[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvqAXRDF4wRAo8w1xZbcG9urQMlgZVYDTaEjqzJ9o_SI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":138,"fingerprints":173},"wp-no-frames","WP No Frames","3.0.4","mlazarov","https:\u002F\u002Fprofiles.wordpress.org\u002Fmlazarov\u002F","\u003Cp>This days many web developers try to load your content into their own frame, to help sell ads on their sites or not to send visitors to your web page.\u003Cbr \u002F>\nJust for example Google Images. With this plugin sites such as Google images will be forced  to load your side outside the frame.\u003C\u002Fp>\n","This days many web developers try to load your content into their own frame, to help sell ads on their sites or not to send visitors to your web page.",10,5234,0,"2014-04-05T23:31:00.000Z","3.3.2","2.0.0","",[19,20,21,22,23],"busting","frames","no-frames","seo","spam","http:\u002F\u002Fmarto.lazarov.org\u002Fplugins\u002Fwp-no-frames\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-no-frames.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":31,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1630,30,84,"2026-04-04T07:12:52.881Z",[36,58,77,99,119],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":33,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":17,"download_link":54,"security_score":55,"vuln_count":56,"unpatched_count":56,"last_vuln_date":57,"fetched_at":28},"bot-block-stop-spam-google-analytics-referrals","Bot Block – Stop Spam Referrals in Google Analytics","2.6","Ricky Dawn","https:\u002F\u002Fprofiles.wordpress.org\u002Fthiswebguy\u002F","\u003Cp>This plugin has two main functions:\u003C\u002Fp>\n\u003Col>\n\u003Cli>To stop spam traffic before it reaches your site (which stops spam visits showing in Analytics).\u003C\u002Fli>\n\u003Cli>Save bandwidth, bots use bandwidth when they visit your site, this plugin stops them before they get the chance to download anything.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Spam traffic is an increasing problem, companies like \u003Cstrong>semalt\u003C\u002Fstrong> are spamming sites in order to get their website shown within Google Analytics as a referrer (also known as referral spam). More spammers are beginning to take this approach and this causes issues for any Analytics user that relies on the data collected since pageviews and visitors are inflated.\u003C\u002Fp>\n\u003Cp>Spammers have even taken this a step further by triggering events, which of course can effect conversion data.\u003C\u002Fp>\n\u003Cp>This plugin is built to stop this, it blocks spam bots before your website loads which not only stops the traffic appearing within Google Analytics but it also saves you Bandwidth.\u003Cbr \u002F>\nThe spam bots blocked are pulled from a central database of known bots, this database is updated as new spam bots are found, you also have the option to add your own referrer URL’s to block.\u003C\u002Fp>\n\u003Ch3>Features Include:\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>Central database containing tons of known spam bots \u003C\u002Fli>\n\u003Cli>Ability to add your own custom referrer domains to block \u003C\u002Fli>\n\u003Cli>You can either 301 the spam traffic to another site OR show a 403 error message to spammers \u003C\u002Fli>\n\u003Cli>Full statistics, detailing most blocked bots, total blocks and number of sites in block list \u003C\u002Fli>\n\u003Cli>Ability to block all subdomains of a domain e.g. spam.semalt.com \u003C\u002Fli>\n\u003Cli>Video showing you how to block ‘ghost referrers’ (the spam that cannot be blocked since they do not visit your site) \u003C\u002Fli>\n\u003Cli>The ability to contribute to our growing list of spam bots \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Tags\u003C\u002Fh4>\n\u003Cp>seo, SEO, google, google analytics, google analytics spam, spam, bot block, bot blocker, bot blocking, block bots, semalt, 100dollarsseo, analytics spam blocker\u003C\u002Fp>\n","Block spam referrals showing in Google Analytics and save bandwidth. Central database of sites, ability to add custom URL's and stats.",700,19428,17,"2016-02-24T11:43:00.000Z","4.4.34","3.9",[51,52,53,22],"google","google-analytics","google-analytics-spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbot-block-stop-spam-google-analytics-referrals.2.6.zip",63,1,"2025-09-22 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":11,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":75,"download_link":76,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"custom-referral-spam-blocker","Custom Referral Spam Blocker","1.4.6","csmicfool","https:\u002F\u002Fprofiles.wordpress.org\u002Fcsmicfool\u002F","\u003Cp>Custom Referral Spam Blocker gives you the control to ensure that dishonest referral sources are blocked from Google Analytics.\u003C\u002Fp>\n\u003Cp>We provide a strong default set of spam referral sources and block them for you.  Referrers can quickly be added in moments using the WordPress Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cem>At this time, we are unable to block referral spam when used in conjunction with most CDN configurations.\u003C\u002Fem>\u003C\u002Fp>\n","Custom Referral Spam Blocker gives you the control to ensure that dishonest referral sources are blocked from Google Analytics.",300,17473,80,"2017-02-09T17:41:00.000Z","4.7.32","3.0.1",[73,74,22,23],"referral-spam","referrals","http:\u002F\u002Fjacobbaron.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-referral-spam-blocker.1.4.6.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":85,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":17,"download_link":97,"security_score":98,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"no-aioseop-nags","NO admin premium NAGS","3.4","kontur.us","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetzaufsicht\u002F","\u003Cp>Simply stop the abusive admin nags from All in One SEO plugin and as well from YOAST Seo! Plus: Add your own CSS to the Admin Area.\u003C\u002Fp>\n\u003Ch3>Stopping the Admin Premium Ads for free\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>This simple Plugin, will clean most of the abusive admin Spam from the “All in One SEO” – Plugin. And NOW as well from the “YOAST SEO Plugin”\u003C\u002Fstrong>\u003Cbr \u002F>\nAIOSEO ist a great plugin, and we love it. BUT it is enough to mention it once that there are premium versions.\u003Cbr \u002F>\nAnd there IS NO REASON to block functions, like e.g. the editing of Category Descriptions.\u003Cbr \u002F>\nSo this will clean things a little for us.\u003C\u002Fp>\n\u003Ch3>What the plugin does\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Clean the wp-admin bar from advertising AND useless links to functions that are not free, and therefor utterly useless links\u003C\u002Fli>\n\u003Cli>Clean the AIOSEO set up pages or Yoast SEO pages from premium advertising and tabs that lead to useless settings, which are not available in the free version\u003C\u002Fli>\n\u003Cli>Get rid of the strange ad on the category page\u003C\u002Fli>\n\u003Cli>Clean the page \u002F post editor screen from numerous premium ads that make the editor almost looking like an advertising board\u003C\u002Fli>\n\u003Cli>Option to load your own CSS into the WP Admin Area. The cutom admin CSS input runs with CodeMirror for an easier handling of the CSS input ( line numbers, color highlight, autocomplete). \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Important: If you see new spam, PLEASE let us know!\u003C\u002Fstrong>\u003Cbr \u002F>\n    We do write updates once we know, that new spam occurs!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003Cbr \u002F>\n   The version after 2.7 does now work as well with YOAST SEO.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Add your custom css, to clean even more\u003C\u002Fh3>\n\u003Cp>You can add your own CSS to block other nags on the settings page. We intend to develop this part further with snippets for the most annoying plugin naggers out there.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>If you like that approach,\u003C\u002Fstrong>\u003Cbr \u002F>\n    please get involved and send uns your snippets. Via email or on the WordPress support page 🙂\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Simply stop the abusive admin nags from All in One SEO plugin and as well from YOAST Seo! Plus: Add your own CSS to the Admin Area.",100,5105,3,"2024-04-04T17:21:00.000Z","6.5.8","5.6","7.4",[93,94,95,96,22],"admin-css","anti-spam","custom-admin-css","no-nags","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-aioseop-nags.3.4.zip",92,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":68,"downloaded":107,"rating":68,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":17,"tags":112,"homepage":117,"download_link":118,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"break-out-of-frames","Break Out of Frames","0.1","ewwink","https:\u002F\u002Fprofiles.wordpress.org\u002Fewwink\u002F","\u003Cp>By installing this plugin you can Avoid your blog being framed by some other web site. if you have image or wallpaper blog this plugin will increase your traffic because it will breaking out of Google Image Search preview.\u003C\u002Fp>\n\u003Cp>plugin by \u003Ca href=\"http:\u002F\u002Fwww.cekpr.com\" rel=\"nofollow ugc\">pagerank checker\u003C\u002Fa>\u003C\u002Fp>\n","This Framebreaker will Avoid your blog being framed by some other web site and good for wallpaper blog to increase traffic.",8973,8,"2015-04-20T23:51:00.000Z","4.2.39","2.0.2",[113,114,115,116,21],"disable-iframe","frame","framebreaker","iframe","http:\u002F\u002Fwww.prpagerank.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbreak-out-of-frames.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":11,"downloaded":127,"rating":13,"num_ratings":13,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":17,"tags":131,"homepage":17,"download_link":137,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"commentsafe","CommentSafe","1.2","Avinash Mishra","https:\u002F\u002Fprofiles.wordpress.org\u002Finviul\u002F","\u003Cp>CommentSafe plug-in helps to stop spam comments by giving time delay in posting comments. As seen many bloggers visits website and post generic comments so frequently without devoting their time to read the entire piece of content, which is not justifiable since writer give their precious time to develop good quality of content. The main goal of such commentators is to generate backlinks from comments.\u003Cbr \u002F>\nThis plugin will give time delay, thus ‘Post Comment’ button won’t be active for pre-determined time. Blog publisher can set custom time based on the length of the blog post. CommentSafe plugin allows publisher to enter custom time (in seconds) for individual articles in ‘Add Post’ section. It will also stop spam comments given by bots. Since it will give delay even anyone uses automated software to break captcha. Its subsequent version will be fully beneficial for SEO & Affiliate Marketing.\u003C\u002Fp>\n\u003Cp>Visit Author’s Blog for more information: \u003Ca href=\"http:\u002F\u002Fwww.inviul.com\" rel=\"nofollow ugc\">Inviul\u003C\u002Fa>\u003Cbr \u002F>\nVisit WordPress Idea Page: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fideas\u002Ftopic\u002Fallow-time-spent-on-reading-content-in-comment-section\" rel=\"ugc\">Idea contribution by Avinash Mishra\u003C\u002Fa>\u003C\u002Fp>\n","CommentSafe plug-in helps to stop spam comments by giving time delay in posting comments. As seen many bloggers visits website and post generic commen …",1356,"2017-07-22T16:28:00.000Z","4.8.28","3.1",[132,133,134,135,136],"engagements","improve-bounce-rate","seo-on-comments","spam-free-comments","stop-spam-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcommentsafe.zip",{"attackSurface":139,"codeSignals":151,"taintFlows":161,"riskAssessment":162,"analyzedAt":172},{"hooks":140,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":13,"unprotectedCount":13},[141],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","wp_head","wp_no_frames","wp-no-frames.php",38,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":160},[],{"prepared":13,"raw":13,"locations":154},[],{"escaped":13,"rawEcho":56,"locations":156},[157],{"file":145,"line":158,"context":159},20,"raw output",[],[],{"summary":163,"deductions":164},"The wp-no-frames v3.0.4 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any attack surface (AJAX, REST API, shortcodes, cron events) significantly reduces the potential for external exploitation. Furthermore, the code shows no signs of dangerous functions, external HTTP requests, file operations, or known vulnerabilities, which are all positive indicators.  The use of prepared statements for all SQL queries is excellent practice and mitigates SQL injection risks.\n\nHowever, a significant concern arises from the lack of output escaping for all identified output points. This means that any dynamic content rendered by the plugin could potentially be vulnerable to cross-site scripting (XSS) attacks if that content originates from user-supplied input or untrusted sources. While the plugin has no recorded vulnerability history, the absence of this security measure presents a potential weakness that could be exploited. The lack of nonce and capability checks on any entry points, while not an immediate risk given the current attack surface, is a general security oversight that could become problematic if new entry points are added in the future.\n\nIn conclusion, wp-no-frames v3.0.4 is currently in a good security state due to its minimal attack surface and clean vulnerability history. The most prominent weakness is the unescaped output, which represents a tangible risk that should be addressed. The lack of authentication checks on potential future entry points is a less immediate but still noteworthy area for improvement. Overall, the plugin demonstrates good security practices in many areas but has a critical flaw in output sanitization.",[165,168,170],{"reason":166,"points":167},"Unescaped output detected",5,{"reason":169,"points":87},"Lack of nonce checks",{"reason":171,"points":87},"Lack of capability checks","2026-03-16T23:51:41.678Z",{"wat":174,"direct":179},{"assetPaths":175,"generatorPatterns":176,"scriptPaths":177,"versionParams":178},[],[],[],[],{"cssClasses":180,"htmlComments":181,"htmlAttributes":184,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":188},[],[182,183],"\u003C!--\n\t","\n-->",[],[],[187],"parent_location",[]]