[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjGxrHxFo_yN5Bb6_CrTRlCwbhmmkz8i6aGhqNi1ptyg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":140,"fingerprints":263},"wp-front-end-login","WP Front End Login","1.4.1","bradmkjr","https:\u002F\u002Fprofiles.wordpress.org\u002Fbradmkjr\u002F","\u003Cp>This plugin utilizes the shortcode [login_form] to present users with login form, lost password recovery and password reset fields on the front end of a WordPress site. The plugin heavily filters login and authentication urls to keep visitors from being sent to wp-login.php. It does not prevent a user from going directly to wp-login. The plugin blocks all non administrators from accessing the dashboard by doing a redirect to the homepage.\u003C\u002Fp>\n\u003Cp>This plugin is designed for use with \u003Ca href=\"http:\u002F\u002Fwww.gravityforms.com\u002F\" title=\"Gravity Forms\" rel=\"nofollow ugc\">Gravity Forms by Rocketgenius, Inc.\u003C\u002Fa>, presenting a visitor a standard login box in place of forms which are restricted to logged in users only. It can also be used with other plugins that show content for non-logged in users, such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-status-shortcode\u002F\" title=\"User Status Shortcode\" rel=\"ugc\">User Status Shortcode By Story Block Media\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>A few notes about this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plugin not tested with WordPress Network\u003C\u002Fli>\n\u003Cli>Password reset and password recovery are all done on the page with the shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin utilizes the shortcode [login_form] to present users with login form, lost password recovery and password reset fields on the front end of &hellip;",10,1701,0,"2017-04-25T21:32:00.000Z","4.7.32","4.7.3","",[19,20,21,22,23],"authentication","login","shortcode","wp-login","wp-login-php","https:\u002F\u002Fgithub.com\u002Fbradmkjr\u002Fwp-front-end-login","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-front-end-login.1.4.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,20,30,84,"2026-04-04T13:47:36.481Z",[37,59,79,101,121],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":17,"download_link":56,"security_score":57,"vuln_count":11,"unpatched_count":13,"last_vuln_date":58,"fetched_at":28},"wps-hide-login","WPS Hide Login","1.9.18","Remy Perona","https:\u002F\u002Fprofiles.wordpress.org\u002Ftabrisrp\u002F","\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> is a very light plugin that lets you easily and safely change the url of the login form page to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.\u003C\u002Fp>\n\u003Cp>This plugin is kindly proposed by \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> the specialized WordPress web host.\u003C\u002Fp>\n\u003Cp>Discover also our other free extensions:\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"ugc\">WPS Limit Login\u003C\u002Fa> to block brute force attacks.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"ugc\">WPS Bidouille\u003C\u002Fa> to optimize your WordPress and get more info.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"ugc\">WPS Cleaner\u003C\u002Fa> to clean your WordPress site.\u003C\u002Fp>\n\u003Cp>This plugin is only maintained, which means we do not guarantee free support. Consider reporting a problem and be patient.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>\u003Cem>WPS Hide Login\u003C\u002Fem> est un plugin très léger qui vous permet de changer facilement et en toute sécurité l’url de la page de formulaire de connexion. Il ne renomme pas littéralement ou ne modifie pas les fichiers dans le noyau, ni n’ajoute des règles de réécriture. Il intercepte simplement les demandes de pages et fonctionne sur n’importe quel site WordPress. Le répertoire wp-admin et la page wp-login.php deviennent inaccessibles, vous devez donc ajouter un signet ou vous souvenir de l’URL. Désactiver ce plugin ramène votre site exactement à l’état dans lequel il était auparavant.\u003C\u002Fp>\n\u003Cp>Ce plugin vous est gentiment proposé par \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=14&campaign=wpshidelogin\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa> l’hébergeur spécialisé WordPress.\u003C\u002Fp>\n\u003Cp>Plus d’infos sur son utilisation : \u003Ca href=\"https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpformation.com\u002Fwps-hide-login-url-connexion-wordpress\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Découvrez également nos autres extensions gratuites :\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-limit-login\u002F\" rel=\"nofollow ugc\">WPS Limit Login\u003C\u002Fa> pour bloquer les attaques par force brute.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-bidouille\u002F\" rel=\"nofollow ugc\">WPS Bidouille\u003C\u002Fa> pour optimiser votre WordPress et faire le plein d’infos.\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Ffr.wordpress.org\u002Fplugins\u002Fwps-cleaner\u002F\" rel=\"nofollow ugc\">WPS Cleaner\u003C\u002Fa> pour nettoyer votre site WordPress.\u003C\u002Fp>\n\u003Cp>Ce plugin est seulement maintenu, ce qui signifie que nous ne garantissons pas un support gratuit. Envisagez de signaler un problème et soyez patient.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>Requires WordPress 4.1 or higher. All login related things such as the registration form, lost password form, login widget and expired sessions just keep working.\u003C\u002Fp>\n\u003Cp>It’s also compatible with any plugin that hooks in the login form, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Obviously it doesn’t work with plugins or themes that \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Works with multisite, with subdomains and subfolders. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.\u003C\u002Fp>\n\u003Cp>If you’re using a \u003Cstrong>page caching plugin\u003C\u002Fstrong> other than WP Rocket, you should add the slug of the new login url to the list of pages not to cache. WP Rocket is already fully compatible with the plugin.\u003C\u002Fp>\n\u003Ch4>Français\u003C\u002Fh4>\n\u003Cp>Nécessite WordPress 4.1 ou supérieur. Toutes les choses liées à la connexion telles que le formulaire d’inscription, le formulaire de mot de passe perdu, le widget de connexion et les sessions expirées continuent de fonctionner.\u003C\u002Fp>\n\u003Cp>Il est également compatible avec tout plugin qui se connecte au formulaire de connexion, notamment:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>BuddyPress,\u003C\u002Fli>\n\u003Cli>bbPress,\u003C\u002Fli>\n\u003Cli>Jetpack,\u003C\u002Fli>\n\u003Cli>WPS Limit Login,\u003C\u002Fli>\n\u003Cli>and User Switching.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Évidemment, cela ne fonctionne pas avec les plugins ou les thèmes \u003Cem>hardcoded\u003C\u002Fem> wp-login.php.\u003C\u002Fp>\n\u003Cp>Fonctionne en multisite, avec sous-domaines ou sous dossiers. L’activer pour un réseau vous permet de définir une valeur par défaut pour l’ensemble du réseau. Les sites individuels peuvent toujours renommer leur page de connexion pour autre chose.\u003C\u002Fp>\n\u003Cp>Si vous utilisez un \u003Cstrong>plugin de mise en cache de pages\u003C\u002Fstrong> autre que WP Rocket, vous devez ajouter le slug de la nouvelle URL de connexion à la liste des pages à ne pas mettre en cache. WP Rocket est déjà entièrement compatible avec le plugin.\u003C\u002Fp>\n","Change wp-login.php to anything you want.",2000000,30498017,96,2101,"2026-01-12T08:47:00.000Z","6.9.4","4.1","7.0",[54,20,55,22,23],"custom-login-url","rename","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwps-hide-login.1.9.18.zip",95,"2024-06-24 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":77,"download_link":78,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"rename-wp-loginphp-to-anything-you-want","Rename wp-login.php to anything you want","2.0.1","travispluse","https:\u002F\u002Fprofiles.wordpress.org\u002Ftravispluse\u002F","\u003Cp>This plugin changes the way you login into your website.\u003C\u002Fp>\n\u003Cp>–loginsecurity includes–\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blocks IP after maximum retries allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Extended Lockout after maximum lockouts allowed\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Email notification to admin after max lockouts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Blacklist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Whitelist IP\u002FIP range\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Check logs of failed attempts\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Create IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Delete IP ranges\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Licensed under GNU GPL version 3\u003Cbr \u002F>\n\u003Cbr \u002F>\n* Safe & Secure\u003Cbr \u002F>\u003C\u002Fp>\n","This plugin changes the way you login into your website.",500,8851,100,5,"2016-08-13T06:36:00.000Z","4.5.33","3.0",[75,54,20,76,23],"custom","login-custom","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frename-wp-loginphp-to-anything-you-want\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frename-wp-loginphp-to-anything-you-want.2.0.1.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":99,"download_link":100,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"blue-login-style","Blue Login Style","1.4.0","Alimir","https:\u002F\u002Fprofiles.wordpress.org\u002Falimir\u002F","\u003Cp>Blue Login Style is a tiny WordPress plugin that allows you to customize your login page with beautiful themes. Its features: ability to add message, change the login logo, ability to set login, logout and register redirect links and many more…\u003Cbr \u002F>\nScreenshots are available in \u003Ca href=\"http:\u002F\u002Fpreview.alimir.ir\u002Fwordpress-blue-login-style\u002F\" rel=\"nofollow ugc\">Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ability to choose nice themes with great options.\u003C\u002Fli>\n\u003Cli>Ability to add message in your login page.\u003C\u002Fli>\n\u003Cli>Add a custom logo of your wordPress blog as piece of cake.\u003C\u002Fli>\n\u003Cli>Add custom background image.\u003C\u002Fli>\n\u003Cli>Ability to set \u003Ccode>login\u003C\u002Fcode>, \u003Ccode>logout\u003C\u002Fcode> and \u003Ccode>register\u003C\u002Fcode> redirect links.\u003C\u002Fli>\n\u003Cli>Simple configuration panel.\u003C\u002Fli>\n\u003Cli>And so on…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Author\u003C\u002Fh4>\n\u003Cp>Website: \u003Ca href=\"http:\u002F\u002Fabout.alimir.ir\" rel=\"nofollow ugc\">Ali Mirzaei\u003C\u002Fa>\u003Cbr \u002F>\nFollow on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Falimir.ir\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003Cbr \u002F>\nYou can catch catch me on twitter as @alimirir\u003C\u002Fp>\n","Blue Login Style is a tiny plugin which allows to customize your wp-login theme easily with a click.",300,29099,98,17,"2014-12-26T19:38:00.000Z","4.1.42","3.5",[95,96,97,98,22],"admin","customize-wp-login-php-plugin","front-end-login","login-form","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblue-login-style\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblue-login-style.1.4.0.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":17,"tags":116,"homepage":119,"download_link":120,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-login-flow","WP Login Flow","3.1.1","tripflex","https:\u002F\u002Fprofiles.wordpress.org\u002Ftripflex\u002F","\u003Cp>WP Login Flow is a complete solution to make \u003Ccode>wp-login.php\u003C\u002Fcode> not suck!  Below are all the features organized by what they relate to.  This plugin is completely open source, and has \u003Cstrong>NO ADS OR UPSELLS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Registration\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Enhances Registration flow and wording for “Activation” (more below)\u003C\u002Fli>\n\u003Cli>Custom notices and wording to match “Activation” instead of “Reset Password”\u003C\u002Fli>\n\u003Cli>Allow users to register and set a password (includes password strength)\u003C\u002Fli>\n\u003Cli>Auto Login users after registration\u003C\u002Fli>\n\u003Cli>Hide Username field and use Email as Username\u003C\u002Fli>\n\u003Cli>Loading spinner after clicking Register\u003C\u002Fli>\n\u003Cli>Add unlimited custom text fields to Register form (saved to user meta)\u003C\u002Fli>\n\u003Cli>Notice shown to user when attempt to login with unactivated account\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Permalinks\u002FURLs\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customize Login, Register, Activation, Lost Password, Reset Password, and Logged Out URLs\u003C\u002Fli>\n\u003Cli>Custom “Activation” URL permalink for Registration (instead of default Reset Password)\u003C\u002Fli>\n\u003Cli>Setting to auto disable using custom URLs if \u003Ccode>.htaccess\u003C\u002Fcode> or \u003Ccode>web.config\u003C\u002Fcode> does not exist\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Redirects\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Custom Login\u002FLogout default login redirect URL\u003C\u002Fli>\n\u003Cli>Custom Login\u002FLogout redirects based on User Role\u003C\u002Fli>\n\u003Cli>Custom Login\u002FLogout redirects based on specific User\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Page Customizations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Background, Font, Link, and Link Hover Colors (with Color Picker)\u003C\u002Fli>\n\u003Cli>Custom CSS with Code Editor\u003C\u002Fli>\n\u003Cli>Customize Logo URL, and Title\u003C\u002Fli>\n\u003Cli>Upload custom Logo\u003C\u002Fli>\n\u003Cli>Customize Login Box Font and Background Colors\u003C\u002Fli>\n\u003Cli>Custom Border Radius for Login Box\u003C\u002Fli>\n\u003Cli>Enable Responsive Width for Login Box\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Email\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customize Outgoing WordPress From Name and Email\u003C\u002Fli>\n\u003Cli>Customize New Account Activation Required Email (WYSIWYG Editor)\u003C\u002Fli>\n\u003Cli>Customize New Account Email (WYSIWYG Editor – when user sets own password)\u003C\u002Fli>\n\u003Cli>Customize Lost Password Email Template (WYSIWYG Editor)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Notices\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customize Account Requires Activation Notice\u003C\u002Fli>\n\u003Cli>Customize Pending Activation Notice\u003C\u002Fli>\n\u003Cli>Customize Successful Activation Notice\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Color scheme matches WordPress admin area color scheme\u003C\u002Fli>\n\u003Cli>Fully documented and clean code base\u003C\u002Fli>\n\u003Cli>Login Page Spinning Loader\u003C\u002Fli>\n\u003Cli>Hide frontend Admin Bar from non-admin Users\u003C\u002Fli>\n\u003Cli>Activation status icons on user list table\u003C\u002Fli>\n\u003Cli>Works with any plugins\u002Fthemes that use native WP user registration\u002Flogin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Default Registration Enhancements\u003C\u002Fh4>\n\u003Cp>By default, when a user registers on a WordPress site, they are sent a password reset email which is used for account “activation”, but that also sends the user a URL that is for resetting a password, and even shows “Reset Password” on the page.  This plugin fixes these problems by allow you to customize the activation email sent, adding custom permalink for activations, updating wording to match “activation” instead of reset password, and more … all for a better UX (User Experience).  See screenshots or video for examples of this.\u003C\u002Fp>\n\u003Cp>WP Login Flow was intended to be completely bloat free, and integrate with the core of WordPress as much as possible.  Any themes, plugins, or other code that uses the native WordPress functions and hooks for registration, lost password, etc, should be supported.\u003C\u002Fp>\n\u003Ch4>Features Coming Soon\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login Limiter based on Limit Login Attempts\u003C\u002Fli>\n\u003Cli>Bulk remove unactivated accounts\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">Your IDEA!\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP Login Flow History\u003C\u002Fh4>\n\u003Cp>I originally created WP Login Flow back in 2014 to solve what I considered to be a huge issue .. and that was passwords being emailed to users on registration (email is never secure!).  My original implementation of this plugin added the exact feature that is now default in WordPress, by using the Reset Password handling to add “Activation” for new user registration.  After this was added to core I no longer had a need for this plugin, but in 2019 I decided to take the time to fully revamp the plugin, integrate with the latest versions of WordPress, and add additional features.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\" rel=\"nofollow ugc\">Read more about WP Login Flow\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Documentation will be maintained on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\u002Fwiki\" rel=\"nofollow ugc\">GitHub Wiki here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contributing and reporting bugs\u003C\u002Fh4>\n\u003Cp>You can contribute code and localizations to this plugin via GitHub: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you spot a bug, you can of course log it on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftripflex\u002Fwp-login-flow\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fp>\n","wp-login permalinks, auto login, register w\u002F pass, login\u002Flogout redirects, email as username, bg\u002Flogo\u002Fcolor customizations, hide admin bar, and more!",70,4714,88,7,"2020-10-07T17:23:00.000Z","5.5.18","4.4.0",[117,118,22,102,23],"activation","login-flow","http:\u002F\u002Fplugins.smyl.es","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-login-flow.3.1.1.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":131,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":137,"download_link":138,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":139},"fc-login-customizer","FC Login Customizer","1.1.0","Francesco Campus","https:\u002F\u002Fprofiles.wordpress.org\u002Fcampusfra\u002F","\u003Cp>Tired of manually customizing every wp-login.php page on every website?\u003C\u002Fp>\n\u003Cp>Say no more.\u003C\u002Fp>\n\u003Cp>Just install and activate FC Login Customizer and let the plugin automagically handle some nice customizations for you!\u003C\u002Fp>\n\u003Cp>Core features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically display your brand logo on the website’s login page\u003C\u002Fli>\n\u003Cli>Automatically link the logo to the website’s homepage\u003C\u002Fli>\n\u003Cli>Automatically change the hidden H1 title to the website’s name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Most people do not like that the login screen (wp-login.php) contains the WordPress logo and a direct link to wordpress.org.\u003Cbr \u002F>\nClients keep asking to change the logo, SEOs keep asking to change the hidden H1 title, UX Designers keep asking to change the link that wraps the login logo…\u003Cbr \u002F>\nWith this plugin, you can do all this stuff at once by just installing it!\u003C\u002Fp>\n\u003Ch3>What’s next\u003C\u002Fh3>\n\u003Cp>Next update may include the additional features listed below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Official support for .svg logos\u003C\u002Fli>\n\u003Cli>HTML markup preview before settings save\u003C\u002Fli>\n\u003Cli>Fine tuning on logo width\u002Fheight\u003C\u002Fli>\n\u003Cli>Other features based on community requests\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically customize the login screen with your brand logo, the associated link when clicked and the hidden H1 title inside the page.",50,2231,"6.4.8","4.9",[134,135,20,136,23],"branding","customize","login-screen","https:\u002F\u002Fcampusfrancesco.dev","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffc-login-customizer.1.1.1.zip","2026-03-15T10:48:56.248Z",{"attackSurface":141,"codeSignals":200,"taintFlows":226,"riskAssessment":254,"analyzedAt":262},{"hooks":142,"ajaxHandlers":191,"restRoutes":192,"shortcodes":193,"cronEvents":198,"entryPointCount":199,"unprotectedCount":13},[143,148,151,154,158,161,164,167,170,173,176,179,182,187],{"type":144,"name":145,"callback":145,"file":146,"line":147},"action","init","wp-front-end-login.php",57,{"type":144,"name":149,"callback":149,"file":146,"line":150},"after_setup_theme",61,{"type":144,"name":152,"callback":152,"file":146,"line":153},"wp_head",63,{"type":155,"name":156,"callback":156,"priority":11,"file":146,"line":157},"filter","site_url",65,{"type":155,"name":159,"callback":159,"priority":11,"file":146,"line":160},"logout_redirect",67,{"type":155,"name":162,"callback":162,"priority":11,"file":146,"line":163},"lostpassword_url",69,{"type":155,"name":165,"callback":165,"priority":11,"file":146,"line":166},"login_url",71,{"type":155,"name":168,"callback":168,"priority":11,"file":146,"line":169},"logout_url",73,{"type":155,"name":171,"callback":171,"file":146,"line":172},"register_url",75,{"type":155,"name":174,"callback":174,"priority":11,"file":146,"line":175},"login_redirect",77,{"type":155,"name":177,"callback":177,"file":146,"line":178},"registration_redirect",79,{"type":155,"name":180,"callback":180,"file":146,"line":181},"lostpassword_redirect",81,{"type":144,"name":183,"callback":184,"priority":185,"file":146,"line":186},"login_head","wp_shake_js",12,869,{"type":155,"name":188,"callback":189,"file":146,"line":190},"body_class","body_classes",959,[],[],[194],{"tag":195,"callback":196,"file":146,"line":197},"login_form","loginForm",59,[],1,{"dangerousFunctions":201,"sqlUsage":202,"outputEscaping":204,"fileOperations":13,"externalRequests":13,"nonceChecks":199,"capabilityChecks":199,"bundledLibraries":225},[],{"prepared":13,"raw":13,"locations":203},[],{"escaped":205,"rawEcho":206,"locations":207},43,8,[208,211,213,215,217,219,221,223],{"file":146,"line":209,"context":210},110,"raw output",{"file":146,"line":212,"context":210},189,{"file":146,"line":214,"context":210},227,{"file":146,"line":216,"context":210},251,{"file":146,"line":218,"context":210},317,{"file":146,"line":220,"context":210},321,{"file":146,"line":222,"context":210},353,{"file":146,"line":224,"context":210},771,[],[227,246],{"entryPoint":228,"graph":229,"unsanitizedCount":13,"severity":245},"after_setup_theme (wp-front-end-login.php:418)",{"nodes":230,"edges":242},[231,236],{"id":232,"type":233,"label":234,"file":146,"line":235},"n0","source","$_SERVER",444,{"id":237,"type":238,"label":239,"file":146,"line":240,"wp_function":241},"n1","sink","update_option() [Settings Manipulation]",446,"update_option",[243],{"from":232,"to":237,"sanitized":244},true,"low",{"entryPoint":247,"graph":248,"unsanitizedCount":13,"severity":245},"\u003Cwp-front-end-login> (wp-front-end-login.php:0)",{"nodes":249,"edges":252},[250,251],{"id":232,"type":233,"label":234,"file":146,"line":235},{"id":237,"type":238,"label":239,"file":146,"line":240,"wp_function":241},[253],{"from":232,"to":237,"sanitized":244},{"summary":255,"deductions":256},"The wp-front-end-login plugin v1.4.1 exhibits a generally strong security posture based on the provided static analysis. The complete absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is highly commendable. Furthermore, the plugin demonstrates good security practices by implementing nonce and capability checks, and the vast majority of output is properly escaped. The taint analysis shows no critical or high-severity flows with unsanitized paths, indicating a low risk of common injection vulnerabilities.\n\nWhile the plugin's immediate security appears robust, there are a few minor areas for consideration. The presence of a shortcode, while not inherently insecure, represents an entry point that could potentially be exploited if not carefully handled, especially in conjunction with any user-provided input. The vulnerability history being completely clean is a significant positive, suggesting a well-maintained and secure plugin over time. However, this also means there's no historical data to analyze regarding how past vulnerabilities were handled, which could be a minor unknown.\n\nIn conclusion, wp-front-end-login v1.4.1 appears to be a secure plugin with a strong emphasis on secure coding practices. The lack of known vulnerabilities and the positive static analysis results are significant strengths. The minor concern regarding the shortcode entry point is mitigated by the absence of unprotected entry points and the positive taint analysis, making the overall risk assessment low.",[257,260],{"reason":258,"points":259},"Shortcode entry point present",3,{"reason":261,"points":259},"Some outputs not properly escaped","2026-03-17T00:19:22.133Z",{"wat":264,"direct":270},{"assetPaths":265,"generatorPatterns":267,"scriptPaths":268,"versionParams":269},[266],"\u002Fwp-content\u002Fplugins\u002Fwp-front-end-login\u002Fwp-front-end-login.php",[],[],[],{"cssClasses":271,"htmlComments":282,"htmlAttributes":292,"restEndpoints":295,"jsGlobals":296,"shortcodeOutput":298},[272,273,274,275,276,277,278,279,280,281],"login_error","message","input","submit","button","button-primary","button-large","password-input-wrapper","hide-if-no-js","indicator-hint",[283,284,285,286,287,288,289,290,291],"\u003C!--LoginForm shortcode function -->","\u003C!-- Setup private variables to pass values from after_theme_setup function to shortcode -->","\u003C!-- block access to dashboard for all logged in users without admin privilages -->","\u003C!-- In case a plugin uses $error rather than the $wp_errors object -->","\u003C!-- Filters the message to display above the login form. -->","\u003C!-- Filters the error messages displayed above the login form. -->","\u003C!-- Filters instructional messages displayed above the login form. -->","\u003C!-- Fires inside the lostpassword form tags, before the hidden fields. -->","\u003C!-- Fires following the 'Strength indicator' meter in the user password reset form. -->",[293,294],"data-reveal","data-pw",[],[297],"WP_Error",[299],"[login_form]"]