[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNEuCb6whMnPGEdrU_zY0Iw_Uy-Br1LrWIShbsEzBmc4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":146,"fingerprints":285},"whisper-comment-reloaded","Whisper Comment Reloaded","1.0","Joshua Parker","https:\u002F\u002Fprofiles.wordpress.org\u002Fparkerj\u002F","\u003Cp>Whisper Comment Reloaded is a WordPress plugin for commenters to control comment visibility for other viewers. A ‘whisper’ is a comment that is only displayed for targeted viewers. Viewers who are not authorised to view the whisper, will only see the replacement text instead.\u003C\u002Fp>\n\u003Cp>This is a great plugin to use for a class blog where a classroom blog can have multiple authors where the teacher\u002Fprofessor may want to add private notes for the student instead of making a public comment.\u003C\u002Fp>\n","Whisper Comment Reloaded is a WordPress plugin for commenters to control comment visibility for other viewers.",10,2384,0,"2011-09-02T07:39:00.000Z","3.2.1","2.8","",[19,20,21,22,23],"comments","private","security","silent","whisper","http:\u002F\u002Fwww.joshparker.us\u002Fblog\u002Fwordpress\u002Fwhisper_comment_reloaded.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhisper-comment-reloaded.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"parkerj",5,130,30,84,"2026-04-04T06:51:50.651Z",[38,61,86,106,127],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":32,"unpatched_count":13,"last_vuln_date":60,"fetched_at":28},"underconstruction","underConstruction","1.22","Garrett Grimm","https:\u002F\u002Fprofiles.wordpress.org\u002Fgrimmdude\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fappsumo.com\u002Fsearch?tags=wordpress&utm_source=sumo&utm_medium=wp-widget&utm_campaign=social-media-widget\" rel=\"nofollow ugc\">Check out the latest WordPress deals for your site.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Creates a ‘Coming Soon’ page that will show for all users who are not logged in. Useful for developing a site on a live server, without the world being able to see it\u003C\u002Fp>\n","Creates a 'Coming Soon' page that will show for all users who are not logged in",40000,1745115,90,111,"2024-03-08T05:10:00.000Z","6.4.8","2.7",[54,55,20,21,56],"construction","preview","under-construction","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funderconstruction\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funderconstruction.1.22.zip",82,"2024-03-29 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":48,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":13,"last_vuln_date":85,"fetched_at":28},"jonradio-private-site","My Private Site","4.1.0","David Gewirtz","https:\u002F\u002Fprofiles.wordpress.org\u002Fdgewirtz\u002F","\u003Cp>\u003Cstrong>My Private Site\u003C\u002Fstrong> makes your WordPress site private so only logged-in users can see your content. With one click, you can restrict access to all posts and pages, automatically redirect visitors to the login screen, and keep your site visible only to people you trust.\u003C\u002Fp>\n\u003Cp>Unlike full membership or subscription systems, My Private Site focuses on strong privacy without unnecessary complexity. It is ideal for family sites, schools, clubs, client previews, or development environments where you want to share content with a trusted audience without managing payments, profiles, or custom roles.\u003C\u002Fp>\n\u003Ch3>Ideal Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Family sites and school projects\u003C\u002Fstrong>: Share personal updates, photos, or assignments only with family members, classmates, or teachers you choose.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Development and staging sites\u003C\u002Fstrong>: Safely show work-in-progress to clients or teammates without exposing unfinished content or letting it be indexed by search engines.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clubs, groups, and internal blogs\u003C\u002Fstrong>: Create a private online space for members or staff without the overhead of a complex membership system.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Digital Fortress protection\u003C\u002Fh3>\n\u003Cp>My Private Site helps protect the “front door” of your private site with built-in safeguards for login and user registration, including registration spam protection and optional reCAPTCHA support. It also includes AI Crawler Defense to discourage automated collection of your site’s content.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Make your entire WordPress site private with a single setting  \u003C\u002Fli>\n\u003Cli>Redirect logged-out visitors automatically to the login page  \u003C\u002Fli>\n\u003Cli>Choose where users land after login (requested page, home, dashboard, or custom URL)  \u003C\u002Fli>\n\u003Cli>Support user self-registration on private sites when enabled  \u003C\u002Fli>\n\u003Cli>Protect registration with built-in spam controls and optional reCAPTCHA  \u003C\u002Fli>\n\u003Cli>Optionally block unauthenticated access to the WordPress REST API  \u003C\u002Fli>\n\u003Cli>Simple, no-code setup using standard WordPress settings \u003C\u002Fli>\n\u003Cli>Privacy shortcode lets you selectively show or hide content within a page or post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built-in AI Crawler Defense\u003C\u002Fh3>\n\u003Cp>The internet is rapidly changing, with AI crawlers and bots harvesting content without consent. My Private Site helps you defend your work with integrated \u003Cstrong>AI Crawler Defense\u003C\u002Fstrong> features:\u003Cbr \u002F>\n* \u003Cstrong>NoAI and NoImageAI tags\u003C\u002Fstrong>: Automatically add meta tags and headers that signal compliant AI systems not to use your text or images for training.\u003Cbr \u002F>\n* \u003Cstrong>Block GPTBot\u003C\u002Fstrong>: Add a robots.txt rule to prevent OpenAI’s crawler from accessing your site.\u003Cbr \u002F>\n* \u003Cstrong>Really Simple Licensing (RSL)\u003C\u002Fstrong>: Publish a machine-readable license that explicitly prohibits AI training on your content.\u003C\u002Fp>\n\u003Cp>These protections are included free in the core plugin, easy to enable with a checkbox, and designed to safeguard your site without affecting normal visitors or search engines. You can use them even if you’re not using any other site privacy features.\u003C\u002Fp>\n\u003Ch3>Watch the Video Overview and Demo\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fjry3DHD-OB8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Premium Add-ons\u003C\u002Fh3>\n\u003Cp>Premium add-ons turn My Private Site into a comprehensive privacy suite, giving you enterprise-style layered security defenses, smarter oversight, and flexible access, without the complexity or cost.\u003C\u002Fp>\n\u003Cp>Advanced AI Crawler Defense, Visitor Intelligence, and Block IP provide protections regardless of whether you’re using any site privacy features.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FB6s8O9VZLc0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-public-pages\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Public Pages 2.0\u003C\u002Fstrong>\u003C\u002Fa>: Allows site operators to designate certain specific pages, or pages with specified prefix, to be available to the public without login. Now also allows public site, private pages. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fu7BuYtzS_pI\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-advanced-ai-defense\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Advanced AI Crawler Defense\u003C\u002Fstrong>\u003C\u002Fa>: Protect WordPress content from AI crawlers using licensing, opt-out tags, selective bot blocking, and firewall defenses to control and safeguard your data. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FEb4qQDafaRk\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-visitor-intelligence\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Visitor Intelligence\u003C\u002Fstrong>\u003C\u002Fa>: Track logins, logouts, failed attempts, and bot activity with a unified log, anomaly detection, and export tools for stronger site oversight and security. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FTTK8bGVD8pM\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-guest-access\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Guest Access\u003C\u002Fstrong>\u003C\u002Fa>: Grant temporary, secure access to private WordPress content using unique shareable links with expiration, one-time use, and full admin-controlled invite management. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002Fj1vYV8lhqcc\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-block-ip\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Block IP\u003C\u002Fstrong>\u003C\u002Fa>: Block unwanted visitors by IP address or range with full IPv4\u002FIPv6 support, configurable scope, and fast enforcement to secure your WordPress site. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FvsxLqYXWITs\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-tags-and-categories\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Tags & Categories\u003C\u002Fstrong>\u003C\u002Fa>: Allows you to make pages public or (with Public Pages 2.0) private based on tags and categories. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FdEv7lXxU5lo\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-selective-content\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Selective Content\u003C\u002Fstrong>\u003C\u002Fa>: Allows hiding, showing, and obscurifying page content through the use of shortcodes. Can also selectively hide widgets and sidebars. \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FexgJrJJSCNY\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fzatzlabs.com\u002Fproject\u002Fmy-private-site-pricing\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Digital Fortress Bundle\u003C\u002Fstrong>\u003C\u002Fa>: All add-ons are available in bundle form.  \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FB6s8O9VZLc0\" rel=\"nofollow ugc\">Watch the video\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Limits\u003C\u002Fh3>\n\u003Cp>This plugin does not hide non-WordPress web pages, such as .html and .php files. It also won’t restrict images and other media and text files directly accessed by their URL. If your hosting provider’s filesystem protections haven’t been set up correctly, files may also be accessed by directory listing.\u003C\u002Fp>\n\u003Ch3>Support Note\u003C\u002Fh3>\n\u003Cp>Support has moved to the ZATZLabs site and is no longer provided on the WordPress.org forums. If you need a timely reply from the developer, please \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">open a ticket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Mailing List\u003C\u002Fh3>\n\u003Cp>If you’d like to keep up with the latest updates to this plugin, please visit \u003Ca href=\"http:\u002F\u002Fzatzlabs.com\u002Flab-notes\u002F\" rel=\"nofollow ugc\">David’s Lab Notes\u003C\u002Fa> and add yourself to the mailing list.\u003C\u002Fp>\n","Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.",20000,568968,80,"2026-01-28T21:00:00.000Z","6.9.4","4.4","5.4",[77,78,79,80,21],"login","privacy","private-site","registration","http:\u002F\u002Fzatzlabs.com\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjonradio-private-site.4.1.0.zip",99,2,"2024-02-16 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":84,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":104,"download_link":105,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"comment-form-csrf-protection","Comment Form CSRF Protection","1.4","Ayesh Karunaratne","https:\u002F\u002Fprofiles.wordpress.org\u002Fayeshrajans\u002F","\u003Cp>WordPress has a 12-year-old unfixed security vulnerability that it does not properly validate incoming comments.\u003C\u002Fp>\n\u003Cp>An attacker can trick both anonymous and logged-in users to post comments on a victim site without them realizing, while using their own credentials.\u003C\u002Fp>\n\u003Cp>See this issue for more information: https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F10931\u003C\u002Fp>\n\u003Cp>This is a tiny (fewer than 40 effect lines of code) module that adds a secure token to the comment form and validate it before accepting any comment, thus making your comment forms secure as they should\\’ve been for all these years!\u003C\u002Fp>\n\u003Cp>It provides no UI – just install it, and you are all set!\u003C\u002Fp>\n\u003Col>\n\u003Cli>This plugin adds a secret cryptographically-secure token to the comment form. This is a unique value and is computationally impractical to guess it.\u003C\u002Fli>\n\u003Cli>Upon comment submission, the comment is rejected if the secret tokens are not present or computationally invalid.\u003C\u002Fli>\n\u003C\u002Fol>\n","Prevent Cross-Site Request Forgery attacks on your comments form.",500,15435,100,"2023-07-23T12:59:00.000Z","6.3.8","4.2","7.1",[19,102,21,103],"csrf","spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomment-form-csrf-protection","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-form-csrf-protection.1.4.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":48,"num_ratings":84,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":125,"download_link":126,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wpcontrol","WPControl – The Easiest Optimization Plugin for WordPress","1.0.1","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>WPControl is the ultimate way to clean up your WordPress site.\u003C\u002Fp>\n\u003Cp>With over 20 built-in optimizations, WPControl allows you to easily enable and disable WordPress Core features, letting you remove those features that you don’t use from the dashboard you and your users see.\u003C\u002Fp>\n\u003Cp>Simply put, WPControl is the ultimate plugin that you need to control your website. With our single plugin, you can remove the need to have plugins for things like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disabling emails\u003C\u002Fli>\n\u003Cli>Disabling comments\u003C\u002Fli>\n\u003Cli>Disabling the WordPress REST API\u003C\u002Fli>\n\u003Cli>and so much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All in a single, easy to use plugin that helps boost both the performance and security of your WordPress install.\u003C\u002Fp>\n\u003Cp>WPControl is designed for simplicity first, made by the same \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner team\u003C\u002Fa> that makes your favorite WordPress tutorials.\u003C\u002Fp>\n\u003Cp>Our plugin is used by the plugin authors behind many of your favorite WordPress plugins including \u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> , \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Faioseo.com\u002F\" title=\"AIOSEO\" rel=\"friend nofollow ugc\">AIOSEO\u003C\u002Fa>  and more.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Simple, yet powerful. I love that I can easily disable all of the features of WordPress I’m not using in a single plugin. It makes new site setup a breeze!\u003Cbr \u002F>\n  \u003Cbr \u002F>\n  Chris Christoff\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>At WPControl, we found that there are many unused features of WordPress that make it a hassle sometimes or we just don’t need. There are tons of plugins already out there that will disable a specific feature. But taking the time and energy to optimize all of them was too much. We made just one plugin that has the features of many so you can have a one stop shop for disabling unused features of WordPress.\u003C\u002Fp>\n\u003Cp>Unlike other methods of disabling features, WPControl allows you to disable many features with just a few clicks (no need to hire a developer).\u003C\u002Fp>\n\u003Ch4>Settings Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Comments\u003C\u002Fstrong> – You can disable comments site wide or on specific post types such as posts, pages, and media.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Gutenberg\u003C\u002Fstrong> – Disables the Gutenberg block editor and reverts it the Classic Editor\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable “Try Gutenberg” Nag\u003C\u002Fstrong> – Removes the annoying admin notice that keeps nagging you to try Gutenberg\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Shortlinks\u003C\u002Fstrong> – The tag is auto generated by WordPress and is used to create shortlinks. If you are already using pretty permalinks, such as the PrettyLinks plugin. Then there is no need for this unnecessary tag.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable RSD Link\u003C\u002Fstrong> – RSD Links are used by blog clients and some 3rd parties that utilize XML-RPC requests. If you edit your site through your browser, then you do not need it. Most of the time, it is just unnecessary code.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove XFN Profile Link\u003C\u002Fstrong> – The XFN Profile Link is used to add semantic data to links to be used by browsers to assign relationships between profiles. Basically it tells browsers that the site contains links that use XFN Specification\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable wlwmanifest Link\u003C\u002Fstrong> – The wlwmanifest link is used by Windows Live Writer. If you don’t use Windows Live Writer then disable the link as it is unnecessary code.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Links to Previous and Next Post\u003C\u002Fstrong> – If your site is not a blog and is used as a CMS, then this feature will remove the previous and next post links in your WordPress theme.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable XML-RPC Pingback\u003C\u002Fstrong> – Removes XML-RPC method to prevent abuse of site’s pingback while you can use the rest of the XML-RPC Pingback method.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Gravatar\u003C\u002Fstrong> – Blocks users WordPress from getting user Gravatar from their email to add privacy for the users or prevent inappropriate avatars.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Rest API\u003C\u002Fstrong> – Disables the REST-API to prevent abuse of Rest\u002FJSON API.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Hide Login Errors\u003C\u002Fstrong> – An attacker can find the authors login using a similar request as mysite.com\u002F?author=1.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove HTML comments\u003C\u002Fstrong> – Removes HTML comments in source code to add a layer of defense from attackers trying to find the version of plugins.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove Meta Generator\u003C\u002Fstrong> – This meta tag allows attackers to see the version of WordPress, it serves no useful purpose.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Right Click\u003C\u002Fstrong> – You can disable the ability to right click on your site, or just specific things like posts, pages, media, front page, and even have the ability to show an alert to the user that right click is disabled.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Admin Notices\u003C\u002Fstrong> – You can disable all admin notices that appear in the admin settings page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable New User Emails\u003C\u002Fstrong> – Stops WordPress from sending new user notification emails to admin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Search\u003C\u002Fstrong> – Disable the front-end search bar in WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Lazy Loading\u003C\u002Fstrong> – Removes the lazy loading functionality that was added in WordPress 5.3.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Hide Admin Toolbar\u003C\u002Fstrong> – Hides the admin toolbar when the admin is on the front-end\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Disable Dashboard Widgets\u003C\u002Fstrong> – Gives you the option to disable whichever default dashboard widgets you want.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>After reading this feature list, you can probably imagine why WPControl is the best disable plugin for WordPress.\u003C\u002Fp>\n\u003Cp>Give WPControl a try today!\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is created by Zain Balkhi of the \u003Ca href=\"https:\u002F\u002Fwpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner team\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – Best Google Analytics plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Foptinmonster.com\u002F\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get More Email Subscribers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – Best WordPress Contact Form Plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Faioseo.com\u002F\" title=\"AIOSEO\" rel=\"friend nofollow ugc\">AIOSEO\u003C\u002Fa> – The original WordPress SEO plugin to help you rank higher in search results (trusted by over 2 million sites)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F\" title=\"SeedProd\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Most popular coming soon & maintenance mode plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F\" title=\"WP Mail SMTP\" rel=\"friend nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F\" title=\"RafflePress\" rel=\"friend nofollow ugc\">RafflePress\u003C\u002Fa> – Best WordPress giveaway and contest plugin to grow traffic and social followers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsmashballoon.com\u002F\" title=\"Smash Balloon\" rel=\"friend nofollow ugc\">Smash Balloon\u003C\u002Fa> – #1 social feeds plugin for WordPress – display social media content in WordPress without code\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpushengage.com\u002F\" title=\"PushEngage\" rel=\"friend nofollow ugc\">PushEngage\u003C\u002Fa> – Connect with visitors after they leave your website with the leading web push notification plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftrustpulse.com\u002F\" title=\"TrustPulse\" rel=\"friend nofollow ugc\">TrustPulse\u003C\u002Fa> – Add real-time social proof notifications to boost your store conversions by up to 15%\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin would not be possible without the help and support of \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa>, the largest WordPress resource site. You can learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">free WordPress Tutorials\u003C\u002Fa> like \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fhow-to-install-wordpress\u002F\" title=\"How to Install WordPress - Step by Step\" rel=\"friend nofollow ugc\">how to install WordPress\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-hosting\u002F\" title=\"How to choose the best WordPress hosting\" rel=\"friend nofollow ugc\">choose the best WordPress hosting\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fglossary\u002F\" title=\"WordPress Glossary Terms for Beginners\" rel=\"friend nofollow ugc\">WordPress glossary\u003C\u002Fa>, and more.\u003C\u002Fp>\n\u003Cp>You can also learn about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F\" title=\"Best WordPress Plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","The easiest way to improve your website's security, performance, and user experience.",200,4235,"2022-04-18T21:12:00.000Z","5.9.13","3.8.0","5.6",[121,122,123,124,21],"disable-comments","disable-gutenberg","disable-rest-api","performance","https:\u002F\u002Fwww.wpcontrol.com\u002F?utm_source=liteplugin&utm_medium=pluginheader&utm_campaign=pluginurl&utm_content=7%2E0%2E0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcontrol.1.0.1.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":96,"downloaded":135,"rating":13,"num_ratings":13,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":17,"tags":139,"homepage":144,"download_link":145,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-ssl-secure-admin","Admin SSL","2.0-b2","blenjee","https:\u002F\u002Fprofiles.wordpress.org\u002Fblenjee\u002F","\u003Cp>Admin SSL secures login page, admin area, posts, pages – whatever you want – using Private SSL.\u003Cbr \u002F>\nOnce you have activated the plugin please go to the Admin SSL config page to enable SSL, and\u003Cbr \u002F>\nread the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Each time you update Admin SSL, please read the \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003Cbr \u002F>\nand \u003Ca href=\"http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002Fsetup\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> in\u003Cbr \u002F>\ncase there is some important information relating to the update.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Forces SSL on all pages where passwords can be entered.\u003C\u002Fli>\n\u003Cli>Works with Private SSL.\u003C\u002Fli>\n\u003Cli>Custom additional URLS (e.g. wp-admin\u002F) can be secured through the config page.\u003C\u002Fli>\n\u003Cli>You can choose where you want the Admin SSL config page to appear!\u003C\u002Fli>\n\u003Cli>Works on WordPress 3.0 – 3.1.1; for previous versions of WordPress please use version 1.4.1,\u003Cbr \u002F>\nbut note it is no longer supported – you should upgrade to the latest WordPress version.\u003C\u002Fli>\n\u003C\u002Fol>\n","Admin SSL secures login page, admin area, posts, pages - whatever you want - using Private SSL.",53005,"2011-04-24T15:21:00.000Z","3.1.4","3.0",[140,141,21,142,143],"private-ssl","secure-login","shared-ssl","ssl","http:\u002F\u002Fwww.kerrins.co.uk\u002Fblog\u002Fadmin-ssl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-ssl-secure-admin.2.0.zip",{"attackSurface":147,"codeSignals":181,"taintFlows":228,"riskAssessment":270,"analyzedAt":284},{"hooks":148,"ajaxHandlers":177,"restRoutes":178,"shortcodes":179,"cronEvents":180,"entryPointCount":13,"unprotectedCount":13},[149,155,158,161,165,168,171,174],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","admin_menu","whisper_comment_add_options","whisper-comment-reloaded.php",12,{"type":150,"name":156,"callback":156,"file":153,"line":157},"comment_form",266,{"type":150,"name":159,"callback":159,"file":153,"line":160},"comment_post",267,{"type":162,"name":163,"callback":163,"file":153,"line":164},"filter","comment_text",268,{"type":162,"name":166,"callback":163,"file":153,"line":167},"comment_text_rss",269,{"type":162,"name":169,"callback":169,"file":153,"line":170},"comment_excerpt",270,{"type":162,"name":172,"callback":172,"file":153,"line":173},"comment_edit_pre",271,{"type":162,"name":175,"callback":175,"file":153,"line":176},"comment_row_actions",272,[],[],[],[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":206,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":227},[],{"prepared":13,"raw":184,"locations":185},9,[186,189,191,194,196,198,200,202,204],{"file":153,"line":187,"context":188},26,"$wpdb->query() with variable interpolation",{"file":153,"line":190,"context":188},28,{"file":153,"line":192,"context":193},49,"$wpdb->get_results() with variable interpolation",{"file":153,"line":195,"context":188},51,{"file":153,"line":197,"context":193},62,{"file":153,"line":199,"context":188},64,{"file":153,"line":201,"context":188},313,{"file":153,"line":203,"context":188},316,{"file":153,"line":205,"context":193},426,{"escaped":13,"rawEcho":184,"locations":207},[208,211,213,215,217,219,221,223,225],{"file":153,"line":209,"context":210},162,"raw output",{"file":153,"line":212,"context":210},167,{"file":153,"line":214,"context":210},172,{"file":153,"line":216,"context":210},177,{"file":153,"line":218,"context":210},182,{"file":153,"line":220,"context":210},288,{"file":153,"line":222,"context":210},295,{"file":153,"line":224,"context":210},422,{"file":153,"line":226,"context":210},439,[],[229,257],{"entryPoint":230,"graph":231,"unsanitizedCount":255,"severity":256},"whisper_comment_options (whisper-comment-reloaded.php:19)",{"nodes":232,"edges":251},[233,238,244,247],{"id":234,"type":235,"label":236,"file":153,"line":237},"n0","source","$_POST (x2)",37,{"id":239,"type":240,"label":241,"file":153,"line":242,"wp_function":243},"n1","sink","update_option() [Settings Manipulation]",40,"update_option",{"id":245,"type":235,"label":246,"file":153,"line":237},"n2","$_POST (x5)",{"id":248,"type":240,"label":249,"file":153,"line":209,"wp_function":250},"n3","echo() [XSS]","echo",[252,254],{"from":234,"to":239,"sanitized":253},false,{"from":245,"to":248,"sanitized":253},7,"medium",{"entryPoint":258,"graph":259,"unsanitizedCount":184,"severity":269},"\u003Cwhisper-comment-reloaded> (whisper-comment-reloaded.php:0)",{"nodes":260,"edges":266},[261,262,263,265],{"id":234,"type":235,"label":236,"file":153,"line":237},{"id":239,"type":240,"label":241,"file":153,"line":242,"wp_function":243},{"id":245,"type":235,"label":264,"file":153,"line":237},"$_POST (x7)",{"id":248,"type":240,"label":249,"file":153,"line":209,"wp_function":250},[267,268],{"from":234,"to":239,"sanitized":253},{"from":245,"to":248,"sanitized":253},"low",{"summary":271,"deductions":272},"The 'whisper-comment-reloaded' v1.0 plugin exhibits significant security concerns despite a seemingly clean vulnerability history. The static analysis reveals a complete lack of any implemented security checks, including nonce checks, capability checks, and proper output escaping. All SQL queries are executed without prepared statements, posing a high risk of SQL injection vulnerabilities. Furthermore, taint analysis indicates flows with unsanitized paths, which could be exploited if these paths are exposed through any of the plugin's entry points, though the current static analysis reports zero entry points. The absence of any recorded vulnerabilities historically might suggest either that the plugin has not been widely used or that previous versions have not been thoroughly audited. However, the current code quality, particularly the absence of fundamental security practices like prepared statements and output escaping, presents a substantial risk, making it highly susceptible to common web attacks.",[273,275,278,280,282],{"reason":274,"points":11},"All SQL queries use raw strings",{"reason":276,"points":277},"No output escaping implemented",8,{"reason":279,"points":277},"No nonce checks implemented",{"reason":281,"points":277},"No capability checks implemented",{"reason":283,"points":255},"Taint analysis shows unsanitized paths","2026-03-17T01:44:02.899Z",{"wat":286,"direct":291},{"assetPaths":287,"generatorPatterns":288,"scriptPaths":289,"versionParams":290},[],[],[],[],{"cssClasses":292,"htmlComments":299,"htmlAttributes":300,"restEndpoints":322,"jsGlobals":323,"shortcodeOutput":324},[293,294,295,296,297,298],"wrap","metabox-holder","meta-box-sortabless","postbox","inside","form-table",[],[301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321],"for=\"wc_whisper_on\"","id=\"wc_whisper_on\"","name=\"wc_whisper_on\"","for=\"wc_whisper_to\"","id=\"wc_whisper_to\"","name=\"wc_whisper_to\"","for=\"wc_whisper_form_label\"","id=\"wc_whisper_form_label\"","name=\"wc_whisper_form_label\"","for=\"wc_whisper_denied_msg\"","id=\"wc_whisper_denied_msg\"","name=\"wc_whisper_denied_msg\"","for=\"wc_whisper_granted_msg\"","id=\"wc_whisper_granted_msg\"","name=\"wc_whisper_granted_msg\"","for=\"wc_whisper_author_msg\"","id=\"wc_whisper_author_msg\"","name=\"wc_whisper_author_msg\"","for=\"wc_whisper_admin_msg\"","id=\"wc_whisper_admin_msg\"","name=\"wc_whisper_admin_msg\"",[],[],[]]