[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fexqOxlwo7E9yf8FhAJNyj9i4Hf4eUhcObX-_r2H-pRs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":135,"fingerprints":233},"virus-finder","Virus Finder","1.0.36","wphospital.hu","https:\u002F\u002Fprofiles.wordpress.org\u002Fwordpressvirusremoval\u002F","\u003Cp>Find viruses in your website with wphospital.hu. The plugin analyze all files, and shows the suspicious and virus files.\u003Cbr \u002F>\nAfter you can check it manually, and you can solve the problem!\u003C\u002Fp>\n","Find viruses in your WordPress easily. Virus scan, malware finder.",100,12182,0,"2026-01-16T09:17:00.000Z","7.0","2.8","",[19,20,21,22,23],"login-security","secure","security","security-plugin","wordpress-security","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvirus-finder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvirus-finder.1.0.36.zip",null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"wordpressvirusremoval",1,30,94,"2026-04-04T02:51:22.148Z",[36,55,76,93,113],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":53,"download_link":54,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"user-name-security","SX User Name Security","2.4","Daniel Roch","https:\u002F\u002Fprofiles.wordpress.org\u002Fconfridin\u002F","\u003Cp>WordPress show your WordPress login and ID in several places. It’s time to fix this !\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress automaticaly uses “User login” to fill in the “User Display Name”.\u003C\u002Fli>\n\u003Cli>WordPress also allows everyone to use the same value for Nickname, Display Name and Login.\u003C\u002Fli>\n\u003Cli>The body_class function also shows to everyone your User ID and Login on author pages.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A hacker can easily see then use your “NickName” or “Display Name” to find your real login. Once activated, SX User Name Security will prevent WordPress from showing those informations, and will warn you if you need to fix old users.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Cem>Features\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Body_class function:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Removes User ID from body_class function (front-end users pages)\u003C\u002Fli>\n\u003Cli>Removes User Nicename from body_class function (front-end users pages)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Current User informations:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin changes “Display Name” and “Nickname” to a random value (like ‘Ticibe T. Aduvoguripe’, ‘Lagubo N. Agigerovibe’ or ‘Datela N. Orejadavino’) if they are identiqual to user login\u003C\u002Fli>\n\u003Cli>If not, it changes “Display Name” to “Nickname” or “Nickname” to “Display Name” if one of them is identiqual to user login\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>New Registration:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display Name and Nickname are changed to random value during user registration.\u003C\u002Fli>\n\u003Cli>Nicename is also changed (it’s used to generate the user permalink on the front-end). For previous user, a notice has been added to use another plugin to safely change old nicenames.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Other information:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>All functions are translated into french and english.\u003C\u002Fp>\n\u003Cp>You can find me here on \u003Ca href=\"https:\u002F\u002Fwww.seomix.fr\" rel=\"nofollow ugc\">SeoMix\u003C\u002Fa>, and here is the official french post about this plugin \u003Ca href=\"https:\u002F\u002Fwww.seomix.fr\u002Fuser-name-security\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.seomix.fr\u002Fuser-name-security\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Find here our other plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fseo-key\u002F\" rel=\"nofollow ugc\">SEOKEY WordPress SEO plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fsecupress\u002F\" rel=\"nofollow ugc\">SecuPress Security plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","SX User Name Security prevents WordPress from showing your real Login everywhere. It ovverides the body_class function, User Nicename, Nickname and Di &hellip;",1000,19435,80,13,"2025-04-24T15:26:00.000Z","6.8.5","4.6","5.2.4",[20,21,22,23],"https:\u002F\u002Fwww.seomix.fr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-name-security.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":33,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":72,"download_link":73,"security_score":74,"vuln_count":31,"unpatched_count":13,"last_vuln_date":75,"fetched_at":27},"block-wp-login","Block wp-login","1.5.5","Oliver Campion","https:\u002F\u002Fprofiles.wordpress.org\u002Fdomainsupport\u002F","\u003Ch4>Block Access to wp-login.php\u003C\u002Fh4>\n\u003Cp>This plugin does the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Locates wp-login.php in your WordPress installation and duplicates it\u003C\u002Fli>\n\u003Cli>Locates .htaccess and inserts lines to block the default wp-login.php and creates a new secret address to use for legitimate login\u003C\u002Fli>\n\u003Cli>Will email the site admin if an administrator signs in with an un-recognised IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When installed your server will return “403 Forbidden“ when attempts are made to access the default wp-login.php file. This has two benefits; it prevents hackers from using brute force methods to hack your website and it reduces the load on the server when such brute force attacks are launched on your site as WordPress isn’t run at all.\u003C\u002Fp>\n\u003Cp>Please note, this plugin uses .htaccess so is only compatible with Apache web servers, it is not compatible with Nginx web servers.\u003C\u002Fp>\n","This plugin completely blocks access to wp-login.php and creates a new secret login URL",600,19911,9,"2025-12-04T12:47:00.000Z","6.9.4","3.5.0","5.6",[71,19,20,21,22],"block-hackers","https:\u002F\u002Fwebd.uk\u002Fsupport\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-wp-login.1.5.5.zip",99,"2019-06-27 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":86,"requires_at_least":87,"requires_php":15,"tags":88,"homepage":90,"download_link":91,"security_score":11,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":92},"wp-security-by-made-it","WP Security By Made I.T.","1.8.3","Made I.T.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadeit\u002F","\u003Cp>‘WP Security by Made I.T.’ is one of the fastest WordPress security plugins. The plugin daily scan your complete website to check for malware, viruses and files changes.\u003C\u002Fp>\n\u003Cp>This plugin relies on a third party service to functionally work. This plugin automatically generates a connection with our server on ‘www.madeit.be’ to create an API key to update scan listings, malware and virus databases. For more info, you can also have a look at our [plugin homepage].(https:\u002F\u002Fmadeit.be\u002Fwordpress-onderhoud\u002Fwp-plugin).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Scan your WordPress website to file changes.\u003C\u002Fli>\n\u003Cli>Compare the changed files with its original.\u003C\u002Fli>\n\u003Cli>Backup your Website.\u003C\u002Fli>\n\u003Cli>Made I.T. WordPress Maintenance integration.\u003C\u002Fli>\n\u003Cli>Security Alerts\u003C\u002Fli>\n\u003Cli>Vulnerability scanning thanks to wpvulndb.com\u003C\u002Fli>\n\u003Cli>Firewall (Experimental)\u003C\u002Fli>\n\u003Cli>Login prevention (Experimental)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Comming Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check for malware and viruses. [1.8]\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure your WordPress Website.",10,2282,"5.5.18","4.0",[89,20,21,22,23],"maintenance","https:\u002F\u002Fwww.madeit.be\u002Fwordpress-onderhoud","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-security-by-made-it.1.8.3.zip","2026-03-15T10:48:56.248Z",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":67,"requires_at_least":106,"requires_php":15,"tags":107,"homepage":109,"download_link":110,"security_score":33,"vuln_count":111,"unpatched_count":13,"last_vuln_date":112,"fetched_at":27},"secupress","SecuPress with Simple SSL – Simple and Performant Security","2.6","SecuPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fsecupress\u002F","\u003Ch4>Test it now!\u003C\u002Fh4>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fsecupress\u002F\" rel=\"nofollow ugc\">test SecuPress Free now\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>YOU MADE IT, WE KEEP IT SAFE!\u003C\u002Fh4>\n\u003Cp>The most advanced WordPress Protection on the market. SecuPress is focused on WordPress attacks and Malwares, not just “usual web protections” like many.\u003C\u002Fp>\n\u003Cp>Protect your WordPress with malware scans ; block bots & suspicious IPs. Get a complete \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">WordPress security toolkit\u003C\u002Fa> for free or as a pro plugin. SecuPress is GDPR compliant.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s the difference between free and pro version?\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you are proactive, our free WordPress security plugin is a great choice! No time to activate weekly scans? Then \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">SecuPress pro\u003C\u002Fa> is the way to go. Our plugin takes care of everything with automated tasks.\u003C\u002Fp>\n\u003Ch4>Here are some of our most popular features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Brute Force Login Protection\u003C\u002Fli>\n\u003Cli>Password Spraying Protection\u003C\u002Fli>\n\u003Cli>Firewall features\u003C\u002Fli>\n\u003Cli>Security alerts (1)\u003C\u002Fli>\n\u003Cli>Malware Scanner (1)\u003C\u002Fli>\n\u003Cli>Block country by geolocation (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>We have included some features you won’t find in most WordPress security plugins:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Protection of Security Keys\u003C\u002Fli>\n\u003Cli>Block visits from Bad Bots\u003C\u002Fli>\n\u003Cli>Vulnerable Plugins & Themes detection (1)\u003C\u002Fli>\n\u003Cli>Security Reports in PDF format (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can check out \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffaq\u002F\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa> or get in touch with our \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fsupport\u002F\" rel=\"nofollow ugc\">support\u003C\u002Fa>. Want to know all about SecuPress? You can read our documentation here: \u003Ca href=\"https:\u002F\u002Fdocs.secupress.me\" rel=\"nofollow ugc\">docs.secupress.me\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How will you know it works?\u003C\u002Fstrong>\u003Cbr \u002F>\nWell, we have a dedicated security scanner that will give you a clear security grade and report for your website. This way, you’ll know exactly what to fix.\u003C\u002Fp>\n\u003Ch4>WordPress Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Security Audit\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress is the only plugin with a full scanner able to fix the issues for you. And when it requires a decision from you, it will ask you before proceeding. With this feature, you can check 35 security points in 5 minutes and let us take care of the rest.\u003C\u002Fp>\n\u003Cp>Once done, you get a security grade that gives you a clear idea of what your security level is. You can export this analysis in PDF format to share with others (clients or colleagues) (1).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Users & Login\u003C\u002Fstrong>\u003Cbr \u002F>\nThis feature is the easiest way to make sure your users’ data is protected and to keep their accounts from being compromised. With this feature you can limit the number of bad login attempts, ban non-existing usernames login attempts and set a non-login time slot. SecuPress also makes sure you control the sessions of your users.\u003C\u002Fp>\n\u003Cp>SecuPress also adds a \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fblog\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">2FA\u003C\u002Fa> (Two Factor Authentication) because it’s almost a mandatory feature when it comes to WordPress security!\u003C\u002Fp>\n\u003Cp>The plugin also gives you greater user and password control as you can set:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Password lifetimes for your users.\u003C\u002Fli>\n\u003Cli>Enforce strong password use.\u003C\u002Fli>\n\u003Cli>Forbid the use of vague usernames like www or admin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tired of bots finding your WordPress login page? Finally, don’t let bots find your login page, just move it with the famous Move Login plugin, now included in SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins and Themes\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress helps you detect themes and plugins that are vulnerable or that have been tampered with to include malicious code. If you install one of these, your security module will send out an email alert and give you a warning in WordPress.\u003C\u002Fp>\n\u003Cp>SecuPress takes security further by limiting plugin activation, deactivation, installation and removal in your production (live) website. Plugin and theme uploads via .zip files will be on lockdown as well to block off this easy hacking route.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress reinforces the WordPress Core to keep it safe. The security plugin optimizes what’s under the hood to secure the config file by setting the proper parameters.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sensitive Data\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress secures content in many ways:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin secures WordPress Endpoints and APIs by blocking bad requests for XML-RPC or REST API.\u003C\u002Fli>\n\u003Cli>It blocks bad bots with its Robots Blackhole feature.\u003C\u002Fli>\n\u003Cli>It provides an anti-hotlink feature to preserve your bandwidth.\u003C\u002Fli>\n\u003Cli>The plugin packs 7 anti-disclose security modules to make sure no precious information is available to hackers in your PHP or WordPress itself.\u003C\u002Fli>\n\u003Cli>Profile and SecuPress settings pages are password protected to keep sensitive information away from prying eyes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Firewall\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SecuPress is one of the most efficient WordPress bouncer you’ll ever see!\u003C\u002Fli>\n\u003Cli>The plugin blocks malicious incoming requests.\u003C\u002Fli>\n\u003Cli>It blocks bad User Agents (no bad crawlers allowed).\u003C\u002Fli>\n\u003Cli>Bad requests methods also get the boot in a single click.\u003C\u002Fli>\n\u003Cli>URLs are kept in check: no bad URL contents.\u003C\u002Fli>\n\u003Cli>SQL injection scanners are kept out as well.\u003C\u002Fli>\n\u003Cli>Brute force attempts are stopped in their tracks.\u003C\u002Fli>\n\u003Cli>GeoIP Blocking by country gives you more control over your traffic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Malware Scan\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress has a unique malware scan developed by our security experts. It hunts down bad files and provides you with an easy step-by-step report that lets you take action. It looks into:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bad files in your FTP.\u003C\u002Fli>\n\u003Cli>Your uploads folder for dangerous files.\u003C\u002Fli>\n\u003Cli>Potential phishing attempts via \u003Ccode>index.php\u003C\u002Fcode> loads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Backups\u003C\u002Fstrong>\u003Cbr \u002F>\nWe know firsthand how painful it is to pick up the pieces after an attack damages your WordPress. SecuPress preserves your data to help you avoid lost content or settings if your website comes under attack. The plugin backs up your database and files and lets you download them to guarantee you peace of mind.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Anti Spam\u003C\u002Fstrong>\u003Cbr \u002F>\nDid you know that 60% of the traffic on the Internet is generated by bots? Most of them happen to be spam bots. We developed our own anti-spam system that works quietly in the background. Just activate it and enjoy a spam free experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Alerts\u003C\u002Fstrong>\u003Cbr \u002F>\nAlerts are an essential tool when your website is under attack. When something important happens on your website, SecuPress will send you an alert via email. We’re working on alerts via SMS, Slack & Twitter as well.\u003C\u002Fp>\n\u003Cp>You also receive a daily report that provides a debrief of the attempted attack and all the activities blocked by SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Security Tasks\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress can run 3 separate scheduled tasks for you. It’s like having a security patrol on your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Scanner:\u003C\u002Fstrong> SecuPress scans your website to detect any issues. After the scan is complete, you get a report in your inbox outlining any actions you have to take to protect your website.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Backup:\u003C\u002Fstrong> our team knows that everyone at one time or another forgets to back things up. We made it an automatic task to help ensure you always can recover from an attack with your content safe.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Malware Scan:\u003C\u002Fstrong> this security feature scans your website at regular intervals to hunt down any malware that may have gotten into your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress will keep a log of important security activities and 404 pages triggered by users, bots or even Chuck Norris. This lets you keep an eye on what’s going on in your WordPress at any time. You can also control banned IPs from this option.\u003C\u002Fp>\n\u003Cp>\u003Cem>(1) Available in the \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cem>(SecuPress est une extension de sécurité WordPress française)\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>Create a trust score for each non WP file and displays it\u003Cbr \u002F>\nCreate a “suspicious” status for alerts\u003Cbr \u002F>\nRevamp alerts\u003Cbr \u002F>\nRevamp logs\u003Cbr \u002F>\nAdd http logs\u003Cbr \u002F>\nPHP 8.O min\u003Cbr \u002F>\nreplace %s by ###USERNAME### in emails\u003Cbr \u002F>\n.htaccess scanner\u003Cbr \u002F>\nlogin rest disclose scanner\u003Cbr \u002F>\nmove EDD updater+white label into a mu to allow upgrade+rollback even with plugin deactivated\u003Cbr \u002F>\ngive possibility to rename logins\u003Cbr \u002F>\ntarget=”_blank” on doc links\u003Cbr \u002F>\nAI Scanner\u003Cbr \u002F>\nImprove malware scanner, again\u003C\u002Fp>\n","Protect your WordPress with SecuPress, analyze and ensure the safety of your website daily.",40000,1194523,82,108,"2026-01-16T10:56:00.000Z","5.4",[108,21,22,23],"malware","https:\u002F\u002Fsecupress.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecupress.2.6.zip",6,"2025-04-28 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":67,"requires_at_least":126,"requires_php":15,"tags":127,"homepage":130,"download_link":131,"security_score":132,"vuln_count":133,"unpatched_count":13,"last_vuln_date":134,"fetched_at":27},"bulletproof-security","BulletProof Security","7.1","AITpro","https:\u002F\u002Fprofiles.wordpress.org\u002Faitpro\u002F","\u003Cp>WordPress Security Protection: Malware scanner, Firewall, Login Security, DB Backup, Anti-Spam… View Security feature highlights below. View BulletProof Security feature details under the FAQ help section below. Effective, Reliable & Easy to use WordPress Security Plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>BulletProof Security is a proactive security plugin that automatically fixes 100+ known issues\u002Fconflicts with other plugins\u003C\u002Fstrong>.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fforum.ait-pro.com\u002Fforums\u002Ftopic\u002Fsetup-wizard-autofix\u002F\" title=\"BPS Setup Wizard AutoFix\" rel=\"nofollow ugc\">BPS Setup Wizard AutoFix\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>BulletProof Security Installation and Setup Video Tutorial\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FRZ1ARaEE0_I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>BulletProof Security Feature Highlights\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One-Click Setup Wizard\u003C\u002Fli>\n\u003Cli>Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup)\u003C\u002Fli>\n\u003Cli>MScan Malware Scanner\u003C\u002Fli>\n\u003Cli>.htaccess Website Security Protection (Firewalls)\u003C\u002Fli>\n\u003Cli>Hidden Plugin Folders|Files Cron (HPF)\u003C\u002Fli>\n\u003Cli>Login Security & Monitoring\u003C\u002Fli>\n\u003Cli>JTC-Lite (Limited version of BPS Pro JTC Anti-Spam|Anti-Hacker)\u003C\u002Fli>\n\u003Cli>Idle Session Logout (ISL)\u003C\u002Fli>\n\u003Cli>Auth Cookie Expiration (ACE)\u003C\u002Fli>\n\u003Cli>DB Backup: Full|Partial DB Backups | Manual|Scheduled DB Backups | Email Zip Backups | Cron Delete Old Backups\u003C\u002Fli>\n\u003Cli>DB Table Prefix Changer\u003C\u002Fli>\n\u003Cli>Security Logging\u003C\u002Fli>\n\u003Cli>HTTP Error Logging\u003C\u002Fli>\n\u003Cli>FrontEnd|BackEnd Maintenance Mode\u003C\u002Fli>\n\u003Cli>Extensive System Info (System Info page)\u003C\u002Fli>\n\u003Cli>WordPress Automatic Update Options\u003C\u002Fli>\n\u003Cli>Force Strong Passwords (FSP)\u003C\u002Fli>\n\u003Cli>Send email alerts when new Plugin & Theme updates are available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BulletProof Security Pro Feature Highlights\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One-Click Setup Wizard\u003C\u002Fli>\n\u003Cli>Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup)\u003C\u002Fli>\n\u003Cli>AutoRestore Intrusion Detection & Prevention System (ARQ IDPS)\u003C\u002Fli>\n\u003Cli>Quarantine Intrusion Detection & Prevention System (ARQ IDPS)\u003C\u002Fli>\n\u003Cli>Real-time File Monitor (IDPS)\u003C\u002Fli>\n\u003Cli>MScan Malware Scanner\u003C\u002Fli>\n\u003Cli>DB Monitor Intrusion Detection System (IDS)\u003C\u002Fli>\n\u003Cli>DB Diff Tool: data comparison tool\u003C\u002Fli>\n\u003Cli>DB Backup: Full|Partial DB Backups | Manual|Scheduled DB Backups | Email Zip Backups | Cron Delete Old Backups\u003C\u002Fli>\n\u003Cli>DB Status & Info: extensive database status & info\u003C\u002Fli>\n\u003Cli>Plugin Firewall (IP Firewall): Automated Whitelisting & IP Address Updated in Real-time\u003C\u002Fli>\n\u003Cli>JTC Anti-Spam|Anti-Hacker\u003C\u002Fli>\n\u003Cli>Uploads Folder Anti-Exploit Guard (UAEG)\u003C\u002Fli>\n\u003Cli>.htaccess Website Security Protection (Firewalls)\u003C\u002Fli>\n\u003Cli>Hidden Plugin Folders|Files Cron (HPF)\u003C\u002Fli>\n\u003Cli>Custom php.ini Website Security\u003C\u002Fli>\n\u003Cli>Login Security & Monitoring w\u002FDashboard Alerting|Status Display & additional options\u002Ffeatures\u003C\u002Fli>\n\u003Cli>Idle Session Logout (ISL)\u003C\u002Fli>\n\u003Cli>Auth Cookie Expiration (ACE)\u003C\u002Fli>\n\u003Cli>File|Folder Lock: File Locking | Detect & Lock Folders that were not created by you\u003C\u002Fli>\n\u003Cli>FrontEnd|BackEnd Maintenance Mode\u003C\u002Fli>\n\u003Cli>Security Logging\u003C\u002Fli>\n\u003Cli>HTTP Error Logging\u003C\u002Fli>\n\u003Cli>PHP Error Logging\u003C\u002Fli>\n\u003Cli>DB Table Prefix Changer\u003C\u002Fli>\n\u003Cli>Pro-Tools: 16 mini-plugins\u003C\u002Fli>\n\u003Cli>Heads Up Dashboard Status Display\u003C\u002Fli>\n\u003Cli>Extensive System Info (System Info page)\u003C\u002Fli>\n\u003Cli>WordPress Automatic Update Options\u003C\u002Fli>\n\u003Cli>Force Strong Passwords (FSP)\u003C\u002Fli>\n\u003Cli>Send email alerts when new Plugin & Theme updates are available\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.ait-pro.com\u002Fbps-features\u002F\" title=\"BulletProof Security Features\" rel=\"nofollow ugc\">View All BulletProof Security Pro Feature Details\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BulletProof Security Recommended Video Tutorials\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fforum.ait-pro.com\u002Fvideo-tutorials\u002F#custom-code\" title=\"BulletProof Security Custom Code Video Tutorial\" rel=\"nofollow ugc\">BulletProof Security Custom Code Video Tutorial\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fforum.ait-pro.com\u002Fvideo-tutorials\u002F#security-log-firewall\" title=\"BulletProof Security Security Log Video Tutorial\" rel=\"nofollow ugc\">BulletProof Security Security Log Video Tutorial\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Help Info\u003C\u002Fh3>\n\u003Cp>For details about BulletProof Security plugin features and frequently asked questions see the \u003Ca href=\"https:\u002F\u002Fforum.ait-pro.com\u002Fforums\u002Ftopic\u002Fbulletproof-security-plugin-frequently-asked-questions\u002F\" title=\"AIT-pro.com Forum\" rel=\"nofollow ugc\">BulletProof Security Plugin Frequently Asked Questions\u003C\u002Fa> forum topic. Extensive Help Info can be found on the \u003Ca href=\"https:\u002F\u002Fforum.ait-pro.com\u002Fforums\u002Ftopic\u002Fread-me-first-free\u002F#bps-free-general-troubleshooting\" title=\"AIT-pro.com Forum\" rel=\"nofollow ugc\">AIT-pro.com Forum\u003C\u002Fa> website and by clicking the Question Mark Help buttons on BulletProof Security plugin pages.\u003C\u002Fp>\n","WordPress Security Protection: Malware scanner, Firewall, Login Security, DB Backup, Anti-Spam...",30000,4509595,96,674,"2025-12-08T15:11:00.000Z","5.0",[128,19,129,20,21],"firewall","malware-scanner","https:\u002F\u002Fforum.ait-pro.com\u002Fread-me-first\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulletproof-security.7.1.zip",89,12,"2026-01-06 00:00:00",{"attackSurface":136,"codeSignals":152,"taintFlows":172,"riskAssessment":219,"analyzedAt":232},{"hooks":137,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":13,"unprotectedCount":13},[138,144],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","admin_menu","virus_finder_menu","virus-finder.php",20,{"type":139,"name":145,"callback":146,"file":142,"line":147},"admin_init","virus_finder_init",21,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":170,"externalRequests":13,"nonceChecks":31,"capabilityChecks":13,"bundledLibraries":171},[],{"prepared":13,"raw":13,"locations":155},[],{"escaped":13,"rawEcho":157,"locations":158},5,[159,162,164,166,168],{"file":142,"line":160,"context":161},48,"raw output",{"file":142,"line":163,"context":161},57,{"file":142,"line":165,"context":161},163,{"file":142,"line":167,"context":161},178,{"file":142,"line":169,"context":161},201,54,[],[173,191,204],{"entryPoint":174,"graph":175,"unsanitizedCount":31,"severity":190},"virus_finder_mappakolvas (virus-finder.php:291)",{"nodes":176,"edges":187},[177,182],{"id":178,"type":179,"label":180,"file":142,"line":181},"n0","source","$_GET['virus_finder_token']",308,{"id":183,"type":184,"label":185,"file":142,"line":181,"wp_function":186},"n1","sink","header() [Header Injection]","header",[188],{"from":178,"to":183,"sanitized":189},false,"medium",{"entryPoint":192,"graph":193,"unsanitizedCount":31,"severity":190},"virus_finder_post (virus-finder.php:429)",{"nodes":194,"edges":202},[195,198],{"id":178,"type":179,"label":196,"file":142,"line":197},"$_SERVER",434,{"id":183,"type":184,"label":199,"file":142,"line":200,"wp_function":201},"fopen() [File Access]",442,"fopen",[203],{"from":178,"to":183,"sanitized":189},{"entryPoint":205,"graph":206,"unsanitizedCount":13,"severity":218},"\u003Cvirus-finder> (virus-finder.php:0)",{"nodes":207,"edges":214},[208,209,210,212],{"id":178,"type":179,"label":180,"file":142,"line":181},{"id":183,"type":184,"label":185,"file":142,"line":181,"wp_function":186},{"id":211,"type":179,"label":196,"file":142,"line":197},"n2",{"id":213,"type":184,"label":199,"file":142,"line":200,"wp_function":201},"n3",[215,217],{"from":178,"to":183,"sanitized":216},true,{"from":211,"to":213,"sanitized":216},"low",{"summary":220,"deductions":221},"The \"virus-finder\" plugin, v1.0.36, exhibits a mixed security posture.  On the positive side, the plugin has no recorded vulnerabilities (CVEs) and demonstrates good practices by using prepared statements for all its SQL queries.  It also has a minimal attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events identified.\n\nHowever, significant concerns arise from the static analysis. The plugin shows a complete lack of output escaping, meaning user-controlled data displayed on the frontend could be vulnerable to cross-site scripting (XSS) attacks. Furthermore, the taint analysis reveals two flows with unsanitized paths, indicating potential for insecure data handling. The plugin also performs a high volume of file operations (54) with only one nonce check and zero capability checks, raising questions about the security of these file interactions, especially if they involve user-supplied data.\n\nGiven the absence of historical vulnerabilities, the plugin has not been a target or has been diligently maintained. Nonetheless, the static analysis findings, particularly the unescaped output and unsanitized paths, represent immediate risks that require attention. The plugin's strengths in SQL handling and limited attack surface are overshadowed by these critical weaknesses in data sanitization and output handling.",[222,225,228,230],{"reason":223,"points":224},"0% output escaping",8,{"reason":226,"points":227},"2 flows with unsanitized paths",15,{"reason":229,"points":84},"0 capability checks",{"reason":231,"points":157},"High number of file operations (54)","2026-03-16T21:03:46.077Z",{"wat":234,"direct":244},{"assetPaths":235,"generatorPatterns":239,"scriptPaths":240,"versionParams":241},[236,237,238],"\u002Fwp-content\u002Fplugins\u002Fvirus-finder\u002Fstyle\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fvirus-finder\u002Fstyle\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fvirus-finder\u002Fstyle\u002Ftolt.gif",[],[237],[242,243],"virus-finder\u002Fstyle.css?ver=","virus-finder\u002Fscript.js?ver=",{"cssClasses":245,"htmlComments":267,"htmlAttributes":269,"restEndpoints":287,"jsGlobals":288,"shortcodeOutput":291},[246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266],"notice","notice-error","Login","hiba","search","cs","fs","te","so","do","nincshiba","start","gomb","startfull","result","cleaning","cleaningtext","finish","virus","suspicious","resulttable",[268],"\u003C!-- Virus Finder -->",[270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286],"id=\"keret\"","id=\"hiba\"","id=\"search\"","id=\"cs\"","id=\"fs\"","id=\"te\"","id=\"so\"","id=\"do\"","id=\"nincshiba\"","id=\"start\"","id=\"startfull\"","id=\"result\"","id=\"cleaning\"","id=\"cleaningtext\"","id=\"finish\"","id=\"donate\"","id=\"resulttable\"",[],[289,290],"var filename","window.filename",[]]