[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4lIKYFyliRizt2uTTvDvlTsQTgsSWt3ZGDlnsMKVAbk":3,"$frMA_OIK3ScwEoh1rl9VFUsjAUP79yuKQYoNyIB2p6wc":267,"$f5aaSKXcqr5NTl5xfi2x8s08c5n3boyJHySdq5zj37P8":272},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":151,"fingerprints":251},"woo-restrict-by-category","Restrict By Category  for WooCommerce","1.1","EDGARROJAS","https:\u002F\u002Fprofiles.wordpress.org\u002Fedgarrojas\u002F","\u003Cp>Give access to your users to certain product categories\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>**Give or deny access to woocommerce categories by role.\u003C\u002Fli>\n\u003Cli>**Give or deny access to woocommerce categories to non logged in user\u003C\u002Fli>\n\u003C\u002Ful>\n","Restrict access to WooCommerce product categories.",10,3058,68,5,"2024-07-12T13:55:00.000Z","4.8.28","3.3","",[20,21,22,23,24],"access","category","restriction","security","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-restrict-by-category.zip",92,0,null,"2026-03-15T15:16:48.613Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"edgarrojas",19,12420,94,278,75,"2026-05-20T07:43:56.008Z",[41,65,85,106,127],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":27,"num_ratings":27,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":61,"download_link":62,"security_score":63,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":64},"block-ip-address-for-woocommerce","Block IP Address for WooCommerce","1.0.4","wpcraftnet","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcraftnet\u002F","\u003Cp>\u003Cstrong>Block IP Address for WooCommerce\u003C\u002Fstrong> is a powerful, lightweight, and easy-to-use plugin that allows you to \u003Cstrong>block IP addresses in WooCommerce\u003C\u002Fstrong> and protect your online store from spam, bots, and unwanted visitors.\u003C\u002Fp>\n\u003Cp>With this plugin, you can \u003Cstrong>restrict access to your WooCommerce shop, homepage, or specific product categories\u003C\u002Fstrong> using simple IP-based rules. When a visitor’s IP address matches a blocked entry, they are automatically redirected to a page of your choice.\u003C\u002Fp>\n\u003Cp>This plugin is ideal for store owners who want to \u003Cstrong>block IP address in WooCommerce,\u003C\u002Fstrong> control user access, and improve website security without any complex configuration.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Block IP Addresses?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Easily block IP address in WooCommerce\u003Cbr \u002F>\n– Prevent spam, bots, and malicious traffic\u003Cbr \u002F>\n– Improve store security with IP-based restrictions\u003Cbr \u002F>\n– Control who can access your shop or categories\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Easily add & manage blocked IP addresses.\u003Cbr \u002F>\n– Define \u003Cstrong>block duration\u003C\u002Fstrong> using start and end dates.\u003Cbr \u002F>\n– Redirect blocked \u003Cstrong>IPs to Shop Page.\u003C\u002Fstrong>\u003Cbr \u002F>\n– Redirect blocked \u003Cstrong>IPs to Home Page.\u003C\u002Fstrong>\u003Cbr \u002F>\n– Redirect blocked \u003Cstrong>IPs to Specific Category.\u003C\u002Fstrong>\u003Cbr \u002F>\n– Lightweight and simple to configure.\u003Cbr \u002F>\n– No coding required.\u003Cbr \u002F>\n– Compatible with the latest WooCommerce and WordPress versions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why This Plugin Stands Out\u003C\u002Fstrong>\u003Cbr \u002F>\nUnlike complex security plugins, \u003Cstrong>Block IP Address for WooCommerce\u003C\u002Fstrong> focuses only on what you need — simple, fast, and effective IP blocking with flexible control.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For\u003C\u002Fstrong>\u003Cbr \u002F>\n– Store owners who want to \u003Cstrong>block IP address in WooCommerce.\u003C\u002Fstrong>\u003Cbr \u002F>\n– Preventing fake traffic and spam users\u003Cbr \u002F>\n– Restricting access to specific users or regions\u003Cbr \u002F>\n– Temporarily blocking suspicious visitors\u003C\u002Fp>\n\u003Ch3>Contacts\u003C\u002Fh3>\n\u003Cp>If you need assistance, please visit our website at \u003Ca href=\"https:\u002F\u002Fwpcraft.net\" rel=\"nofollow ugc\">wpcraft.net\u003C\u002Fa> or contact our support team at \u003Ca href=\"info@wpcraft.net\" rel=\"nofollow ugc\">info@wpcraft.net\u003C\u002Fa>.\u003C\u002Fp>\n","Block IP Address for WooCommerce – Easily block IP address from accessing your WooCommerce shop, homepage, or specific product categories and redirect &hellip;",30,674,"2026-04-05T03:30:00.000Z","6.9.4","5.5","7.2",[56,57,58,59,60],"block-ip-address","ip-ban","ip-blocker","ip-restriction","woocommerce-security","https:\u002F\u002Fwpcraft.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-ip-address-for-woocommerce.1.0.4.zip",100,"2026-04-16T10:56:18.058Z",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":27,"downloaded":73,"rating":27,"num_ratings":27,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":83,"download_link":84,"security_score":63,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":64},"controlled-cod-restriction","Controlled COD Restriction","1.1.0","Anything Makers","https:\u002F\u002Fprofiles.wordpress.org\u002Fanythingmakers\u002F","\u003Cp>\u003Cstrong>Controlled COD Restriction\u003C\u002Fstrong> is a lightweight yet powerful WooCommerce plugin that helps store owners manage and optimize \u003Cstrong>Cash on Delivery (COD)\u003C\u002Fstrong> orders with precision.\u003C\u002Fp>\n\u003Cp>Tired of unwanted COD orders or fake cancellations? This plugin empowers you to \u003Cstrong>control when, how, and for whom COD is available\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>🎯 Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✅ \u003Cstrong>Restrict COD by Category\u003C\u002Fstrong> – Allow COD only for specific product categories.  \u003C\u002Fli>\n\u003Cli>💰 \u003Cstrong>Set Maximum COD Order Value\u003C\u002Fstrong> – Limit COD availability based on total order amount.   \u003C\u002Fli>\n\u003Cli>🔒 \u003Cstrong>Advanced Controls Available\u003C\u002Fstrong> – Extend functionality for additional rules and fees if desired.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Paid Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Auto Block and Unblock Users who violate COD and do not receive order  \u003C\u002Fli>\n\u003Cli>A dedicated shortcode to display Categories on which COD is available  \u003C\u002Fli>\n\u003Cli>COD Tax\u002FFee implementation    \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Built for performance, \u003Cstrong>Controlled COD Restriction\u003C\u002Fstrong> works seamlessly with your existing WooCommerce setup — no bloat, no conflicts, just \u003Cstrong>clean functionality that delivers\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>💡 Why Choose Controlled COD Restriction?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No complex setup — install, configure, and start controlling COD in minutes.  \u003C\u002Fli>\n\u003Cli>100% compatible with the \u003Cstrong>latest WordPress & WooCommerce versions\u003C\u002Fstrong>.  \u003C\u002Fli>\n\u003Cli>Built with security and scalability in mind.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed with ⚡ passion by Anything Makers Team\u003C\u002Fp>\n","A smart WooCommerce plugin that gives you total control over Cash on Delivery (COD) payments — restrict by category, limit by order's total, and more!",192,"2025-12-23T11:09:00.000Z","6.8.5","5.8","7.4",[79,80,81,82,24],"category-restriction","cod-blocking","cod-restriction","payment-restriction","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontrolled-cod-restriction\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontrolled-cod-restriction.1.1.0.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":96,"last_updated":97,"tested_up_to":52,"requires_at_least":98,"requires_php":18,"tags":99,"homepage":18,"download_link":103,"security_score":95,"vuln_count":104,"unpatched_count":27,"last_vuln_date":105,"fetched_at":64},"limit-login-attempts-reloaded","Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall","3.1.0","WPChef","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpchefgadget\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\" rel=\"nofollow ugc\">Limit Login Attempts Reloaded\u003C\u002Fa> functions as a robust deterrent against \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Fcracking-the-code-unveiling-the-mechanics-behind-brute-force-attacks\u002F\" rel=\"nofollow ugc\">brute force attacks\u003C\u002Fa>, bolstering your website’s security measures and optimizing its performance. It achieves this by \u003Cstrong>restricting the number of login attempts allowed\u003C\u002Fstrong>. This applies not only to the standard login method, but also to XMLRPC, Woocommerce, and custom login pages. With more than 2.5 million active users, this plugin fulfills all your login security requirements.\u003C\u002Fp>\n\u003Cp>The plugin functions by automatically preventing further attempts from a particular Internet Protocol (IP) address and\u002For username once a predetermined limit of retries has been surpassed. This significantly weakens the effectiveness of brute force attacks on your website.\u003C\u002Fp>\n\u003Cp>By default, WordPress permits an unlimited number of login attempts, posing a vulnerability where passwords can be easily deciphered through brute force methods.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Limit Login Attempts Reloaded Premium (Try Free with \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Fpremium-security-zero-cost-discover-the-benefits-of-micro-cloud\u002F\" rel=\"nofollow ugc\">Micro Cloud\u003C\u002Fa>)\u003C\u002Fstrong>\u003Cbr \u002F>\nUpgrade to \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Fplans\u002F\" rel=\"nofollow ugc\">Limit Login Attempts Reloaded Premium\u003C\u002Fa> to extend cloud-based protection to the Limit Login Attempts Reloaded plugin, thereby enhancing your login security. The premium version includes a range of highly beneficial features, including \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Ffeatures\u002Fip-intelligence\u002F\" rel=\"nofollow ugc\">IP intelligence\u003C\u002Fa> to \u003Cstrong>detect, counter and deny malicious login attempts\u003C\u002Fstrong>. Your \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Ffailed-login-attempts-in-wordpress\u002F\" rel=\"nofollow ugc\">failed login attempts\u003C\u002Fa> will be safely neutralized in the cloud so your website can function at its optimal performance during an attack.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FJfkvIiQft14?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Features (Free Version):\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>2FA\u003C\u002Fstrong> – Enable two-factor authentication for extra login security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit Logins\u003C\u002Fstrong> – Limit the number of retry attempts when logging in (per each IP).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Lockout Timings\u003C\u002Fstrong> – Modify the amount of time a user or IP must wait after a lockout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remaining Tries\u003C\u002Fstrong> – Informs the user about the remaining retries or lockout time on the login page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lockout Email Notifications\u003C\u002Fstrong> – Informs the admin via email of lockouts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Denied Attempt Logs\u003C\u002Fstrong> – View a log of all denied attempts and lockouts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP & Username Safelist\u002FDenylist\u003C\u002Fstrong> – Control access to usernames and IPs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New User Registration Protection (Micro Cloud Accounts)\u003C\u002Fstrong> – Protects default WP registration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sucuri\u003C\u002Fstrong> compatibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Wordfence\u003C\u002Fstrong> compatibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultimate Member\u003C\u002Fstrong> compatibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPS Hide Login\u003C\u002Fstrong> compatibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MemberPress\u003C\u002Fstrong> compatibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XMLRPC\u003C\u002Fstrong> gateway protection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Woocommerce\u003C\u002Fstrong> login page protection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-site compatibility\u003C\u002Fstrong> with extra MU settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR\u003C\u002Fstrong> compliant.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom IP origins support\u003C\u002Fstrong> (Cloudflare, Sucuri, etc.).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>llar_admin\u003C\u002Fstrong> own capability.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features (Premium Version):\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Performance Optimizer\u003C\u002Fstrong> – Offload the burden of excessive failed logins from your server to protect your server resources, resulting in improved speed and efficiency of your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced IP Intelligence\u003C\u002Fstrong> – Identify repetitive and suspicious login attempts to detect potential brute force attacks. IPs with known malicious activity are stored and used to help prevent and counter future attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Throttling\u003C\u002Fstrong> – Longer lockout intervals each time a malicious IP or username tries to login unsuccessfully.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deny By Country\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Fblock-logins-by-country-in-wordpress\u002F\" rel=\"nofollow ugc\">Block logins by country\u003C\u002Fa> by simply selecting the countries you want to deny.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto IP Denylist\u003C\u002Fstrong> – Automatically add IP addresses to your active cloud deny list that repeatedly fail login attempts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New User Registration Protection\u003C\u002Fstrong> – Protects default WP registration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global Denylist Protection\u003C\u002Fstrong> – Utilize our active cloud IP data from thousands of websites in the LLAR network.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Synchronized Lockouts\u003C\u002Fstrong> –  Lockout IP data can be shared between multiple domains for enhanced protection in your network.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Synchronized Safelist\u002FDenylist\u003C\u002Fstrong> – Safelist\u002FDenylist IP and username data can be shared between multiple domains.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support\u003C\u002Fstrong> – Email support with a security tech.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Backups of All IP Data\u003C\u002Fstrong> – Store your active IP data in the cloud.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Successful Logins Log\u003C\u002Fstrong> – Store successful logins in the cloud including IP info, city, state and lat\u002Flong.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced lockout logs\u003C\u002Fstrong> – Gain valuable insights into the origins of IPs that are attempting logins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CSV Download of IP Data\u003C\u002Fstrong> – Download IP data direclty from the cloud.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Supports IPV6 Ranges For Safelist\u002FDenylist\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlock The Locked Admin\u003C\u002Fstrong> – Easily \u003Ca href=\"https:\u002F\u002Fwww.limitloginattempts.com\u002Fhow-to-unlock-your-site-if-you-are-locked-out-by-limit-login-attempts-reloaded\u002F\" rel=\"nofollow ugc\">unlock the locked admin\u003C\u002Fa> through the cloud.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>*Some features require higher level plans.\u003C\u002Fp>\n\u003Ch4>Upgrading from the old Limit Login Attempts plugin?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to the Plugins section in your site’s backend.\u003C\u002Fli>\n\u003Cli>Remove the Limit Login Attempts plugin.\u003C\u002Fli>\n\u003Cli>Install the Limit Login Attempts Reloaded plugin.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>All your settings will be kept intact!\u003C\u002Fp>\n\u003Cp>Many languages are currently supported in the Limit Login Attempts Reloaded plugin but we welcome any additional ones.\u003C\u002Fp>\n\u003Cp>Help us bring Limit Login Attempts Reloaded to even more countries.\u003C\u002Fp>\n\u003Cp>Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish\u003C\u002Fp>\n\u003Cp>Plugin uses standard actions and filters only.\u003C\u002Fp>\n\u003Cp>Based on the original code from Limit Login Attempts plugin by Johan Eenfeldt.\u003C\u002Fp>\n\u003Ch4>Branding Guidelines\u003C\u002Fh4>\n\u003Cp>Limit Login Attempts Reloaded™ is a trademark of Atlantic Silicon Inc. When writing about the plugin, please make sure to use Reloaded after Limit Login Attempts. Limit Login Attempts is the old plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit Login Attempts Reloaded (correct)\u003C\u002Fli>\n\u003Cli>Limit Login Attempts (incorrect)\u003C\u002Fli>\n\u003C\u002Ful>\n","Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.",2000000,83296786,98,1447,"2026-04-09T18:49:00.000Z","3.0",[100,101,102,23,24],"2fa","brute-force","firewall","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flimit-login-attempts-reloaded.3.1.0.zip",4,"2023-12-20 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":52,"requires_at_least":98,"requires_php":53,"tags":119,"homepage":122,"download_link":123,"security_score":124,"vuln_count":125,"unpatched_count":27,"last_vuln_date":126,"fetched_at":64},"loginizer","Loginizer","2.0.6","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>Loginizer is a WordPress plugin which helps you fight against bruteforce attack by blocking login for the IP after it reaches maximum retries allowed. You can blacklist or whitelist IPs for login using Loginizer. You can use various other features like Two Factor Auth, reCAPTCHA, PasswordLess Login, etc. to improve security of your website.\u003C\u002Fp>\n\u003Cp>Loginizer is actively used by more than 1000000+ WordPress websites.\u003C\u002Fp>\n\u003Cp>You can find our official documentation at \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fdocs\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.com\u002Fdocs\u003C\u002Fa>. We are also active in our community support forums on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Floginizer\" rel=\"ugc\">wordpress.org\u003C\u002Fa> if you are one of our free users. Our Premium Support Ticket System is at \u003Ca href=\"https:\u002F\u002Floginizer.deskuss.com\" rel=\"nofollow ugc\">https:\u002F\u002Floginizer.deskuss.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Free Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Brute force protection. IPs trying to brute force your website will be blocked for 15 minutes after 3 failed login attempts. After multiple lockouts the IP is blocked for 24 hours. This is the default configuration and can be changed from Loginizer -> Brute force page in WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Failed login attempts logs.\u003C\u002Fli>\n\u003Cli>Blacklist IPs\u003C\u002Fli>\n\u003Cli>Whitelist IPs\u003C\u002Fli>\n\u003Cli>Custom error messages on failed login.\u003C\u002Fli>\n\u003Cli>Permission check for important files and folders.\u003C\u002Fli>\n\u003Cli>Allow only Trusted IP.\u003C\u002Fli>\n\u003Cli>Blocked Screen in place of the Login page.\u003C\u002Fli>\n\u003Cli>Email Notification on successful login.\u003C\u002Fli>\n\u003Cli>Let users login with LinkedIn\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get Support and Pro Features\u003C\u002Fh4>\n\u003Cp>Get professional support from our experts and pro features to take your site’s security to the next level with \u003Ca href=\"https:\u002F\u002Floginizer.com\u002Fpricing\" rel=\"nofollow ugc\">Loginizer-Security\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Pro Features :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.\u003C\u002Fli>\n\u003Cli>PasswordLess Login – At the time of Login, the username \u002F email address will be asked and an email will be sent to the email address of that account with a temporary link to login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.\u003C\u002Fli>\n\u003Cli>Two Factor Auth via App – The user can configure the account with a 2FA App like Google Authenticator, Authy, etc.\u003C\u002Fli>\n\u003Cli>Login Challenge Question – The user can setup a Challenge Question and Answer as an additional security layer. After Login, the user will need to answer the question to complete the login.\u003C\u002Fli>\n\u003Cli>reCAPTCHA – Google’s reCAPTCHA v3\u002Fv2, Cloudflare Turnstile, hCAPTCHA can be configured for the Login screen, Comments Section, Registration Form, etc. to prevent automated brute force attacks. Supports WooCommerce as well.\u003C\u002Fli>\n\u003Cli>Rename Login Page – The Admin can rename the login URL (slug) to something different from wp-login.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename WP-Admin URL – The Admin area in WordPress is accessed via wp-admin. With loginizer you can change it to anything e.g. site-admin\u003C\u002Fli>\n\u003Cli>CSRF Protection – This helps in preventing CSRF attacks as it updates the admin URL with a session string which makes it difficult and nearly impossible for the attacker to predict the URL.\u003C\u002Fli>\n\u003Cli>Rename Login with Secrecy – If set, then all Login URL’s will still point to wp-login.php and users will have to access the New Login Slug by typing it in the browser.\u003C\u002Fli>\n\u003Cli>Disable XML-RPC – An option to simply disable XML-RPC in WordPress. Most of the WordPress users don’t need XML-RPC and can disable it to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Rename XML-RPC – The Admin can rename the XML-RPC to something different from xmlrpc.php to prevent automated brute force attacks.\u003C\u002Fli>\n\u003Cli>Username Auto Blacklist – Attackers generally use common usernames like admin, administrator, or variations of your domain name \u002F business name. You can specify such username here and Loginizer will auto-blacklist the IP Address(s) of clients who try to use such username(s).\u003C\u002Fli>\n\u003Cli>New Registration Domain Blacklist – If you would like to ban new registrations from a particular domain, you can use this utility to do so.\u003C\u002Fli>\n\u003Cli>Change the Admin Username – The Admin can rename the admin username to something more difficult.\u003C\u002Fli>\n\u003Cli>Auto Blacklist IPs – IPs will be auto blacklisted, if certain usernames saved by the Admin are used to login by malicious bots \u002F users.\u003C\u002Fli>\n\u003Cli>Disable Pingbacks – Simple way to disable PingBacks.\u003C\u002Fli>\n\u003Cli>SSO – Single Sign-on, let any user access to your WordPress Dashboard without the need to share username or password.\u003C\u002Fli>\n\u003Cli>Limit Concurrent Logins – It prevents user to login from different devices concurrently, you can define how many devices you want to allow, and how you want to restrict the user when concurrent limit is reached.\u003C\u002Fli>\n\u003Cli>Social Login – Users can login or register with their Google, Github, Facebook, X (Twitter), Discord, Twitch, LinkedIn, Microsoft with support for WooCommerce and Ultimate Member.\u003C\u002Fli>\n\u003Cli>Key Less Social Login – Use Loginizer’s Social Auth for easy key less Social login configuration, now supports Google, GitHub, X, LinkedIn more to be added later\u003C\u002Fli>\n\u003Cli>Country Blocking – Block IPs from specific countries to restrict access to your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features in Loginizer include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Blocks IP after maximum retries allowed\u003C\u002Fli>\n\u003Cli>Extended Lockout after maximum lockouts allowed\u003C\u002Fli>\n\u003Cli>Email notification to admin after max lockouts\u003C\u002Fli>\n\u003Cli>Blacklist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Whitelist IP\u002FIP range\u003C\u002Fli>\n\u003Cli>Check logs of failed attempts\u003C\u002Fli>\n\u003Cli>Create IP ranges\u003C\u002Fli>\n\u003Cli>Delete IP ranges\u003C\u002Fli>\n\u003Cli>Licensed under LGPLv2.1\u003C\u002Fli>\n\u003Cli>Safe & Secure\u003C\u002Fli>\n\u003C\u002Ful>\n","Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.",1000000,29928058,96,1024,"2026-03-02T12:38:00.000Z",[20,120,121,107,23],"admin","login","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Floginizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floginizer.2.0.6.zip",87,8,"2024-11-04 00:00:00",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":52,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":146,"download_link":147,"security_score":148,"vuln_count":149,"unpatched_count":27,"last_vuln_date":150,"fetched_at":64},"user-role-editor","User Role Editor","4.64.6","Vladimir Garagulya","https:\u002F\u002Fprofiles.wordpress.org\u002Fshinephp\u002F","\u003Cp>User Role Editor WordPress plugin allows you to change user roles and capabilities easy.\u003Cbr \u002F>\nJust turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done.\u003Cbr \u002F>\nAdd new roles and customize its capabilities according to your needs, from scratch of as a copy of other existing role.\u003Cbr \u002F>\nUnnecessary self-made role can be deleted if there are no users whom such role is assigned.\u003Cbr \u002F>\nRole assigned every new created user by default may be changed too.\u003Cbr \u002F>\nCapabilities could be assigned on per user basis. Multiple roles could be assigned to user simultaneously.\u003Cbr \u002F>\nYou can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins.\u003Cbr \u002F>\nMulti-site support is provided.\u003C\u002Fp>\n\u003Cp>Try it out on your free TasteWP \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fuser-role-editor\" rel=\"nofollow ugc\">test site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>To read more about ‘User Role Editor’ visit \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa> at \u003Ca href=\"http:\u002F\u002Fshinephp.com\" rel=\"nofollow ugc\">shinephp.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Do you need more functionality with quality support in a real time? Do you wish to remove advertisements from User Role Editor pages?\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.role-editor.com\" rel=\"nofollow ugc\">Buy Pro version\u003C\u002Fa>.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.role-editor.com\" rel=\"nofollow ugc\">User Role Editor Pro\u003C\u002Fa> includes extra modules:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Block selected admin menu items for role.\u003C\u002Fli>\n\u003Cli>Hide selected front-end menu items for no logged-in visitors, logged-in users, roles.\u003C\u002Fli>\n\u003Cli>Block selected widgets under “Appearance” menu for role.\u003C\u002Fli>\n\u003Cli>Show widgets at front-end for selected roles.\u003C\u002Fli>\n\u003Cli>Block selected meta boxes (dashboard, posts, pages, custom post types) for role.\u003C\u002Fli>\n\u003Cli>“Export\u002FImport” module. You can export user role to the local file and import it to any WordPress site or other sites of the multi-site WordPress network.\u003C\u002Fli>\n\u003Cli>Roles and Users permissions management via Network Admin  for multisite configuration. One click Synchronization to the whole network.\u003C\u002Fli>\n\u003Cli>“Other roles access” module allows to define which other roles user with current role may see at WordPress: dropdown menus, e.g assign role to user editing user profile, etc.\u003C\u002Fli>\n\u003Cli>Manage user access to editing posts\u002Fpages\u002Fcustom post type using posts\u002Fpages, authors, taxonomies ID list.\u003C\u002Fli>\n\u003Cli>Per plugin users access management for plugins activate\u002Fdeactivate operations.\u003C\u002Fli>\n\u003Cli>Per form users access management for Gravity Forms plugin.\u003C\u002Fli>\n\u003Cli>Shortcode to show enclosed content to the users with selected roles only.\u003C\u002Fli>\n\u003Cli>Posts and pages view restrictions for selected roles.\u003C\u002Fli>\n\u003Cli>Admin back-end pages permissions viewer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pro version is advertisement free. Premium support is included.\u003C\u002Fp>\n\u003Ch3>Additional Documentation\u003C\u002Fh3>\n\u003Cp>You can find more information about “User Role Editor” plugin at \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>I am ready to answer on your questions about plugin usage. Use \u003Ca href=\"http:\u002F\u002Fwww.shinephp.com\u002Fuser-role-editor-wordpress-plugin\u002F\" rel=\"nofollow ugc\">plugin page comments\u003C\u002Fa> for that.\u003C\u002Fp>\n","User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit\u002Fadd\u002Fdelete WordPress user roles and capabilities.",700000,21415579,90,287,"2025-12-02T03:45:00.000Z","4.4","7.3",[20,143,144,23,145],"editor","role","user","https:\u002F\u002Fwww.role-editor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-role-editor.4.64.6.zip",97,2,"2024-12-16 19:51:53",{"attackSurface":152,"codeSignals":220,"taintFlows":239,"riskAssessment":240,"analyzedAt":250},{"hooks":153,"ajaxHandlers":207,"restRoutes":217,"shortcodes":218,"cronEvents":219,"entryPointCount":159,"unprotectedCount":159},[154,160,165,168,171,174,177,180,183,186,190,194,199,203],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","pre_get_posts","rednao_wcrbc_additional_woo_query","filter-manager.php",3,{"type":161,"name":162,"callback":163,"file":158,"line":164},"filter","woocommerce_shortcode_products_query","rednao_wcrbc_fix_shortcode_query",57,{"type":161,"name":166,"callback":163,"file":158,"line":167},"woocommerce_shortcode_product_cat_query",58,{"type":161,"name":169,"callback":163,"file":158,"line":170},"woocommerce_shortcode_recent_products_query",59,{"type":161,"name":172,"callback":163,"file":158,"line":173},"woocommerce_shortcode_sale_products_query",60,{"type":161,"name":175,"callback":163,"file":158,"line":176},"woocommerce_shortcode_best_selling_products_query",61,{"type":161,"name":178,"callback":163,"file":158,"line":179},"woocommerce_shortcode_top_rated_products_query",62,{"type":161,"name":181,"callback":163,"file":158,"line":182},"woocommerce_shortcode_featured_products_query",63,{"type":161,"name":184,"callback":163,"file":158,"line":185},"woocommerce_shortcode_product_attribute_query",64,{"type":155,"name":187,"callback":188,"file":158,"line":189},"woocommerce_no_products_found","rednao_wcrbc_no_product_found",108,{"type":161,"name":191,"callback":192,"file":158,"line":193},"woocommerce_is_purchasable","rednao_wcrbc_is_purchasablle",115,{"type":155,"name":195,"callback":196,"file":197,"line":198},"admin_menu","rednao_wc_restrict_by_category_create_menu","woocommerce-restrict-by-category.php",12,{"type":155,"name":200,"callback":201,"file":197,"line":202},"init","rednao_wcrbc_init",13,{"type":155,"name":204,"callback":205,"file":197,"line":206},"admin_init","rednao_wcrbc_was_activated",28,[208,212,215],{"action":209,"nopriv":210,"callback":209,"hasNonce":210,"hasCapCheck":210,"file":211,"line":149},"rednao_wcrbc_search_roles",false,"ajax.php",{"action":213,"nopriv":210,"callback":213,"hasNonce":210,"hasCapCheck":210,"file":211,"line":214},"rednao_wcrbc_search_user",45,{"action":216,"nopriv":210,"callback":216,"hasNonce":210,"hasCapCheck":210,"file":211,"line":148},"rednao_wcrbc_save_roles",[],[],[],{"dangerousFunctions":221,"sqlUsage":222,"outputEscaping":225,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":235},[],{"prepared":223,"raw":27,"locations":224},7,[],{"escaped":226,"rawEcho":159,"locations":227},17,[228,231,233],{"file":211,"line":229,"context":230},38,"raw output",{"file":211,"line":232,"context":230},85,{"file":211,"line":234,"context":230},131,[236],{"name":237,"version":28,"knownCves":238},"Select2",[],[],{"summary":241,"deductions":242},"The \"woo-restrict-by-category\" plugin v1.1 presents a moderate security risk due to its unprotected AJAX handlers. While the plugin demonstrates good practices in other areas, such as using prepared statements for all SQL queries and a high percentage of properly escaped output, the lack of authentication on three AJAX entry points is a significant concern. This oversight opens the door for unauthenticated users to potentially trigger plugin functionalities, which could lead to unintended consequences or be leveraged in conjunction with other vulnerabilities.\n\nThe static analysis reveals no dangerous functions, file operations, or external HTTP requests, which are positive signs. Furthermore, the plugin has no recorded vulnerability history, suggesting a generally well-maintained codebase. However, the absence of nonce checks and capability checks on these AJAX handlers, combined with the lack of taint analysis (which may be due to the limited scope of the analysis or absence of complex data flows), means that potential vulnerabilities within these handlers are not being mitigated.\n\nIn conclusion, while the plugin benefits from solid SQL handling and output escaping, the unprotected AJAX endpoints are its primary weakness. The absence of any known vulnerabilities is a strong point, but it doesn't negate the inherent risks introduced by these exposed entry points. Future development should prioritize implementing proper authentication and authorization mechanisms for all AJAX requests to strengthen the plugin's security posture.",[243,246,248],{"reason":244,"points":245},"3 unprotected AJAX handlers",15,{"reason":247,"points":14},"0 Nonce checks on AJAX",{"reason":249,"points":14},"0 Capability checks on AJAX","2026-03-17T01:01:52.176Z",{"wat":252,"direct":259},{"assetPaths":253,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[254,255],"\u002Fwp-content\u002Fplugins\u002Fwoo-restrict-by-category\u002Fjs\u002Fbundle\u002Frolerestriction_bundle.js","\u002Fwp-content\u002Fplugins\u002Fwoo-restrict-by-category\u002Fcss\u002Fbootstrap\u002Fcss\u002Fbootstrap.min.css",[],[254],[],{"cssClasses":260,"htmlComments":262,"htmlAttributes":263,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":266},[261],"bootstrap",[],[],[],[],[],{"error":268,"url":269,"statusCode":270,"statusMessage":271,"message":271},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwoo-restrict-by-category\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":27,"versions":273},[]]