u002Fli>\n\u003Cli>No external APIs, IP databases, or paid services\u003C\u002Fli>\n\u003Cli>Automatic detection and blocking of 404 abuse\u003C\u002Fli>\n\u003Cli>Configurable rate limits and time windows\u003C\u002Fli>\n\u003Cli>Admin dashboard with statistics and event logs\u003C\u002Fli>\n\u003Cli>Exportable logs for auditing and analysis\u003C\u002Fli>\n\u003Cli>Native WordPress admin interface\u003C\u002Fli>\n\u003Cli>No front-end scripts or styles\u003C\u002Fli>\n\u003Cli>Fully self-contained and privacy-friendly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>\nZero Budget Bot Shield uses country codes provided by your server environment, such as:\n\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Cloudflare IP country headers\u003C\u002Fli>\n\u003Cli>Hosting provider GeoIP integrations\u003C\u002Fli>\n\u003Cli>Standard server-level GeoIP modules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\nNo outbound IP lookups are performed, and no visitor data is sent outside your WordPress installation.\n\u003C\u002Fp>\n\u003Cp>\nFor 404 protection, the plugin monitors repeated not-found responses per IP address and automatically applies temporary blocks when thresholds are exceeded.\n\u003C\u002Fp>\n\u003Ch3>Privacy and Performance\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No user tracking\u003C\u002Fli>\n\u003Cli>No storage of personally identifiable information\u003C\u002Fli>\n\u003Cli>No external API calls or SaaS dependencies\u003C\u002Fli>\n\u003Cli>No background cron jobs\u003C\u002Fli>\n\u003Cli>No performance impact on normal visitors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\nAll processing happens locally using infrastructure you already control.\n\u003C\u002Fp>\n\u003Ch3>Recommended For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Small businesses and personal websites\u003C\u002Fli>\n\u003Cli>Non-profits and educational institutions\u003C\u002Fli>\n\u003Cli>Shared hosting environments\u003C\u002Fli>\n\u003Cli>Developers who want simple, dependency-free protection\u003C\u002Fli>\n\u003Cli>Sites that require country blocking without paid services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About WPNatives\u003C\u002Fh3>\n\u003Cp>WPNatives develops practical, security-focused tools for WordPress site owners who value stability, performance, and transparency.\u003C\u002Fp>\n\u003Cp>Our plugins are designed to be lightweight, self-contained, and standards-compliant, with a focus on protecting WordPress sites without introducing unnecessary complexity, external dependencies, or recurring costs. We prioritize clean code, predictable behavior, and compatibility with common hosting environments.\u003C\u002Fp>\n\u003Cp>Our goal is to help individuals, nonprofits, small businesses, and agencies improve their site security and resilience using solutions that are easy to understand and maintain.\u003C\u002Fp>\n\u003Cp>Learn more at \u003Ca href=\"https:\u002F\u002Fwpnatives.com\" rel=\"nofollow ugc\">wpnatives.com\u003C\u002Fa> and explore our latest plugins, guides, and support resources.\u003C\u002Fp>\n","Free, lightweight WordPress plugin that blocks bots by country and prevents abuse via repeated 404 errors. Perfect for small organizations.",10,159,"2026-01-14T22:48:00.000Z",[112,19,20,113,21],"404-protection","geo-blocking","https:\u002F\u002Fapp.wpnatives.com\u002Fzero-budget-bot-shield-lightweight-country-blocking-and-404-abuse-protection-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzero-budget-bot-shield.1.0.2.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":47,"requires_at_least":48,"requires_php":69,"tags":129,"homepage":132,"download_link":133,"security_score":66,"vuln_count":134,"unpatched_count":10,"last_vuln_date":135,"fetched_at":26},"wordfence","Wordfence Security – Firewall, Malware Scan, and Login Security","8.1.4","Mark Maunder","https:\u002F\u002Fprofiles.wordpress.org\u002Fmmaunder\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fi4ZN2TwlaBE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER\u003C\u002Fh4>\n\u003Cp>WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.\u003C\u002Fp>\n\u003Cp>Choose the right protection for you: \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fpricing\u002F\" rel=\"nofollow ugc\">Wordfence Free, Premium, Care or Response\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.\u003C\u002Fp>\n\u003Cp>At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.\u003C\u002Fp>\n\u003Cp>The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more.\u003C\u002Fstrong> Our \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002F\" rel=\"nofollow ugc\">Threat Defense Feed\u003C\u002Fa> arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.\u003C\u002Fp>\n\u003Cp>Rounded out by 2FA and a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.\u003C\u002Fp>\n\u003Ch3>🔥 WORDPRESS FIREWALL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002F\" rel=\"nofollow ugc\">Web Application Firewall\u003C\u002Fa>\u003C\u002Fstrong> identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time firewall rule and malware signature [Premium]\u003C\u002Fstrong> updates via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002F\" rel=\"nofollow ugc\">Real-time IP Blocklist\u003C\u002Fa> [Premium]\u003C\u002Fstrong> blocks all requests from the most malicious IPs, protecting your site while reducing load.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protects your site at the endpoint\u003C\u002Fstrong>, enabling deep integration with WordPress. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fscan\u002F\" rel=\"nofollow ugc\">Integrated malware scanner\u003C\u002Fa>\u003C\u002Fstrong> blocks requests that include malicious code or content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002Fbrute-force\u002F\" rel=\"nofollow ugc\">Protection from brute force\u003C\u002Fa>\u003C\u002Fstrong> attacks by limiting login attempts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📡 WORDPRESS SECURITY SCANNER\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malware scanner\u003C\u002Fstrong> checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time malware signature updates [Premium]\u003C\u002Fstrong> via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compares with WordPress.org repository\u003C\u002Fstrong> your core files, themes and plugins, checking their integrity and reporting any changes to you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Repair WordPress core, theme, and plugin files\u003C\u002Fstrong> that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malware Removal Tools\u003C\u002Fstrong> “Delete File” and “Delete All Deletable Files” options allow for efficient malware removal. Remember to investigate the scan results and backup files first!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your site for known security vulnerabilities\u003C\u002Fstrong> and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your content safety\u003C\u002Fstrong> by scanning file contents, posts and comments for dangerous URLs and suspicious content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks to see if your site or IP have been blocklisted [Premium]\u003C\u002Fstrong> for malicious activity, generating spam or other security issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔒 LOGIN SECURITY\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">Two-factor authentication (2FA)\u003C\u002Fa>\u003C\u002Fstrong>, one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F\" rel=\"nofollow ugc\">Login Page CAPTCHA\u003C\u002Fa>\u003C\u002Fstrong> stops bots from logging in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F#woocommerce-and-custom-integrations\" rel=\"nofollow ugc\">2FA for WooCommerce and custom integrations\u003C\u002Fa>\u003C\u002Fstrong> allow for 2FA to be setup on custom account pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC\u003C\u002Fstrong> options including disabling or adding 2FA.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Security:\u003C\u002Fstrong> Block logins for administrators using known compromised passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 SECURITY AUDIT LOG [Premium]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Faudit-log\" rel=\"nofollow ugc\">The Audit Log\u003C\u002Fa>\u003C\u002Fstrong> monitors all changes and actions in security-sensitive areas of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remote tamper-proof data storage\u003C\u002Fstrong> via Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor events and actions\u003C\u002Fstrong> ranging  from user creation and editing to plugin\u002Ftheme installation and updates to post and page changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable\u003C\u002Fstrong> to log all events or significant events only, which includes all authentication, site configuration, and site functionality events.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 WORDFENCE CENTRAL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fwordfence-central\u002F\" rel=\"nofollow ugc\">Wordfence Central\u003C\u002Fa>\u003C\u002Fstrong> is a powerful and efficient way to manage the security for multiple sites in one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Centralized management:\u003C\u002Fstrong> Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful templates\u003C\u002Fstrong> make configuring Wordfence a breeze.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly configurable alerts\u003C\u002Fstrong> can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Track and alert on important security events\u003C\u002Fstrong> including administrator logins, breached password usage and surges in attack activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free to use\u003C\u002Fstrong> for unlimited sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ SECURITY TOOLS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Flive-traffic\u002F\" rel=\"nofollow ugc\">Live Traffic\u003C\u002Fa>\u003C\u002Fstrong> monitors visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block attackers by IP\u003C\u002Fstrong> or build advanced rules based on IP Range, Hostname, User Agent and Referrer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002Fcountry-blocking\u002F\" rel=\"nofollow ugc\">Country blocking\u003C\u002Fa>\u003C\u002Fstrong> available with Wordfence Premium.\u003C\u002Fli>\n\u003C\u002Ful>\n","Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.",5000000,406617999,94,4829,"2025-12-20T21:06:00.000Z",[73,20,130,131,21],"malware","scanner","https:\u002F\u002Fwww.wordfence.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordfence.8.1.4.zip",12,"2022-09-06 00:00:00",{"attackSurface":137,"codeSignals":162,"taintFlows":170,"riskAssessment":171,"analyzedAt":181},{"hooks":138,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":10,"unprotectedCount":10},[139,144,147,152,156],{"type":140,"name":141,"callback":141,"file":142,"line":143},"action","admin_init","class.admin.php",19,{"type":140,"name":145,"callback":145,"file":142,"line":146},"admin_menu",20,{"type":140,"name":148,"callback":149,"priority":10,"file":150,"line":151},"init","check","VerifiedVisitors.php",47,{"type":140,"name":153,"callback":154,"file":150,"line":155},"wp_enqueue_scripts","enqueue_scripts",50,{"type":140,"name":148,"callback":148,"priority":10,"file":150,"line":157},54,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":29,"externalRequests":168,"nonceChecks":10,"capabilityChecks":29,"bundledLibraries":169},[],{"prepared":10,"raw":10,"locations":165},[],{"escaped":78,"rawEcho":10,"locations":167},[],2,[],[],{"summary":172,"deductions":173},"The \"verifiedvisitors\" v1.1.2 plugin exhibits a strong security posture based on the provided static analysis.  The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant positive indicator.  Furthermore, the plugin demonstrates excellent practices by exclusively using prepared statements for SQL queries, properly escaping all output, and implementing capability checks for sensitive operations. The lack of known CVEs and a clean vulnerability history reinforces this positive assessment, suggesting a well-maintained and secure codebase.\n\nHowever, there are minor areas for consideration. The presence of file operations and external HTTP requests, while not inherently insecure, represent potential attack vectors that require diligent security practices within the plugin's implementation. The absence of nonce checks, even with a limited attack surface, could be a point of concern if any of the file operations or HTTP requests were to involve user-controllable data in the future. Overall, the plugin appears robust and has followed many security best practices, with only minor potential areas for future hardening.",[174,176,178],{"reason":175,"points":90},"File operations present potential attack vectors",{"reason":177,"points":90},"External HTTP requests present potential attack vectors",{"reason":179,"points":180},"No nonce checks on entry points",5,"2026-03-17T07:22:51.431Z",{"wat":183,"direct":196},{"assetPaths":184,"generatorPatterns":192,"scriptPaths":193,"versionParams":195},[185,186,187,188,189,190,191],"\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Fvendor\u002Fphp-sdk\u002Fsrc\u002FVerifiedVisitors\u002FSDK.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Fsrc\u002FVerifiedVisitors\u002FApi.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Fsrc\u002FVerifiedVisitors\u002FConfig.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Fsrc\u002FVerifiedVisitors\u002FAdmin.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Fsrc\u002FVerifiedVisitors\u002FFingerprint.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Ftemplates\u002Fblocked.php","\u002Fwp-content\u002Fplugins\u002Fverifiedvisitors\u002Ftemplates\u002Fcaptcha.php",[],[194],"https:\u002F\u002Fhcaptcha.com\u002F1\u002Fapi.js?recaptchacompat=off",[],{"cssClasses":197,"htmlComments":199,"htmlAttributes":200,"restEndpoints":203,"jsGlobals":204,"shortcodeOutput":206},[198],"h-captcha",[],[201,202],"data-sitekey","data-callback",[],[205],"onComplete",[]]