[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJkhsjRpY48iWAud1ulKnOCI9RquAyqcjERwVRanrY1A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":138,"fingerprints":472},"wp-persistent-login","Persistent Login","3.0.3","lukeseager","https:\u002F\u002Fprofiles.wordpress.org\u002Flukeseager\u002F","\u003Cp>Persistent Login keeps users logged into your website, limits the number of active logins allowed at one time and alerts users of new devices logging into their account.\u003C\u002Fp>\n\u003Ch3>Persistent Login: Keep wordpress users logged in forever\u003C\u002Fh3>\n\u003Cp>Persistent Login keeps users logged into your website unless they explicitly choose to log-out. It allows you to limit the number of active logins each user can have, and it alerts users of logins from new devices.\u003C\u002Fp>\n\u003Cp>Persistent Login requires little set-up, just install and save your users time by keeping them logged into your website securely, avoiding the annoyance of forgetting usernames & passwords.\u003C\u002Fp>\n\u003Cp>For added security, users can visit their Profile page in the WP Admin area to see how many sessions they have, what device was used and when they were last active. The user can choose to end any session with the click of a button.\u003C\u002Fp>\n\u003Ch3>Persistent Login\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Selects the ‘Remember Me’ box by default.\n\u003Cul>\n\u003Cli>If left checked, users will be kept logged in for 1 year\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Each time a user revisits your website, their login is extended to 1 year again\u003C\u002Fli>\n\u003Cli>Dashboard stats show you how many users are being kept logged in\u003C\u002Fli>\n\u003Cli>Force log-out all users with the click of a button\u003C\u002Fli>\n\u003Cli>Users can manage their active sessions from the Profile page in the admin area\u003C\u002Fli>\n\u003Cli>Support for common plugins out of the box\u003C\u002Fli>\n\u003Cli>Secure, fast and simple to use!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Active Logins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Option to limit the number of active logins to 1 per user\u003C\u002Fli>\n\u003Cli>New logins can be blocked, or the users oldest login ended automatically\u003C\u002Fli>\n\u003Cli>Manage your own active logins from your Profile page in WP Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Login History\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Notify users of logins from new devices for improved security\u003C\u002Fli>\n\u003Cli>Set your own email notification message that is sent to users\u003C\u002Fli>\n\u003Cli>Allow users to see their login history from their Profile page in WP Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Top Tip\u003C\u002Fh3>\n\u003Cp>Once the plugin is installed, click the \u003Cstrong>End all Sessions\u003C\u002Fstrong> button from the Persistent Login settings page to encourage users to login again and be kept logged in forever!\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>This plugin honours the ‘Remember Me’ checkbox. It is checked by default, but if it is unchecked the user won’t be remembered.\u003C\u002Fp>\n\u003Ch3>Premium Version\u003C\u002Fh3>\n\u003Cp>There is a premium version of the plugin for those who want more control. Visit \u003Ca href=\"https:\u002F\u002Fpersistentlogin.com\" rel=\"nofollow ugc\">persistentlogin.com\u003C\u002Fa> to learn more.\u003C\u002Fp>\n\u003Cp>The premium plan offers the following features:\u003C\u002Fp>\n\u003Cp>Premium Persistent Login Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide the ‘Remember Me’ checkbox, so that users are always remembered\u003C\u002Fli>\n\u003Cli>Manage which user roles have persistent login\u003C\u002Fli>\n\u003Cli>Set how long users are kept logged in for (up to 400 days)\u003C\u002Fli>\n\u003Cli>Session management for users: Users can see all logins with Block Editor and Shortcode support\u003C\u002Fli>\n\u003Cli>Session management for admins: End any users session from the admin area quickly and easily\u003C\u002Fli>\n\u003Cli>Priority Support direct from within WP admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Premium Active Login Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Control which roles have active login limits applied\u003C\u002Fli>\n\u003Cli>Select exactly how many active logins users are allowed\u003C\u002Fli>\n\u003Cli>When the limit is reached: Auto-logout oldest login, let the user decide which session to end, or block the login.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Login History Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow users to see their login history on the front-end with Block and Shortcode support.\u003C\u002Fli>\n\u003Cli>Account inavctivity emails: Notify users after a period of time without logging in.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Stop users being logged out of WordPress\u003C\u002Fh3>\n\u003Cp>Stop users being logged out of WordPress with Persistent Login plugin. Ensure extended login sessions, reduce frustration for administrators and visitors. By keeping users active, Persistent Login improves user experience, lowers bounce rates, and prevents disruptions.\u003C\u002Fp>\n\u003Cp>This plugin integrates seamlessly with WordPress to optimise session management without compromising security. Configure your preferences and let the plugin handle everything. You can customise durations for persistent logins and minimise repeated authentication prompts.\u003C\u002Fp>\n\u003Cp>Ultimately, this tool streamlines WordPress operations, ensures convenience, and provides peace of mind. Stop users being logged out of WordPress by installing  today and gain uninterrupted access to your website.\u003C\u002Fp>\n","Persistent Login keeps users logged into your website, limits the number of active logins allowed at one time and alerts users of new devices logging  &hellip;",7000,118900,78,25,"2026-02-08T07:41:00.000Z","6.9.4","5.0","7.4",[20,21,22,23,24],"active-logins","concurrent-logins","login","session-management","sessions","https:\u002F\u002Fpersistentlogin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-persistent-login.3.0.3.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,94,"2026-04-04T14:54:17.550Z",[38,59,79,101,119],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":33,"unpatched_count":28,"last_vuln_date":58,"fetched_at":30},"loggedin","Loggedin – Limit Concurrent Sessions","2.0.4","Joel James","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoelcj91\u002F","\u003Cp>Loggedin is a lightweight WordPress plugin that lets you easily limit the number of simultaneous active sessions a user can have. This is a crucial feature for membership sites, online courses, and other platforms where you need to prevent users from sharing their accounts.\u003C\u002Fp>\n\u003Ch3>🎁 Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Set Global Limits\u003C\u002Fstrong>: Define a maximum number of concurrent logins for all users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Login Behavior\u003C\u002Fstrong>: Choose to either block new logins when the limit is reached or automatically log out the oldest session to allow a new one.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Account Sharing\u003C\u002Fstrong>: By limiting sessions, you can effectively stop users from sharing their login credentials with others.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Control\u003C\u002Fstrong>: Easily force log out a user from the admin dashboard, giving you full control over active sessions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Friendly\u003C\u002Fstrong>: The plugin is built with a hook-based architecture, making it highly customizable and extensible for developers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📦 Addons\u003C\u002Fh3>\n\u003Cp>Enhance LoggedIn’s functionality with these simple yet powerful \u003Ca href=\"https:\u002F\u002Fduckdev.com\u002Faddons\u002Floggedin\u002F\" rel=\"nofollow ugc\">add-ons\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fduckdev.com\u002Faddon\u002Flimit-per-user\u002F\" rel=\"nofollow ugc\">Limit Per User\u003C\u002Fa>\u003C\u002Fstrong>: For more granular control, the Limit Per User addon allows you to set specific login limits for individual users, overriding the global settings. This is perfect for offering different tiers of access or special privileges.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fduckdev.com\u002Faddon\u002Freal-time-logout\u002F\" rel=\"nofollow ugc\">Real-time Logout\u003C\u002Fa>\u003C\u002Fstrong>: This add-on ensures a truly seamless experience by checking for logouts in real time. When a user’s session is terminated in the background due to a login limit, the add-on will automatically refresh their page, instantly restricting access.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🐛 Bug Reports\u003C\u002Fh3>\n\u003Cp>Found a bug? We welcome your bug reports! Please report any issues directly on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FJoel-James\u002Floggedin\u002Fissues\" rel=\"nofollow ugc\">Loggedin GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cem>Please note: GitHub is for bug reports and development-related issues only. For support, please use the WordPress.org support forums.\u003C\u002Fem>\u003C\u002Fp>\n","Lightweight plugin that limits an account to a specific number of concurrent logins.",8000,115897,98,110,"2026-01-02T06:30:00.000Z",[52,22,53,24,54],"limit","logout","user-login","https:\u002F\u002Fduckdev.com\u002Fproducts\u002Floggedin-limit-active-logins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Floggedin.2.0.4.zip",99,"2024-09-30 19:43:37",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":35,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":73,"download_link":77,"security_score":78,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"user-session-control","User Session Control","0.3.1","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fuser-session-control\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WordPress 4.1 “Dinah” introduced the awesome power of user session management.\u003C\u002Fp>\n\u003Cp>However, you are limited to only being able to destroy your own sessions, and you cannot destroy them individually.\u003C\u002Fp>\n\u003Cp>This plugin allows Administrators to view and manage all sessions by all users on an individual basis.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays a custom “God view” screen of all active user sessions\u003C\u002Fli>\n\u003Cli>Sort sessions by user, role, creation date, expiry date or IP address\u003C\u002Fli>\n\u003Cli>Quickly and easily destroy sessions you think may be a security risk\u003C\u002Fli>\n\u003Cli>Respects the timezone, date format and time format saved under General Settings\u003C\u002Fli>\n\u003Cli>View all user sessions from all blogs on your network via the Network Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003Cli>Français\u003C\u002Fli>\n\u003Cli>Português\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","View and manage all active user sessions in a custom admin screen.",700,10133,7,"2016-12-23T19:25:00.000Z","4.7.32","4.1","",[22,75,24,76],"security","users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.3.1.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":99,"download_link":100,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"login-timeout-sessions","Login Timeout Sessions","1.2.1","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Allows you the ability to set login session \u002F expiry Settings on user capacities by admin panel.\u003C\u002Fp>\n\u003Cp>By default the capabilities of the user are not defined in WordPress, for enhanced security their capabilities have a limit for the modification of site data, removal and creation.\u003C\u002Fp>\n\u003Ch3>Key Feature Comes with Login Timeout Sessions Plugin\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Set new login session.\u003C\u002Fli>\n\u003Cli>Set login ‘Remember me’ session.\u003C\u002Fli>\n\u003Cli>Set special timeout session for Users with a specific capability.\u003C\u002Fli>\n\u003Cli>For example: You can set a longer or shorter login time for administrators with the “edit_theme_options” capability. (see Roles and Capabilities in WordPress Codex).\u003C\u002Fli>\n\u003Cli>Use the default WordPress behaviours.\u003C\u002Fli>\n\u003Cli>Add Updates panel (Settings > Login Sessions).\u003C\u002Fli>\n\u003Cli>Deactivate restore default WordPress behavior.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Flogin-timeout-sessions\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nFor any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n","Allows you the ability to set login session \u002F expiry Settings on user capacities by admin panel.",300,4349,70,2,"2025-11-05T11:00:00.000Z","6.8.5","5.5","7.0",[96,80,97,98],"login-session","session-expired","set-login-expiry","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-timeout-sessions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-timeout-sessions.1.2.1.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":28,"num_ratings":28,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":73,"tags":114,"homepage":73,"download_link":117,"security_score":118,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"prevent-users-concurrent-sign-in","Prevent Users Concurrent Sign In","1.2","Suhas Surse","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuhassurse\u002F","\u003Cp>The “Prevent Users Concurrent Sign In” plugin for WordPress is a powerful tool designed to enhance the security of your website by preventing users from sharing sign-in information and blocking simultaneous logins.\u003C\u002Fp>\n\u003Cp>In WordPress, users have the ability to sign in to their accounts from multiple locations using the same username and password. While this feature can be convenient in some cases, it also poses a significant security risk. Imagine you are operating a WordPress membership site, and unauthorized individuals gain access to your login information. They can then share that information with others, allowing multiple people to log in and potentially exploit your site’s resources and compromise your interests.\u003C\u002Fp>\n\u003Cp>To address this concern, the “Prevent Users Concurrent Sign In” plugin provides a robust solution. It effectively prevents simultaneous sign-ins by restricting access to a single active session for each username and password combination. When a user is already logged in, any subsequent login attempts using the same credentials will be blocked, ensuring that only one person can access the account at a time.\u003C\u002Fp>\n\u003Cp>By implementing this plugin, you can safeguard your website from unauthorized access and protect your valuable content, user data, and membership privileges. It adds an extra layer of security to your WordPress site, mitigating the risk of account sharing and potential breaches.\u003C\u002Fp>\n\u003Cp>Installation is quick and easy. Simply search for the “Prevent Users Concurrent Sign In” plugin in the WordPress Add Plugins page, install it, and activate it. Once activated, the plugin will immediately start preventing concurrent logins, giving you peace of mind and ensuring the integrity of your website.\u003C\u002Fp>\n\u003Cp>Enhance the security of your WordPress site today with the “Prevent Users Concurrent Sign In” plugin, and rest assured that your users’ accounts and sensitive information remain protected against unauthorized access and misuse.\u003C\u002Fp>\n","The \"Prevent Users Concurrent Sign In\" plugin for WordPress is a powerful tool designed to enhance the security of your website by preventin &hellip;",50,2748,"2024-08-06T05:20:00.000Z","6.6.5","4.7",[115,21,116],"concurrent","logins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprevent-users-concurrent-sign-in.1.2.zip",92,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":27,"num_ratings":33,"last_updated":129,"tested_up_to":92,"requires_at_least":17,"requires_php":130,"tags":131,"homepage":136,"download_link":137,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"user-and-login-management","User and Login Management","1.0.8","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-login-and-user-management-plugin\" rel=\"nofollow ugc\">User and Login Management plugin\u003C\u002Fa> allows you to effortlessly handle bulk user import\u002Fexport, efficiently manage user roles, redirect users based on their WordPress roles, track and manage user activity and sessions, enable time-driven users auto-logout, and control the privacy of pages or posts. Simplify your user management process and enhance the security and customization of your WordPress website with our powerful User and Login Management plugin.\u003C\u002Fp>\n\u003Ch4>Free Version Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bulk User Creation\u003C\u002Fstrong>: You can create multiple user accounts at once for users not registered in WordPress simply by importing them through a CSV file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bulk User Modification\u003C\u002Fstrong>: Existing WordPress users’ information, such as their name, email, role, etc., can be modified\u002Fupdated for multiple users simultaneously. Using our interactive plugin interface, you can import and manage various attributes of WordPress users in just a single step.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Bulk Users Role Management\u003C\u002Fstrong>: You can assign roles to new WordPress users or modify\u002Foverwrite the existing users’ roles by importing them through a single file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Export WordPress Users\u003C\u002Fstrong>: You can export profile information of your WordPress, such as name, email, role, etc., to a CSV file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Activity & Session Tracking\u003C\u002Fstrong>: Activity information about your WordPress users, such as session time and active\u002Finactive status, can be easily viewed from the WordPress admin dashboard using our plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Default Redirection on Login and Logout\u003C\u002Fstrong>: A default redirection URL can be set for all WordPress users on login and logout.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Manage access to the website\u003C\u002Fstrong>: Make your website publicly or privately accessible as per your requirements.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User profile picture management\u003C\u002Fstrong>: Manage WordPress user profile pictures from the plugin and the WordPress edit profile section. These user profile pictures can be easily uploaded and deleted from the plugin interface in just one click.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Version Features (Check out the Licensing tab to know more):-\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Role-Based Redirection on Login\u003C\u002Fstrong>: The admin can decide the page to which particular users will be redirected based on their role after login. The information about the URL for the page to be redirected needs to be provided. However, this is an optional feature, and the users will be redirected to the default URL if no role-based redirection is provided\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong> Create Custom WordPress Role \u003C\u002Fstrong>: You can create and assign a custom WordPress role to all users imported through a CSV file with no preassigned roles.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong> Manage all WordPress role capabilities \u003C\u002Fstrong>: Manage capabilities of default as well custom WordPress roles as required apart from the administrator.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong> Delete WordPress Users on Import \u003C\u002Fstrong>: Delete users if not present in CSV or other file formats of your choice.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong> Role-Based Restriction \u003C\u002Fstrong>: Restrict users’ access to a page based on their role.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Auto Logout users\u003C\u002Fstrong>: Manage the session of your WordPress users by providing the auto-logout time, after which the user session will be terminated.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Make a Page\u002FPost Private using custom attributes\u003C\u002Fstrong>: Make a particular page, post, image, etc., on a private site publicly accessible by providing a URL, Page\u002FPost ID, Page Name, or other custom attributes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Admin email notification\u003C\u002Fstrong>:  Notify the site admin on every failed login attempt through an email.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Registration Manager\u003C\u002Fstrong>: Admin can easily approve\u002Fdeny user accounts from the plugin interface.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Advanced User Activity Tracking\u003C\u002Fstrong>: On the WordPress website track wide range of user activities such as successful logins, unsuccessful login attempts, logouts, display user’s access status and many more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Use Cases Supported By Our Plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manage multiple users simultaneously by importing and creating WordPress users from CSV. A new user account will be created for users not already registered in WordPress, and the existing users’ information can also be modified.\u003C\u002Fli>\n\u003Cli>Bulk user roles can be managed by setting default roles that need to be assigned to all the newly created users or the existing users for which the role is not specified. The roles for existing users can also be overwritten.\u003C\u002Fli>\n\u003Cli>If an admin wants to redirect the users with a specific role to a particular page, this can be done simply by providing the URL to which the user with that role needs to be redirected.\u003C\u002Fli>\n\u003Cli>Information regarding the session activity, such as active and inactive WordPress users, can be viewed. The admin can use this information to delete or remove inactive users.\u003C\u002Fli>\n\u003Cli>Restrict access to publicly accessible websites by making them private. This website will be accessible only to logged-in users.\u003Cbr \u002F>\nFor a private website, if there is a need to make a specific page\u002Fpost publicly accessible, this can be achieved by providing the URL that needs to be made public.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Use-Cases we support:-\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ldap-login-intranet-sites\" rel=\"nofollow ugc\">miniOrange WP LDAP\u002FAD Login for Intranet sites plugin\u003C\u002Fa>\u003C\u002Fstrong> supports LDAP login to WordPress sites using credentials stored in active directory and LDAP Directory systems. Only if you have access to \u003Cstrong>\u003Ca href=\"https:\u002F\u002Ffaq.miniorange.com\u002Fknowledgebase\u002Fhow-to-enable-php-ldap-extension\u002F\" rel=\"nofollow ugc\">LDAP Extension\u003C\u002Fa>\u003C\u002Fstrong> on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ldap-login-cloud\" rel=\"nofollow ugc\">miniOrange Active Directory\u002FLDAP Integration for Cloud & Shared Hosting Platforms Plugin\u003C\u002Fa>\u003C\u002Fstrong> supports login to WordPress sites hosted on a shared hosting platform using credentials stored in active directory and LDAP Directory systems in case you are not able to enable \u003Cstrong>\u003Ca href=\"https:\u002F\u002Ffaq.miniorange.com\u002Fknowledgebase\u002Fhow-to-enable-php-ldap-extension\u002F\" rel=\"nofollow ugc\">LDAP Extension\u003C\u002Fa>\u003C\u002Fstrong> on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong> \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ldap-directory-search\" rel=\"nofollow ugc\">Search Staff\u002FEmployee present in your Active Directory\u003C\u002Fa>\u003C\u002Fstrong>: allows you to search and display the users present in your Active Directory \u002F LDAP Server on a WordPress page using a shortcode.\u003C\u002Fli>\n\u003Cli>miniOrange supports \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapisecurity.miniorange.com\" rel=\"nofollow ugc\">API Security use cases\u003C\u002Fa>\u003C\u002Fstrong> to protect and secure your APIs using our product \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fapiconsole.miniorange.com\" rel=\"nofollow ugc\">XecureAPI\u003C\u002Fa>\u003C\u002Fstrong> which helps you to enable Authentication methods ( like OAuth, SAML, LDAP, API Key Authentication, JWT Authentication etc ), Rate Limiting, IP restriction and much more on your APIs for complete protection.\u003C\u002Fli>\n\u003Cli>miniOrange also supports \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fsolutions\u002Fvpn-mfa-multi-factor-authentication\" rel=\"nofollow ugc\">VPN use cases\u003C\u002Fa>\u003C\u002Fstrong> Log in to your VPN client using Active Directory \u002Fother LDAP Directory credentials and \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fproducts\u002Fmulti-factor-authentication-mfa\" rel=\"nofollow ugc\">Multi-Factor Authentication\u003C\u002Fa>\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>miniOrange supports \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.miniorange.com\u002Fproducts\u002Fsingle-sign-on-sso\" rel=\"nofollow ugc\">Single-Sign-On (SSO)\u003C\u002Fa>\u003C\u002Fstrong> into a plethora of applications and supports various protocols like(\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fblog.miniorange.com\u002Fradius-server-authentication\u002F\" rel=\"nofollow ugc\">RADIUS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-single-sign-on-sso\" rel=\"nofollow ugc\">SAML\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-sso\" rel=\"nofollow ugc\">OAuth\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ldap-login-intranet-sites\" rel=\"nofollow ugc\">LDAP\u002FLDAPS\u003C\u002Fa>\u003C\u002Fstrong>, using various IDPs like \u003Cstrong>Azure Active Directory, Microsoft On-Premise Active Directory, Octa, ADFS\u003C\u002Fstrong>, etc.\u003C\u002Fli>\n\u003Cli>Contact us at info@xecurify.com to know more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why you should go with our solution\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong> Support\u003C\u002Fstrong>: With search being one of the essential functions of a website, our priority support ensures that any issues you face on a live production site can be resolved in a timely manner.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Regular updates\u003C\u002Fstrong>: We regularly update our plugin and ensure it is compatible with the latest WordPress versions. These updates include security and bug fixes that \u003Cstrong>ensure you have the latest security fixes\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Ensure timely updates for \u003Cstrong>new WordPress\u002FPHP releases\u003C\u002Fstrong> with our premium plugins and compatibility updates to ensure you have adequate support for smooth transitions to new versions of WordPress and PHP.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reasonable pricing\u003C\u002Fstrong>: Various plans are tailored to suit your needs. We provide discounts to educational and non-profit organizations and bulk discounts on large purchases.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy to set up \u003C\u002Fstrong>: High-quality, easy-to-understand documentation will help you in setting up our plugin. Our developers can also help you by walking you through the setup process of the plugin.\u003C\u002Fli>\n\u003Cli>High level of \u003Cstrong>customization\u003C\u002Fstrong> and \u003Cstrong>add-ons\u003C\u002Fstrong> to support specific requirements.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need support?\u003C\u002Fh4>\n\u003Cp>Please email us at info@xecurify.com or \u003Ca href=\"https:\u002F\u002Fxecurify.com\u002Fcontact\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Minimum Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Compatible with WordPress version 5.0 or higher\u003C\u002Fli>\n\u003Cli>Compatible with PHP version 5.2.0 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides bulk user import\u002Fexport, users session & login activity management, page privacy & security, and user redirection in one place",20,3588,"2025-05-27T20:28:00.000Z","5.4.0",[132,133,23,134,135],"avatar","login-redirect","user-management","wp-login","https:\u002F\u002Fminiorange.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-and-login-management.1.0.8.zip",{"attackSurface":139,"codeSignals":288,"taintFlows":417,"riskAssessment":464,"analyzedAt":471},{"hooks":140,"ajaxHandlers":250,"restRoutes":277,"shortcodes":278,"cronEvents":279,"entryPointCount":69,"unprotectedCount":28},[141,147,153,158,163,167,170,174,178,181,186,189,193,197,200,203,206,210,214,217,221,224,226,229,233,238,242,246],{"type":142,"name":143,"callback":144,"priority":127,"file":145,"line":146},"filter","authenticate","validate_block_logic","classes\\wp-persistent-login-active-logins.php",42,{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","admin_menu","create_menu_page","classes\\wp-persistent-login-admin.php",29,{"type":148,"name":154,"callback":155,"file":156,"line":157},"admin_post_wppl_empty_login_history_table","empty_login_history_table","classes\\wp-persistent-login-login-history.php",34,{"type":148,"name":159,"callback":160,"priority":161,"file":156,"line":162},"wp_login","check_login_history",10,38,{"type":148,"name":164,"callback":165,"file":156,"line":166},"show_user_profile","display_user_login_history_on_profile",43,{"type":148,"name":168,"callback":165,"file":156,"line":169},"edit_user_profile",44,{"type":148,"name":164,"callback":171,"file":172,"line":173},"output_user_sessions","classes\\wp-persistent-login-profile.php",28,{"type":148,"name":175,"callback":176,"file":172,"line":177},"personal_options_update","save_user_sessions",31,{"type":148,"name":179,"callback":176,"file":172,"line":180},"edit_user_profile_update",32,{"type":148,"name":182,"callback":183,"file":184,"line":185},"admin_init","handle_settings","classes\\wp-persistent-login-settings.php",37,{"type":148,"name":182,"callback":187,"file":184,"line":188},"show_message",51,{"type":148,"name":190,"callback":191,"file":184,"line":192},"admin_enqueue_scripts","enqueue_admin_js",54,{"type":142,"name":194,"callback":195,"file":196,"line":177},"cron_schedules","cron_add_minutely","classes\\wp-persistent-login-user-count.php",{"type":148,"name":198,"callback":199,"file":196,"line":157},"persistent_login_user_count","start_count",{"type":148,"name":201,"callback":202,"file":196,"line":185},"persistent_login_update_count","update_count",{"type":148,"name":204,"callback":205,"file":196,"line":166},"activity_box_end","display_login_count_dashboard_stats",{"type":142,"name":207,"callback":208,"priority":161,"file":209,"line":162},"auth_cookie_expiration","set_login_expiration","classes\\wp-persistent-login.php",{"type":148,"name":211,"callback":212,"priority":161,"file":209,"line":213},"set_current_user","update_auth_cookie",41,{"type":142,"name":215,"callback":216,"priority":127,"file":209,"line":169},"secure_signon_cookie","remember_me_meta",{"type":148,"name":218,"callback":219,"file":209,"line":220},"wp_footer","precheck_remember_me",47,{"type":142,"name":222,"callback":219,"file":209,"line":223},"login_footer",48,{"type":148,"name":225,"callback":53,"file":209,"line":188},"clear_auth_cookie",{"type":142,"name":227,"callback":228,"priority":127,"file":209,"line":192},"woocommerce_login_credentials","woocommerce_remember_on_login",{"type":148,"name":230,"callback":231,"priority":127,"file":209,"line":232},"woo_slg_login_user_authenticated","wpweb_woocommerce_remember_on_login",57,{"type":148,"name":234,"callback":235,"file":236,"line":237},"plugins_loaded","persistent_login_update_db_check","includes\\database-upgrades.php",23,{"type":148,"name":239,"callback":240,"file":241,"line":192},"init","wp_persistent_login_load_textdomain","wp_persistent_login.php",{"type":148,"name":243,"callback":244,"file":241,"line":245},"after_uninstall","persistent_login_uninstall_cleanup",63,{"type":148,"name":247,"callback":248,"priority":161,"file":241,"line":249},"wp_mail_failed","wppl_on_mail_error_log",90,[251,258,263,265,268,270,273],{"action":252,"nopriv":253,"callback":254,"hasNonce":255,"hasCapCheck":255,"file":256,"line":257},"wppl_stop_user_count",false,"ajax_stop_user_count",true,"classes\\wp-persistent-login-dashboard.php",24,{"action":259,"nopriv":253,"callback":260,"hasNonce":255,"hasCapCheck":253,"file":261,"line":262},"wppl_send_test_email","send_test_email","classes\\wp-persistent-login-email.php",16,{"action":259,"nopriv":255,"callback":260,"hasNonce":255,"hasCapCheck":253,"file":261,"line":264},17,{"action":266,"nopriv":253,"callback":267,"hasNonce":255,"hasCapCheck":253,"file":261,"line":127},"wppl_send_inactivity_test_email","send_inactivity_test_email",{"action":266,"nopriv":255,"callback":267,"hasNonce":255,"hasCapCheck":253,"file":261,"line":269},21,{"action":271,"nopriv":253,"callback":272,"hasNonce":255,"hasCapCheck":253,"file":184,"line":232},"wppl_toggle_feature","ajax_toggle_feature",{"action":274,"nopriv":253,"callback":275,"hasNonce":255,"hasCapCheck":253,"file":184,"line":276},"wppl_get_user_count_status","ajax_get_user_count_status",58,[],[],[280,282,284,286],{"hook":198,"callback":198,"file":196,"line":281},408,{"hook":201,"callback":201,"file":196,"line":283},823,{"hook":198,"callback":198,"file":236,"line":285},101,{"hook":198,"callback":198,"file":287,"line":162},"includes\\install.php",{"dangerousFunctions":289,"sqlUsage":294,"outputEscaping":303,"fileOperations":33,"externalRequests":28,"nonceChecks":411,"capabilityChecks":296,"bundledLibraries":412},[290],{"fn":291,"file":145,"line":292,"context":293},"unserialize",117,"$ip_data = unserialize(file_get_contents('http:\u002F\u002Fwww.geoplugin.net\u002Fphp.gp?ip='.$remote_address));",{"prepared":295,"raw":296,"locations":297},8,3,[298,301,302],{"file":156,"line":299,"context":300},193,"$wpdb->query() with variable interpolation",{"file":236,"line":213,"context":300},{"file":236,"line":232,"context":300},{"escaped":169,"rawEcho":304,"locations":305},53,[306,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396,398,399,401,403,405,407,409],{"file":256,"line":307,"context":308},46,"raw output",{"file":256,"line":310,"context":308},81,{"file":256,"line":312,"context":308},86,{"file":256,"line":314,"context":308},124,{"file":256,"line":316,"context":308},145,{"file":256,"line":318,"context":308},150,{"file":256,"line":320,"context":308},156,{"file":256,"line":322,"context":308},165,{"file":256,"line":324,"context":308},192,{"file":256,"line":326,"context":308},196,{"file":256,"line":328,"context":308},203,{"file":256,"line":330,"context":308},254,{"file":256,"line":332,"context":308},299,{"file":256,"line":334,"context":308},331,{"file":256,"line":336,"context":308},364,{"file":256,"line":281,"context":308},{"file":256,"line":339,"context":308},531,{"file":256,"line":341,"context":308},585,{"file":256,"line":343,"context":308},654,{"file":256,"line":345,"context":308},739,{"file":256,"line":347,"context":308},906,{"file":256,"line":349,"context":308},945,{"file":156,"line":351,"context":308},562,{"file":156,"line":353,"context":308},563,{"file":172,"line":355,"context":308},246,{"file":172,"line":357,"context":308},250,{"file":172,"line":359,"context":308},255,{"file":172,"line":361,"context":308},262,{"file":172,"line":363,"context":308},281,{"file":184,"line":365,"context":308},730,{"file":184,"line":367,"context":308},741,{"file":184,"line":369,"context":308},743,{"file":184,"line":371,"context":308},749,{"file":184,"line":373,"context":308},762,{"file":184,"line":375,"context":308},970,{"file":184,"line":377,"context":308},972,{"file":184,"line":379,"context":308},976,{"file":184,"line":381,"context":308},994,{"file":184,"line":383,"context":308},998,{"file":184,"line":385,"context":308},1114,{"file":184,"line":387,"context":308},1121,{"file":184,"line":389,"context":308},1183,{"file":184,"line":391,"context":308},1192,{"file":184,"line":393,"context":308},1194,{"file":184,"line":395,"context":308},1198,{"file":196,"line":397,"context":308},625,{"file":196,"line":397,"context":308},{"file":196,"line":400,"context":308},628,{"file":196,"line":402,"context":308},630,{"file":196,"line":404,"context":308},632,{"file":196,"line":406,"context":308},744,{"file":209,"line":408,"context":308},229,{"file":209,"line":410,"context":308},335,9,[413],{"name":414,"version":415,"knownCves":416},"Freemius","1.0",[],[418,435,443,456],{"entryPoint":419,"graph":420,"unsanitizedCount":28,"severity":434},"render_page_header (classes\\wp-persistent-login-dashboard.php:34)",{"nodes":421,"edges":432},[422,427],{"id":423,"type":424,"label":425,"file":256,"line":426},"n0","source","$_GET['wppl-msg']",75,{"id":428,"type":429,"label":430,"file":256,"line":426,"wp_function":431},"n1","sink","echo() [XSS]","echo",[433],{"from":423,"to":428,"sanitized":255},"low",{"entryPoint":436,"graph":437,"unsanitizedCount":28,"severity":434},"\u003Cwp-persistent-login-dashboard> (classes\\wp-persistent-login-dashboard.php:0)",{"nodes":438,"edges":441},[439,440],{"id":423,"type":424,"label":425,"file":256,"line":426},{"id":428,"type":429,"label":430,"file":256,"line":426,"wp_function":431},[442],{"from":423,"to":428,"sanitized":255},{"entryPoint":444,"graph":445,"unsanitizedCount":28,"severity":434},"empty_login_history_table (classes\\wp-persistent-login-login-history.php:182)",{"nodes":446,"edges":454},[447,450],{"id":423,"type":424,"label":448,"file":156,"line":449},"$_POST",206,{"id":428,"type":429,"label":451,"file":156,"line":452,"wp_function":453},"wp_redirect() [Open Redirect]",218,"wp_redirect",[455],{"from":423,"to":428,"sanitized":255},{"entryPoint":457,"graph":458,"unsanitizedCount":28,"severity":434},"\u003Cwp-persistent-login-login-history> (classes\\wp-persistent-login-login-history.php:0)",{"nodes":459,"edges":462},[460,461],{"id":423,"type":424,"label":448,"file":156,"line":449},{"id":428,"type":429,"label":451,"file":156,"line":452,"wp_function":453},[463],{"from":423,"to":428,"sanitized":255},{"summary":465,"deductions":466},"The wp-persistent-login plugin v3.0.3 exhibits a generally good security posture with a relatively small attack surface and a strong emphasis on authentication and authorization checks for its entry points. The absence of any known CVEs and the limited number of identified code signals, such as dangerous functions and file operations, are positive indicators.  However, the presence of the `unserialize` function is a notable concern, as it can be a vector for object injection vulnerabilities if not handled with extreme care and strict input validation. Furthermore, the relatively low percentage of properly escaped outputs (45%) suggests a potential for cross-site scripting (XSS) vulnerabilities, especially given the large number of total outputs.",[467,469],{"reason":468,"points":161},"Presence of unserialize function",{"reason":470,"points":295},"Low percentage of properly escaped outputs","2026-03-16T18:02:03.311Z",{"wat":473,"direct":482},{"assetPaths":474,"generatorPatterns":477,"scriptPaths":478,"versionParams":479},[475,476],"\u002Fwp-content\u002Fplugins\u002Fwp-persistent-login\u002Fcss\u002Fdashboard.css","\u002Fwp-content\u002Fplugins\u002Fwp-persistent-login\u002Fjs\u002Fdashboard.js",[],[476],[480,481],"wp-persistent-login\u002Fcss\u002Fdashboard.css?ver=","wp-persistent-login\u002Fjs\u002Fdashboard.js?ver=",{"cssClasses":483,"htmlComments":487,"htmlAttributes":488,"restEndpoints":490,"jsGlobals":491,"shortcodeOutput":496},[484,485,486],"wppl-container","wppl-wrap","wppl-msg",[],[489],"data-wppl-settings",[],[492,493,494,495],"ajaxurl","WPPL_ACCOUNT_PAGE","WPPL_UPGRADE_PAGE","WPPL_SUPPORT_PAGE",[]]