[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1ofLr6IaA0s4YSha04lvja_--XsixCeuACDYJ4SfTqE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":153,"fingerprints":183},"wp-code-protection","Source Code Protection","3.0.0","ViitorCloud Technologies Pvt Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fviitorcloudvc\u002F","\u003Cp>Source Code Protection is a simple and effective plugin that uses to prevent common techniques in protecting your code from being stolen.\u003C\u002Fp>\n\u003Cp>Many of the general content copy methods (via mouse, keyboard and browser), like right-click, image drag\u002Fdrop\u002Fsave, text selection\u002Fdrag\u002Fdrop, source code view,\u003Cbr \u002F>\nand keyboard copy shortcut keys such as CTRL A, C, X, U, S, and P are disabled with this plugin.\u003C\u002Fp>\n\u003Ch3>Basic Features\u003C\u002Fh3>\n\u003Cp>Disable the following keys  CTRL+A, CTRL+C, CTRL+X,CTRL+S or CTRL+V.\u003Cbr \u002F>\nNo one can right click images on your site if you want.\u003C\u002Fp>\n\u003Ch4>Get Involved\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fviitorcloud.com\u002F\" rel=\"nofollow ugc\">ViitorCloud\u003C\u002Fa> believes in an active community support so with such plugins we try to make life easy for developers & of course customers. Don’t forget to subscribe our newsletter.\u003C\u002Fp>\n\u003Ch4>Advance Features (Pro Version)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Allow to open only links in new tab.\u003Cbr \u002F>\nPlease visit \u003Ca href=\"https:\u002F\u002Fviitorcloud.com\u002Fvcstore\u002F#sourcecode-pro\" rel=\"nofollow ugc\">Source Code Protection Pro\u003C\u002Fa> to buy.\u003C\u002Fli>\n\u003C\u002Fol>\n","Source Code Protection is a simple and effective plugin that uses to prevent common techniques in protecting your code from being stolen.",90,3600,20,1,"2024-05-24T09:45:00.000Z","6.5.8","3.8","",[20,21,22,23,24],"c","disable-ctrl-a","rightclick-disable","security","threat","https:\u002F\u002Fviitorcloud.com\u002Fblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-code-protection.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"viitorcloudvc",10,3120,89,30,86,"2026-04-04T20:41:09.877Z",[41,68,88,106,130],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":63,"download_link":64,"security_score":65,"vuln_count":66,"unpatched_count":28,"last_vuln_date":67,"fetched_at":30},"quttera-web-malware-scanner","Quttera ThreatSign – Web Malware Scanner for WordPress","4.0.0.3","quttera","https:\u002F\u002Fprofiles.wordpress.org\u002Fquttera\u002F","\u003Cp>Quttera ThreatSign protects your WordPress website with multi-layered security:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malware Detection:\u003C\u002Fstrong> Powered by Quttera’s AI-driven heuristic engine, the scanner detects malicious PHP, obfuscated JavaScript, hidden iframes, redirects, spam, SEO malware, and credit-card skimmers targeting checkout pages. The plugin performs on-demand scans directly from your WordPress admin and checks your domain against more than 40 global security authorities, including Google, McAfee, Norton, and Yandex. Detection capabilities are continuously enhanced using insights from Quttera’s worldwide threat intelligence network.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Brute Force Protection:\u003C\u002Fstrong> Prevents unauthorized login attempts with IP locking, configurable rate limiting, and environment-aware protection policies. Supports both shared hosting (aggressive locking) and dedicated servers (progressive delays). Includes emergency bypass mechanism for critical situations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Bot Protection:\u003C\u002Fstrong> Layered defense against automated attacks using multi-stage risk evaluation, token-bucket rate limiting, and legitimate bot recognition (Googlebot, Bingbot, etc.). Protects REST API, XML-RPC, and WooCommerce endpoints with endpoint-specific risk scoring.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Admin User Monitoring:\u003C\u002Fstrong> Real-time detection and alerting for unauthorized admin additions, removals, and role changes with database audit trail and snapshots.\u003C\u002Fp>\n\u003Cp>For complete protection—including automated malware removal, scheduled scanning, WAF, and 24\u002F7 monitoring—you can upgrade to a ThreatSign Website Security plan.\u003C\u002Fp>\n\u003Ch4>Malware Detection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One-click on-demand scans from WP admin\u003C\u002Fli>\n\u003Cli>0-day (unknown threat) detection via heuristic & behavioral analysis\u003C\u002Fli>\n\u003Cli>Detection of malicious PHP (backdoors, shells, injections)\u003C\u002Fli>\n\u003Cli>Detection of obfuscated or polymorphic JavaScript\u003C\u002Fli>\n\u003Cli>Identification of malicious iframes, redirects & hidden links\u003C\u002Fli>\n\u003Cli>Detection of spam & SEO malware\u003C\u002Fli>\n\u003Cli>Checkout skimmer detection\u003C\u002Fli>\n\u003Cli>Inspection of WordPress core file integrity\u003C\u002Fli>\n\u003Cli>Detection of alien or unauthorized files in core directories\u003C\u002Fli>\n\u003Cli>External links and outbound reference analysis\u003C\u002Fli>\n\u003Cli>Blacklist checks across 40+ security authorities\u003C\u002Fli>\n\u003Cli>Cloud-based scanning to reduce server resource load\u003C\u002Fli>\n\u003Cli>Detailed investigation reports with severity levels\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Brute Force Protection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>IP-based locking with configurable thresholds\u003C\u002Fli>\n\u003Cli>Multi-stage failure detection with soft and hard locks\u003C\u002Fli>\n\u003Cli>Environment-aware policies for shared hosting and dedicated servers\u003C\u002Fli>\n\u003Cli>IP whitelist\u002Fblacklist with CIDR notation support\u003C\u002Fli>\n\u003Cli>Emergency bypass mechanism via constant or filter\u003C\u002Fli>\n\u003Cli>User account lockout alerts via email\u003C\u002Fli>\n\u003Cli>Combo-lock (IP + username) detection\u003C\u002Fli>\n\u003Cli>Rate limiting with progressive delays\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bot Protection Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multi-stage risk evaluation with heuristic analysis\u003C\u002Fli>\n\u003Cli>Token-bucket rate limiting across multiple lanes (global, REST, XML-RPC, checkout, cart)\u003C\u002Fli>\n\u003Cli>Legitimate bot recognition (Googlebot, Bingbot with elevated rate limits)\u003C\u002Fli>\n\u003Cli>REST API enumeration and authentication protection\u003C\u002Fli>\n\u003Cli>WooCommerce endpoint protection (checkout & cart)\u003C\u002Fli>\n\u003Cli>Configurable operation modes (Observe, Balanced, Aggressive)\u003C\u002Fli>\n\u003Cli>Risk-based challenge mechanisms and exponential backoff\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin User Monitoring Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Real-time detection of admin user additions and removals\u003C\u002Fli>\n\u003Cli>Admin role change tracking\u003C\u002Fli>\n\u003Cli>Database snapshot comparison for audit trail\u003C\u002Fli>\n\u003Cli>WP-Cron scheduled checks (1-minute intervals)\u003C\u002Fli>\n\u003Cli>Immediate detection via WordPress hooks\u003C\u002Fli>\n\u003Cli>Email alerts for unauthorized changes\u003C\u002Fli>\n\u003Cli>Comprehensive alarm system integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you need malware removal assistance, contact us at support@quttera.com or sign up for any\u003Cbr \u002F>\nof our ThreatSign annual plans, which include cleanup & blacklist removal:\u003Cbr \u002F>\nhttps:\u002F\u002Fquttera.com\u002Fanti-malware-website-monitoring-signup\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fquttera.com\" rel=\"nofollow ugc\">Quttera\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plugin’s other home\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fquttera.com\u002Fwordpress_malware_scanner\" rel=\"nofollow ugc\">WordPress Malware Scanner\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress multi-level security scanner detecting malware, 0-day threats, brute-force attacks, bot attacks, and unauthorized admin changes.",10000,4426011,78,47,"2026-03-12T00:02:00.000Z","6.9.4","3.3.2","7.2",[58,59,60,61,62],"card-skimmer","malware-removal","malware-scanner","threat-detection","wordpress-security","http:\u002F\u002Fquttera.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquttera-web-malware-scanner.4.0.0.3.zip",98,3,"2025-08-14 00:00:00",{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":34,"downloaded":76,"rating":28,"num_ratings":28,"last_updated":77,"tested_up_to":54,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":85,"download_link":86,"security_score":87,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"global-threat-activity-level-widget","Global threat activity level Widget","1.1.6","pcrisk","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcrisk\u002F","\u003Cp>Display real-time global cyber threats activity directly on your WordPress site. This plugin shows the current worldwide threat level, the latest emerging malware threats, and guides on how to remove them—helping your visitors stay alert when cyber risks are high.\u003C\u002Fp>\n\u003Cp>Ideal for computer repair shops and IT professionals who want to demonstrate up-to-date security awareness and add value for their customers.\u003Cbr \u002F>\nThe plugin automatically pulls and updates data using feeds from \u003Ca href=\"https:\u002F\u002Fwww.pcrisk.com\u002F\" rel=\"nofollow ugc\">PCrisk.com\u003C\u002Fa>, ensuring fresh and accurate threat information at all times.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supports both the classic Widget system and the block editor.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Works as a classic WordPress widget AND as a Gutenberg block.\u003C\u002Fli>\n\u003Cli>Customisable title.\u003C\u002Fli>\n\u003Cli>Customisable number of latest threats displayed (maximum 10 items).\u003C\u002Fli>\n\u003Cli>Option to hide the latest threats list entirely.\u003C\u002Fli>\n\u003Cli>Shows last-update date. Status is usually updated every 12 hours.\u003C\u002Fli>\n\u003Cli>Compatible with PHP 7.3 and above.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress 5.8 and above.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays global virus and spyware activity level and latest spyware threats with guidelines how to remove them.",4197,"2026-02-23T11:41:00.000Z","5.8","7.3",[81,82,83,24,84],"activity","cyber-security","malware","virus","https:\u002F\u002Fwww.pcrisk.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fglobal-threat-activity-level-widget.1.1.6.zip",100,{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":28,"downloaded":96,"rating":28,"num_ratings":28,"last_updated":97,"tested_up_to":98,"requires_at_least":78,"requires_php":99,"tags":100,"homepage":18,"download_link":105,"security_score":87,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"s4e-effortless-continuous-cybersecurity","S4E: Effortless & Continuous Cybersecurity","1.0.0","S4E","https:\u002F\u002Fprofiles.wordpress.org\u002Fs4ee\u002F","\u003Cp>S4E: Effortless & Continuous Cybersecurity is a powerful WordPress plugin that seamlessly integrates with the S4E scan API to provide comprehensive security scanning capabilities for your website. This plugin offers a user-friendly interface to trigger various types of security scans and view detailed reports.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>User-friendly interface with light\u002Fdark theme support\u003C\u002Fli>\n\u003Cli>Multiple scan types:\n\u003Cul>\n\u003Cli>Full Scan\u003C\u002Fli>\n\u003Cli>Light Scan\u003C\u002Fli>\n\u003Cli>Single Scan\u003C\u002Fli>\n\u003Cli>Crawler Scan\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Real-time scan progress tracking\u003C\u002Fli>\n\u003Cli>Detailed scan reports\u003C\u002Fli>\n\u003Cli>Secure API integration\u003C\u002Fli>\n\u003Cli>Responsive design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to Use\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Step 1: Create an S4E Account\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Visit \u003Ca href=\"https:\u002F\u002Fapp.s4e.io\u002Fsign-up\" rel=\"nofollow ugc\">S4E Signup\u003C\u002Fa> and create a free account\u003Cbr \u002F>\n2. Verify your email address\u003Cbr \u002F>\n3. Login to your S4E dashboard\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 2: Get Your API Token\u003C\u002Fstrong>\u003Cbr \u002F>\n1. In your S4E dashboard, navigate to \u003Ca href=\"https:\u002F\u002Fapp.s4e.io\u002Fapi-token\" rel=\"nofollow ugc\">API Token page\u003C\u002Fa>\u003Cbr \u002F>\n2. Generate a new API token\u003Cbr \u002F>\n3. Copy the token (you’ll need this for the plugin)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 3: Install and Configure the Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Install and activate the plugin in WordPress\u003Cbr \u002F>\n2. The plugin will automatically create a new “S4E Security” menu item in your WordPress admin sidebar\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 4: Access the Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n1. In your WordPress admin area, navigate to “S4E Security” in the sidebar menu\u003Cbr \u002F>\n2. You’ll see a login form where you can enter your S4E API token\u003Cbr \u002F>\n3. Enter your S4E API token in the login field\u003Cbr \u002F>\n4. Click “Login” – you’ll be redirected to your profile dashboard\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 5: Add Your Asset for Auto-Verification\u003C\u002Fstrong>\u003Cbr \u002F>\n1. In the Profile tab, you will see your WordPress site’s domain automatically detected.\u003Cbr \u002F>\n2. To enable auto-verification, add this asset to your S4E account by clicking “Add Asset”.\u003Cbr \u002F>\n3. After adding the asset, you will see a popup to choose a verification method. Both security.txt and HTML file methods are available for verification.\u003Cbr \u002F>\n4. When you choose a verification method, a file will be automatically created in the root of your domain (e.g., wordpress.net\u002Fsecurity.txt or wordpress.net\u002Fs4e-ft6PdLzawaNM.html).\u003Cbr \u002F>\n5. Click the “Verify Asset” button to complete verification. For successful verification, the security.txt file must be accessible at your base domain (e.g., wordpress.net\u002Fsecurity.txt).\u003Cbr \u002F>\n6. Your asset will be verified automatically once the file is detected.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 6: Start Your First Scan\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Go to the “Reports” tab\u003Cbr \u002F>\n2. Click “Start a new scan”\u003Cbr \u002F>\n3. Choose your scan type:\u003Cbr \u002F>\n   – \u003Cstrong>Full Scan\u003C\u002Fstrong>: Comprehensive security analysis (recommended for first scan)\u003Cbr \u002F>\n   – \u003Cstrong>Light Scan\u003C\u002Fstrong>: Quick security check\u003Cbr \u002F>\n   – \u003Cstrong>Single Scan\u003C\u002Fstrong>: Redirects to S4E web interface for advanced scanning\u003Cbr \u002F>\n   – \u003Cstrong>Crawler\u003C\u002Fstrong>: Maps your website structure\u003Cbr \u002F>\n4. Click “Start Scan”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 7: View Results\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Scan progress will be displayed in real-time with status updates.\u003Cbr \u002F>\n2. Once every scan is completed, detailed reports will be available in the Reports tab.\u003Cbr \u002F>\n3. Click on any report to view vulnerability details and remediation recommendations in the S4E web interface.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Demo Credentials:\u003C\u002Fstrong>\u003Cbr \u002F>\nFor review purposes, you can contact S4E support at support@s4e.io for a demo token.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.8 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>Active S4E account and API credentials\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to provide security scanning capabilities. The following external services are used:\u003C\u002Fp>\n\u003Ch3>S4E API (https:\u002F\u002Fapi.s4e.io\u002Fapi)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What the service is and what it is used for:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe S4E API is a comprehensive security scanning service that provides vulnerability assessment and reporting capabilities for websites and web applications.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>API Token\u003C\u002Fstrong>: Sent with every request for authentication\u003Cbr \u002F>\n– \u003Cstrong>User Information\u003C\u002Fstrong>: Sent when retrieving user profile and package information\u003Cbr \u002F>\n– \u003Cstrong>Asset Information\u003C\u002Fstrong>: Sent when adding, checking ownership, or retrieving details about domains\u002FURLs to be scanned\u003Cbr \u002F>\n– \u003Cstrong>Scan Parameters\u003C\u002Fstrong>: Sent when initiating various types of security scans (Full Scan, Light Scan, Single Scan, Crawler Scan)\u003Cbr \u002F>\n– \u003Cstrong>Scan History Requests\u003C\u002Fstrong>: Sent when retrieving scan history and reports\u003Cbr \u002F>\n– \u003Cstrong>Activity Logs\u003C\u002Fstrong>: Sent when retrieving scan activity and progress information\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider Information:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Service Provider\u003C\u002Fstrong>: S4E (Security 4 Everyone)\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fs4e.io\u002Fterms-of-use\" rel=\"nofollow ugc\">https:\u002F\u002Fs4e.io\u002Fterms-of-use\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fs4e.io\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fs4e.io\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>S4E SRS Service (https:\u002F\u002Fsrs.s4e.io)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>What the service is and what it is used for:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe S4E SRS (security.txt Reporting Service) is used to generate security.txt files for domains, providing contact information for security researchers and vulnerability disclosure.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Domain Information\u003C\u002Fstrong>: Sent when generating security.txt files for vulnerability disclosure\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service Provider Information:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Service Provider\u003C\u002Fstrong>: S4E (Security 4 Everyone)\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fs4e.io\u002Fterms-of-use\" rel=\"nofollow ugc\">https:\u002F\u002Fs4e.io\u002Fterms-of-use\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: \u003Ca href=\"https:\u002F\u002Fs4e.io\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fs4e.io\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Additional Information\u003C\u002Fh3>\n\u003Cp>For more information about S4E and its services, please visit \u003Ca href=\"https:\u002F\u002Fs4e.io\" rel=\"nofollow ugc\">S4E.io\u003C\u002Fa>.\u003C\u002Fp>\n","Integrate S4E API with WordPress to provide comprehensive security scanning capabilities for your website.",230,"2025-08-19T06:45:00.000Z","6.8.5","7.4",[101,102,103,24,104],"continuous","cybersecurity","detection","vulnerability","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fs4e-effortless-continuous-cybersecurity.1.0.0.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":54,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":127,"vuln_count":128,"unpatched_count":28,"last_vuln_date":129,"fetched_at":30},"wordfence","Wordfence Security – Firewall, Malware Scan, and Login Security","8.1.4","Mark Maunder","https:\u002F\u002Fprofiles.wordpress.org\u002Fmmaunder\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fi4ZN2TwlaBE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER\u003C\u002Fh4>\n\u003Cp>WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.\u003C\u002Fp>\n\u003Cp>Choose the right protection for you: \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fpricing\u002F\" rel=\"nofollow ugc\">Wordfence Free, Premium, Care or Response\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.\u003C\u002Fp>\n\u003Cp>At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.\u003C\u002Fp>\n\u003Cp>The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more.\u003C\u002Fstrong> Our \u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002F\" rel=\"nofollow ugc\">Threat Defense Feed\u003C\u002Fa> arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.\u003C\u002Fp>\n\u003Cp>Rounded out by 2FA and a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.\u003C\u002Fp>\n\u003Ch3>🔥 WORDPRESS FIREWALL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002F\" rel=\"nofollow ugc\">Web Application Firewall\u003C\u002Fa>\u003C\u002Fstrong> identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time firewall rule and malware signature [Premium]\u003C\u002Fstrong> updates via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002F\" rel=\"nofollow ugc\">Real-time IP Blocklist\u003C\u002Fa> [Premium]\u003C\u002Fstrong> blocks all requests from the most malicious IPs, protecting your site while reducing load.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protects your site at the endpoint\u003C\u002Fstrong>, enabling deep integration with WordPress. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fscan\u002F\" rel=\"nofollow ugc\">Integrated malware scanner\u003C\u002Fa>\u003C\u002Fstrong> blocks requests that include malicious code or content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ffirewall\u002Fbrute-force\u002F\" rel=\"nofollow ugc\">Protection from brute force\u003C\u002Fa>\u003C\u002Fstrong> attacks by limiting login attempts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📡 WORDPRESS SECURITY SCANNER\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malware scanner\u003C\u002Fstrong> checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time malware signature updates [Premium]\u003C\u002Fstrong> via the Threat Defense Feed (free version is delayed by 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compares with WordPress.org repository\u003C\u002Fstrong> your core files, themes and plugins, checking their integrity and reporting any changes to you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Repair WordPress core, theme, and plugin files\u003C\u002Fstrong> that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malware Removal Tools\u003C\u002Fstrong> “Delete File” and “Delete All Deletable Files” options allow for efficient malware removal. Remember to investigate the scan results and backup files first!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your site for known security vulnerabilities\u003C\u002Fstrong> and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks your content safety\u003C\u002Fstrong> by scanning file contents, posts and comments for dangerous URLs and suspicious content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks to see if your site or IP have been blocklisted [Premium]\u003C\u002Fstrong> for malicious activity, generating spam or other security issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔒 LOGIN SECURITY\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">Two-factor authentication (2FA)\u003C\u002Fa>\u003C\u002Fstrong>, one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F\" rel=\"nofollow ugc\">Login Page CAPTCHA\u003C\u002Fa>\u003C\u002Fstrong> stops bots from logging in.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Flogin-security\u002F#woocommerce-and-custom-integrations\" rel=\"nofollow ugc\">2FA for WooCommerce and custom integrations\u003C\u002Fa>\u003C\u002Fstrong> allow for 2FA to be setup on custom account pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC\u003C\u002Fstrong> options including disabling or adding 2FA.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Security:\u003C\u002Fstrong> Block logins for administrators using known compromised passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 SECURITY AUDIT LOG [Premium]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Faudit-log\" rel=\"nofollow ugc\">The Audit Log\u003C\u002Fa>\u003C\u002Fstrong> monitors all changes and actions in security-sensitive areas of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remote tamper-proof data storage\u003C\u002Fstrong> via Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitor events and actions\u003C\u002Fstrong> ranging  from user creation and editing to plugin\u002Ftheme installation and updates to post and page changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable\u003C\u002Fstrong> to log all events or significant events only, which includes all authentication, site configuration, and site functionality events.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌐 WORDFENCE CENTRAL\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fproducts\u002Fwordfence-central\u002F\" rel=\"nofollow ugc\">Wordfence Central\u003C\u002Fa>\u003C\u002Fstrong> is a powerful and efficient way to manage the security for multiple sites in one place.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Centralized management:\u003C\u002Fstrong> Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Powerful templates\u003C\u002Fstrong> make configuring Wordfence a breeze.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highly configurable alerts\u003C\u002Fstrong> can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Track and alert on important security events\u003C\u002Fstrong> including administrator logins, breached password usage and surges in attack activity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free to use\u003C\u002Fstrong> for unlimited sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛠️ SECURITY TOOLS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Ftools\u002Flive-traffic\u002F\" rel=\"nofollow ugc\">Live Traffic\u003C\u002Fa>\u003C\u002Fstrong> monitors visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block attackers by IP\u003C\u002Fstrong> or build advanced rules based on IP Range, Hostname, User Agent and Referrer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.wordfence.com\u002Fhelp\u002Fblocking\u002Fcountry-blocking\u002F\" rel=\"nofollow ugc\">Country blocking\u003C\u002Fa>\u003C\u002Fstrong> available with Wordfence Premium.\u003C\u002Fli>\n\u003C\u002Ful>\n","Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.",5000000,406617999,94,4829,"2025-12-20T21:06:00.000Z","4.7","7.0",[122,123,83,124,23],"2fa","firewall","scanner","https:\u002F\u002Fwww.wordfence.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordfence.8.1.4.zip",96,12,"2022-09-06 00:00:00",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":138,"downloaded":139,"rating":140,"num_ratings":141,"last_updated":142,"tested_up_to":54,"requires_at_least":143,"requires_php":144,"tags":145,"homepage":149,"download_link":150,"security_score":151,"vuln_count":14,"unpatched_count":28,"last_vuln_date":152,"fetched_at":30},"hostinger","Hostinger Tools","3.0.59","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,16730722,60,25,"2026-03-03T11:48:00.000Z","5.5","8.1",[131,146,147,23,148],"https","maintenance","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.59.zip",99,"2024-01-05 00:00:00",{"attackSurface":154,"codeSignals":171,"taintFlows":178,"riskAssessment":179,"analyzedAt":182},{"hooks":155,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":28,"unprotectedCount":28},[156,162],{"type":157,"name":158,"callback":159,"priority":160,"file":161,"line":51},"filter","body_class","source_code_protection_body_classes",999,"source-code-protection.php",{"type":163,"name":164,"callback":165,"file":161,"line":166},"action","wp_head","source_code_protection_wp_head",79,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":177},[],{"prepared":28,"raw":28,"locations":174},[],{"escaped":28,"rawEcho":28,"locations":176},[],[],[],{"summary":180,"deductions":181},"Based on the provided static analysis and vulnerability history, the \"wp-code-protection\" v3.0.0 plugin exhibits an excellent security posture. The static analysis reveals no identified attack surface, meaning there are no accessible entry points like AJAX handlers, REST API routes, shortcodes, or cron events that could be exploited. Furthermore, the code demonstrates strong security practices with the absence of dangerous functions, zero SQL queries (which is exceptional and implies no database interaction), and 100% output escaping. Crucially, the lack of any file operations or external HTTP requests significantly reduces the potential for remote code execution or data exfiltration. The absence of nonce and capability checks is noted, but in the context of zero entry points, this does not immediately present a risk. Taint analysis also shows no critical or high-severity issues. The plugin's vulnerability history is completely clear, with no recorded CVEs of any severity. This indicates a well-developed and secure plugin that has not historically been a target or source of vulnerabilities. The overall impression is a highly secure plugin with robust code practices and no known security weaknesses, making it a low-risk option.",[],"2026-03-16T21:17:26.688Z",{"wat":184,"direct":190},{"assetPaths":185,"generatorPatterns":186,"scriptPaths":187,"versionParams":189},[],[],[188],"\u002Fwp-content\u002Fplugins\u002Fwp-code-protection\u002Fsource-code-protection.php",[],{"cssClasses":191,"htmlComments":193,"htmlAttributes":194,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":198},[192],"oncontextmenu",[],[],[],[197],"$",[]]