[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$figrp7LKQPMjS_FSBV1BrzqqExdwZBFlq5JEfbSSldSw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":5,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":32,"analysis":141,"fingerprints":166},"wp-gravatar-https","WP Gravatar Https","1.1","610216","https:\u002F\u002Fprofiles.wordpress.org\u002F610216-1\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fxiedexu.cn\u002Fwp-gravatar-https.htm\" rel=\"nofollow ugc\">WP Gravatar Https\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fwww.iopenv.com\u002F\" rel=\"nofollow ugc\">iOpenV\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reason Gravatar avatar cannot access Gravatar site server is not stable, is the firewall problem, so the solution is to use the Gravatar avatar service (HTTPS) encryption line.\u003C\u002Fli>\n\u003Cli>Gravatar 头像无法稳定访问的原因不是 Gravatar 网站服务器的原因，是国内防火墙的问题，所以解决思路是使用Gravatar 头像服务的（HTTPS）加密线路。\u003C\u002Fli>\n\u003C\u002Ful>\n",30,3995,0,"2015-11-19T04:33:00.000Z","4.4.34","3.0","",[18,19],"gravatar","https","http:\u002F\u002Fxiedexu.cn\u002Fwp-gravatar-https.htm","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-gravatar-https.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":22,"avg_patch_time_days":10,"trust_score":30,"computed_at":31},"610216-1",3,2050,84,"2026-04-04T18:58:40.182Z",[33,53,77,99,119],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":15,"requires_php":16,"tags":47,"homepage":51,"download_link":52,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"wp-duoshuo-gravatar","WP-DuoShuo-Gravatar","1.0","shines77","https:\u002F\u002Fprofiles.wordpress.org\u002Fshines77\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.yunfast.com\u002Fwp-plugins\u002Fwp-duoshuo-gravatar.html\" rel=\"nofollow ugc\">WP-DuoShuo-Gravatar\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fwww.yunfast.com\u002F\" rel=\"nofollow ugc\">YunFast\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>In China, the reason of Gravatar avatar can not be accessed is not the Gravatar site server unstable, it is the firewall problem, so the solution is to use the DuoShuo.com Gravatar avatar URL: “http:\u002F\u002Fgravatar.duoshuo.com”.\u003C\u002Fli>\n\u003Cli>在国内(中国大陆), Gravatar 头像无法稳定访问的原因不是因为 Gravatar 网站服务器不稳定，而是国内防火墙的问题，解决的办法是替换成 “http:\u002F\u002Fgravatar.duoshuo.com” 。\u003C\u002Fli>\n\u003Cli>SVN Build Version: 1156728\u003C\u002Fli>\n\u003C\u002Ful>\n","WP-DuoShuo-Gravatar | YunFast",40,16433,100,1,"2015-05-09T10:25:00.000Z","4.2.39",[48,49,18,50,19],"duoshuo","gfw","gravatar-cache","http:\u002F\u002Fwww.yunfast.com\u002Fwp-plugins\u002Fwp-duoshuo-gravatar.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-duoshuo-gravatar.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":75,"vuln_count":44,"unpatched_count":12,"last_vuln_date":76,"fetched_at":24},"hostinger","Hostinger Tools","3.0.59","Hostinger","https:\u002F\u002Fprofiles.wordpress.org\u002Fhostinger\u002F","\u003Cp>Hostinger Tools is an all-in-one plugin designed to streamline essential tasks for WordPress site administrators. This plugin offers a range of features to help you manage your site’s information, maintenance mode, security, and redirects effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Basic Info\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays the current WordPress version with automatic update checks.\u003C\u002Fli>\n\u003Cli>Shows the current PHP version with automatic update checks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Maintenance Mode\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable or disable maintenance mode for your site.\u003C\u002Fli>\n\u003Cli>Provide a URL to bypass maintenance mode for selected users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Security\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable XML-RPC requests to enhance your site’s security.\u003C\u002Fli>\n\u003Cli>Enable or disable Authorize application page to enhance your site’s security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Redirects\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force all URLs to use HTTPS for secure browsing.\u003C\u002Fli>\n\u003Cli>Force all URLs to use WWW to ensure consistency in site access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>LLMs.txt Generation\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically generate a structured LLMs.txt file in Markdown format.\u003C\u002Fli>\n\u003Cli>Include website title, description, posts, pages, and products (if WooCommerce is active).\u003C\u002Fli>\n\u003Cli>Keep the file updated when content changes or new content is published.\u003C\u002Fli>\n\u003Cli>Help AI-powered tools better understand and interact with your website content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hostinger Tools is the new version of the previous Hostinger plugin, offering an updated and enhanced experience.\u003Cbr \u002F>\nThe Onboarding assistant and the Learning section previously included in this plugin were moved to the separate plugin Hostinger Easy Onboarding.\u003C\u002Fp>\n","Simplified WordPress management. Manage site info, maintenance, security, & redirects.",3000000,16730722,60,25,"2026-03-03T11:48:00.000Z","6.9.4","5.5","8.1",[54,19,70,71,72],"maintenance","security","tools","https:\u002F\u002Fhostinger.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhostinger.3.0.59.zip",99,"2024-01-05 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":61,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":66,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":28,"unpatched_count":12,"last_vuln_date":98,"fetched_at":24},"really-simple-ssl","Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)","9.5.8","Really Simple Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Freallysimpleplugins\u002F","\u003Cp>Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.\u003C\u002Fp>\n\u003Ch3>Really simple, Effective and Performant WordPress Security\u003C\u002Fh3>\n\u003Cp>Really Simple Security is the most lightweight and easy-to-use security plugin for WordPress. It secures your WordPress website with SSL certificate generation, including proper 301 https redirection and SSL enforcement, scanning for possible vulnerabilities, Login Protection and implementing essential WordPress hardening features.\u003C\u002Fp>\n\u003Cp>We believe that security should have the absolute minimum effect on website performance, user experience and maintainability. Therefore, Really Simple Security is:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightweight:\u003C\u002Fstrong> Every security feature is developed with a modular approach and with performance in mind. Disabled features won’t load any redundant code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy-to-use:\u003C\u002Fstrong> 1-minute configuration with short onboarding setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Features\u003C\u002Fh3>\n\u003Ch4>Easy SSL Migration\u003C\u002Fh4>\n\u003Cp>Migrates your website to HTTPS and enforces SSL in just one click.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>301 redirect via PHP or .htaccess\u003C\u002Fli>\n\u003Cli>Secure cookies\u003C\u002Fli>\n\u003Cli>Let’s Encrypt: Install an SSL Certificate if your hosting provider supports manual installation.\u003C\u002Fli>\n\u003Cli>Server Health Check: Your server configuration is every bit as important for your website security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Hardening\u003C\u002Fh4>\n\u003Cp>Tweak your configuration and keep WordPress fortified and safe by tackling potential weaknesses.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prevent code execution in the uploads folder\u003C\u002Fli>\n\u003Cli>Prevent login feedback and disable user enumeration\u003C\u002Fli>\n\u003Cli>Disable XML-RPC\u003C\u002Fli>\n\u003Cli>Disable directory browsing\u003C\u002Fli>\n\u003Cli>Username restrictions (block ‘admin’ and public names)\u003C\u002Fli>\n\u003Cli>and much more..\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vulnerability Detection\u003C\u002Fh4>\n\u003Cp>Get notified when plugins, themes or WP core contain vulnerabilities and need appropriate action.\u003C\u002Fp>\n\u003Ch4>Login Protection\u003C\u002Fh4>\n\u003Cp>Allow or enforce Two-Factor Authentication (2FA) for specific user roles. Users receive a two-factor code via Email.\u003C\u002Fp>\n\u003Ch3>Improve Security with Really Simple Security Pro\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002F\" rel=\"nofollow ugc\">Protect your site with all essential security features by upgrading to Really Simple Security Pro.\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Advanced SSL enforcement\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Mixed Content Scan & Fixer. Detect files that are requested over HTTP and fix them to HTTPS, both Front- and Back-end.\u003C\u002Fli>\n\u003Cli>Enable HTTP Strict Transport Security and configure your site for the HSTS Preload list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Firewall\u003C\u002Fh4>\n\u003Cp>Really Simple Security Pro includes a performant and efficient WordPress firewall, to stop bots, crawlers and bad actors with IP and username blocks.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>404 blocking – Blocks crawlers as they trigger unusual numbers of 404 errors.\u003C\u002Fli>\n\u003Cli>Region blocking – Only allow\u002Fblock access to your site from specific regions.\u003C\u002Fli>\n\u003Cli>Automated and customisable Firewall rules.\u003C\u002Fli>\n\u003Cli>IP blocklist and allowlist.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Headers\u003C\u002Fh4>\n\u003Cp>Security headers protect your site visitors against the risk of clickjacking, cross-site-forgery attacks, stealing login credentials and malware.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Independent of your Server Configuration, works on Apache, LiteSpeed, NGINX, etc.\u003C\u002Fli>\n\u003Cli>Protect your website visitors with X-XSS Protection, X-Content-Type-Options, X-Frame-Options, a Referrer Policy and CORS headers.\u003C\u002Fli>\n\u003Cli>Automatically generate your WordPress-tailored Content Security Policy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vulnerability Measures\u003C\u002Fh4>\n\u003Cp>When a vulnerability is detected in a plugin, theme or WordPress core you will get notified accordingly. With Vulnerability Measures, you can configure simple but effective measures to make sure that a critical vulnerability won’t remain unattended.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Force update: An update process will be tried multiple times until it can be assumed development of a theme or plugin is abandoned. You will be notified during these steps.\u003C\u002Fli>\n\u003Cli>Quarantine: When a plugin or theme can’t be updated to solve a vulnerability, Really Simple Security can quarantine the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Advanced Site Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose a custom login URL\u003C\u002Fli>\n\u003Cli>Automated File Permissions check and fixer\u003C\u002Fli>\n\u003Cli>Rename and randomize your database prefix\u003C\u002Fli>\n\u003Cli>Change the debug.log file location to a non-public folder\u003C\u002Fli>\n\u003Cli>Disable application passwords\u003C\u002Fli>\n\u003Cli>Control admin creation\u003C\u002Fli>\n\u003Cli>Disable HTTP methods, reducing HTTP requests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login Protection\u003C\u002Fh4>\n\u003Cp>Secure your website’s login process and user accounts with powerful security measures.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Two-Step verification (Email login)\u003C\u002Fli>\n\u003Cli>2FA (two factor authentication) with TOTP\u003C\u002Fli>\n\u003Cli>Passwordless login with passkey login\u003C\u002Fli>\n\u003Cli>Enforce strong passwords and frequent password change\u003C\u002Fli>\n\u003Cli>Limit Login Attempts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>With Limit Login Attempts you can configure a threshold to temporarily or permanently block IP addresses or (non-existing) usernames. You can also throw a CAPTCHA after a failed login (hCaptcha or Google reCaptcha)\u003C\u002Fp>\n\u003Ch4>Access Control\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Restrict access to your site for specific regions.\u003C\u002Fli>\n\u003Cli>Add specific IP addresses or IP ranges to the Blocklist or Allowlist.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Useful Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002Fknowledge-base-overview\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Freally-simple-ssl.com\u002Fdefinitions\u002F\" rel=\"nofollow ugc\">Security Definitions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Freally-simple-ssl\" rel=\"nofollow ugc\">Translate Really Simple Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Freally-simple-ssl\u002Fissues\" rel=\"nofollow ugc\">Issues & pull requests\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FReally-Simple-Plugins\u002Freally-simple-ssl\u002Flabels\u002Ffeature%20request\" rel=\"nofollow ugc\">Feature requests\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Love Really Simple Security?\u003C\u002Fh3>\n\u003Cp>If you want to support the continuing development of this plugin, please consider buying \u003Ca href=\"https:\u002F\u002Fwww.really-simple-ssl.com\u002Fpro\u002F\" rel=\"nofollow ugc\">Really Simple Security Pro\u003C\u002Fa>, which includes some excellent security features and premium support.\u003C\u002Fp>\n\u003Ch3>About Really Simple Plugins\u003C\u002Fh3>\n\u003Cp>Our mission is to make complex WordPress requirements really easy. Really Simple Security is developed by \u003Ca href=\"https:\u002F\u002Fwww.really-simple-ssl.com\u002Fabout-us\" rel=\"nofollow ugc\">Really Simple Plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For generating SSL certificates, Really Simple Security uses the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffbett\u002Fle-acme2-php\u002F\" rel=\"nofollow ugc\">le acme2 PHP\u003C\u002Fa> Let’s Encrypt client library, thanks to ‘fbett’ for providing it. Vulnerability Detection uses WP Vulnerability, an open-source initiative by Javier Casares. Want to join as a collaborator? We’re on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Freally-simple-plugins\u002Freally-simple-ssl\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> as well!\u003C\u002Fp>\n","Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.",205655178,98,8803,"2026-02-26T10:57:00.000Z","6.6","7.4",[92,19,71,93,94],"2fa","two-factor","vulnerabilities","https:\u002F\u002Freally-simple-ssl.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freally-simple-ssl.9.5.8.zip",96,"2026-03-15 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":30,"num_ratings":109,"last_updated":110,"tested_up_to":66,"requires_at_least":111,"requires_php":16,"tags":112,"homepage":117,"download_link":118,"security_score":43,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"https-redirection","Easy HTTPS Redirection (SSL)","2.0.0","mra13","https:\u002F\u002Fprofiles.wordpress.org\u002Fmra13\u002F","\u003Ch4>Only use this plugin if you have installed SSL certificate on your site and HTTPS is working correctly\u003C\u002Fh4>\n\u003Cp>Once you’ve installed an SSL certificate on your site, it’s important to ensure that your webpages are accessed via their secure HTTPS URLs.\u003C\u002Fp>\n\u003Cp>To improve SEO and user security, you want search engines and visitors to always use the HTTPS version of your pages. This plugin makes that easy by automatically redirecting users to the HTTPS version whenever they try to access the non-HTTPS (HTTP) version of a page.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cp>Let’s say you want to ensure the following page is always accessed over HTTPS:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If a visitor tries to access:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will automatically redirect them to the secure version:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>https:\u002F\u002Fwww.example.com\u002Fcheckout\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This ensures that visitors always access the HTTPS version of your pages or site.\u003C\u002Fp>\n\u003Cp>You can choose to automatically redirect your entire domain to HTTPS, or selectively apply HTTPS redirection to specific pages.\u003C\u002Fp>\n\u003Ch3>Video Tutorials\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FoyJgRFCM6u8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLtyBraB64v8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Force Load Static Files Using HTTPS\u003C\u002Fh3>\n\u003Cp>If you started using SSL from day 1 of your site then all your static files are already embedded using HTTPS URL. You have no issue there.\u003C\u002Fp>\n\u003Cp>However, if you have an existing website where you have a lot of static files that are embedded in your posts and pages using NON-HTTPS URL then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors.\u003C\u002Fp>\n\u003Cp>This plugin has an option that will allow you to force load those static files using HTTPS URL dynamically.\u003C\u002Fp>\n\u003Cp>This will help you make the webpage fully compatible with SSL.\u003C\u002Fp>\n\u003Ch3>SSL Certificate Expiry Notification\u003C\u002Fh3>\n\u003Cp>This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.\u003C\u002Fp>\n\u003Cp>You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.\u003C\u002Fp>\n\u003Cp>This feature is especially useful for site owners who may not frequently check their SSL status, or for those managing multiple websites. By receiving timely alerts, you can renew your SSL certificate in advance and prevent potential downtime or security warnings.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically redirect all HTTP traffic to HTTPS\u003C\u002Fli>\n\u003Cli>Option to force HTTPS on the entire site\u003C\u002Fli>\n\u003Cli>Option to selectively apply HTTPS redirection to specific pages\u003C\u002Fli>\n\u003Cli>Helps search engines index the secure versions of your pages\u003C\u002Fli>\n\u003Cli>Improves site security and user trust\u003C\u002Fli>\n\u003Cli>Force load static files (images, js, css etc) using a HTTPS URL\u003C\u002Fli>\n\u003Cli>SSL certificate expiry notification – Option to send SSL expiry notifications to a specific email address\u003C\u002Fli>\n\u003Cli>Easily see which SSL certificates on your site are approaching their expiry date.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>View more details on the \u003Ca href=\"https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin\" rel=\"nofollow ugc\">HTTPS Redirection plugin\u003C\u002Fa> page.\u003C\u002Fp>\n","The plugin allows an automatic redirection to the \"HTTPS\" version\u002FURL of the site. Make your site SSL compatible easily.",100000,1169853,71,"2025-12-02T03:12:00.000Z","6.5",[113,19,114,115,116],"force-ssl","insecure-content","redirection","ssl","https:\u002F\u002Fwww.tipsandtricks-hq.com\u002Fwordpress-easy-https-redirection-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttps-redirection.2.0.0.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":107,"downloaded":127,"rating":128,"num_ratings":129,"last_updated":130,"tested_up_to":66,"requires_at_least":131,"requires_php":16,"tags":132,"homepage":137,"download_link":138,"security_score":75,"vuln_count":139,"unpatched_count":12,"last_vuln_date":140,"fetched_at":24},"one-user-avatar","One User Avatar | User Profile Picture","2.5.4","One Designs","https:\u002F\u002Fprofiles.wordpress.org\u002Fonedesigns\u002F","\u003Cp>WordPress currently only allows you to use custom avatars that are uploaded through \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa>. \u003Cstrong>One User Avatar\u003C\u002Fstrong> enables you to use any photo uploaded into your Media Library as an avatar. This means you use the same uploader and library as your posts. No extra folders or image editing functions are necessary. This plugin is a fork of WP User Avatar v2.2.16.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>One User Avatar\u003C\u002Fstrong> also lets you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload your own Default Avatar in your One User Avatar settings.\u003C\u002Fli>\n\u003Cli>Show the user’s \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatar or Default Avatar if the user doesn’t have a One User Avatar image.\u003C\u002Fli>\n\u003Cli>Disable \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatars and use only local avatars.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar_upload]\u003C\u002Fcode> shortcode to add a standalone uploader to a front page or widget. This uploader is only visible to logged-in users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar]\u003C\u002Fcode> shortcode in your posts. These shortcodes will work with any theme, whether it has avatar support or not.\u003C\u002Fli>\n\u003Cli>Allow Contributors and Subscribers to upload their own avatars.\u003C\u002Fli>\n\u003Cli>Limit upload file size and image dimensions for Contributors and Subscribers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>One User Avatar\u003Cbr \u002F>\nCopyright (c) 2023 One Designs https:\u002F\u002Fonedesigns.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fonedesigns\u002Fone-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is based on WP User Avatar v2.2.16\u003Cbr \u002F>\nCopyright (c) 2020-2021 ProfilePress https:\u002F\u002Fprofilepress.net\u002F\u003Cbr \u002F>\nCopyright (c) 2014-2020 Flippercode https:\u002F\u002Fwww.flippercode.com\u002F\u003Cbr \u002F>\nCopyright (c) 2013-2014 Bangbay Siboliban http:\u002F\u002Fbangbay.com\u002F\u003Cbr \u002F>\nLicense: GPLv2\u003Cbr \u002F>\nSource: https:\u002F\u002Fgithub.com\u002Fprofilepress\u002Fwp-user-avatar\u003C\u002Fp>\n\u003Cp>One User Avatar is distributed under the terms of the GNU GPL\u003C\u002Fp>\n\u003Cp>This program is free software: you can redistribute it and\u002For modify\u003Cbr \u002F>\nit under the terms of the GNU General Public License as published by\u003Cbr \u002F>\nthe Free Software Foundation, either version 2 of the License, or\u003Cbr \u002F>\n(at your option) any later version.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\u003Cbr \u002F>\nGNU General Public License for more details.\u003C\u002Fp>\n\u003Ch3>Advanced Settings\u003C\u002Fh3>\n\u003Ch4>Add One User Avatar to your own profile edit page\u003C\u002Fh4>\n\u003Cp>You can use the [avatar_upload] shortcode to add a standalone uploader to any page. It’s best to use this uploader by itself and without other profile fields.\u003C\u002Fp>\n\u003Cp>If you’re building your own profile edit page with other fields, One User Avatar is automatically added to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">show_user_profile\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FAction_Reference\u002Fshow_user_profile\" rel=\"nofollow ugc\">edit_user_profile\u003C\u002Fa> hooks. If you’d rather have One User Avatar in its own section, you could add another hook:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action( 'edit_user_avatar', $current_user );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then, to add One User Avatar to that hook and remove it from the other hooks outside of the administration panel, you would add this code to the \u003Ccode>functions.php\u003C\u002Fcode> file of your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_avatar_filter() {\n    \u002F\u002F Remove from show_user_profile hook\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'show_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Remove from edit_user_profile hook\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    remove_action( 'edit_user_profile', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n\n    \u002F\u002F Add to edit_user_avatar hook\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_action_show_user_profile' ) );\n    add_action( 'edit_user_avatar', array( 'wp_user_avatar', 'wpua_media_upload_scripts' ) );\n}\n\n\u002F\u002F Loads only outside of administration panel\nif ( ! is_admin() ) {\n    add_action( 'init','my_avatar_filter' );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>HTML Wrapper\u003C\u002Fh4>\n\u003Cp>You can change the HTML wrapper of the One User Avatar section by using the functions \u003Ccode>wpua_before_avatar\u003C\u002Fcode> and \u003Ccode>wpua_after_avatar\u003C\u002Fcode>. By default, the avatar code is structured like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv class=\"wpua-edit-container\">\n    \u003Ch3>Avatar\u003C\u002Fh3>\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Original Size\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        Thumbnail\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To strip out the div container and h3 heading, you would add the following filters to the \u003Ccode>functions.php\u003C\u002Fcode> file in your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>remove_action( 'wpua_before_avatar', 'wpua_do_before_avatar' );\nremove_action( 'wpua_after_avatar', 'wpua_do_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To add your own wrapper, you could create something like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_before_avatar() {\n    echo '\u003Cdiv id=\"my-avatar\">';\n}\nadd_action( 'wpua_before_avatar', 'my_before_avatar' );\n\nfunction my_after_avatar() {\n    echo '\u003C\u002Fdiv>';\n}\nadd_action( 'wpua_after_avatar', 'my_after_avatar' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would output:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv id=\"my-avatar\">\n    \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n    \u003Cp id=\"wpua-add-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-preview\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Original Size\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-thumbnail\">\n        \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n        \u003Cspan class=\"description\">Thumbnail\u003C\u002Fspan>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-remove-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n    \u003C\u002Fp>\n    \u003Cp id=\"wpua-undo-button\">\n        \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n    \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.",490816,94,41,"2026-01-12T00:58:00.000Z","4.0",[133,134,18,135,136],"avatar","bbpress","profile","users","https:\u002F\u002Fonedesigns.com\u002Fplugins\u002Fone-user-avatar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fone-user-avatar.2.5.4.zip",2,"2021-09-20 00:00:00",{"attackSurface":142,"codeSignals":154,"taintFlows":161,"riskAssessment":162,"analyzedAt":165},{"hooks":143,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":12,"unprotectedCount":12},[144],{"type":145,"name":146,"callback":147,"file":148,"line":149},"filter","get_avatar","iopenv_get_https_avatar","wp-gravatar-https.php",22,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":12,"externalRequests":12,"nonceChecks":12,"capabilityChecks":12,"bundledLibraries":160},[],{"prepared":12,"raw":12,"locations":157},[],{"escaped":12,"rawEcho":12,"locations":159},[],[],[],{"summary":163,"deductions":164},"The \"wp-gravatar-https\" v1.1 plugin exhibits an excellent security posture based on the provided static analysis. There are no identified attack vectors through AJAX, REST API, shortcodes, or cron events. Furthermore, the code demonstrates strong security practices by avoiding dangerous functions, using prepared statements for all SQL queries, and properly escaping all outputs. The absence of file operations and external HTTP requests also minimizes potential vulnerabilities. Taint analysis found no unsanitized data flows, indicating a clean codebase in this regard.\n\nThe vulnerability history is also clean, with no recorded CVEs. This, combined with the positive static analysis results, suggests a well-developed and securely coded plugin. The lack of nonce checks and capability checks, while often points of concern, are not indicative of a risk here given the complete lack of any identified entry points. The plugin's primary function appears to be straightforward, and the developers have implemented it without introducing common security weaknesses.\n\nIn conclusion, the \"wp-gravatar-https\" v1.1 plugin appears to be highly secure. Its strengths lie in its minimal attack surface, robust code hygiene (prepared statements, output escaping), and a clean vulnerability history. There are no discernible security risks or concerns based on the provided data. The plugin follows best practices for secure WordPress development.",[],"2026-03-16T22:29:13.609Z",{"wat":167,"direct":172},{"assetPaths":168,"generatorPatterns":169,"scriptPaths":170,"versionParams":171},[],[],[],[],{"cssClasses":173,"htmlComments":174,"htmlAttributes":175,"restEndpoints":176,"jsGlobals":177,"shortcodeOutput":178},[],[],[],[],[],[]]