[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8M6uoTzznK_bNbN8Ij2t9zwRGwu6J6juoXolSSvhN_g":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":58,"fingerprints":89},"wp-redis-user-session-storage","Redis User Session Storage","0.2","Erick Hitter","https:\u002F\u002Fprofiles.wordpress.org\u002Fethitter\u002F","\u003Cp>Store WordPress user session tokens in Redis rather than the usermeta table.\u003C\u002Fp>\n\u003Cp>This plugin was previously known as \u003Ccode>WP Redis User Session Storage\u003C\u002Fcode> and was renamed to comply with WordPress.org naming constraints. The previous class name is aliased to support existing extensions.\u003C\u002Fp>\n","Store WordPress session tokens in Redis rather than the usermeta table.",200,8962,0,"2022-07-16T22:26:00.000Z","6.0.11","4.0","5.6",[19,20,21],"session-storage","session-tokens","user-sessions","https:\u002F\u002Fethitter.com\u002Fplugins\u002Fredis-user-session-storage\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-redis-user-session-storage.0.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"ethitter",12,47990,95,2199,76,"2026-04-04T07:05:56.313Z",[37],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":13,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"sessionquota","SessionQuota","1.0.0","handyplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fhandyplugins\u002F","\u003Cp>SessionQuota helps you prevent account sharing by controlling how many active sessions each user can have at the same time.\u003C\u002Fp>\n\u003Cp>Set a global session limit and choose what happens when the limit is reached: block the new login, logout the oldest session(s), or keep only the latest session (single-session mode).\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Global session limit\u003C\u002Fstrong>: Set a maximum number of concurrent sessions per user (\u003Ccode>0\u003C\u002Fcode> = unlimited).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enforcement modes\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Cstrong>Block new login\u003C\u002Fstrong> when the limit is reached.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logout oldest session(s)\u003C\u002Fstrong> required to stay within the limit.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logout all other sessions\u003C\u002Fstrong> after a successful login (single-session mode).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple setup\u003C\u002Fstrong>: Manage settings from \u003Ccode>Settings -> SessionQuota\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Enforcement Modes Explained\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block new login\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Rejects the new login attempt when the user is already at the limit.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Logout oldest session(s)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Terminates the oldest existing session(s) required to keep the user within the limit.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Logout all other sessions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Keeps only the latest session and terminates all other sessions.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Contributing & Bug Reports\u003C\u002Fh4>\n\u003Cp>Bug reports and pull requests are welcome on GitHub: https:\u002F\u002Fgithub.com\u002FHandyPlugins\u002Fsessionquota\u003C\u002Fp>\n","Prevent account sharing by limiting concurrent user sessions in WordPress.",124,"2026-03-10T03:25:00.000Z","6.9.4","5.9","7.4",[51,52,53,54,21],"account-sharing","concurrent-login","concurrent-sessions","session","https:\u002F\u002Fgithub.com\u002FHandyPlugins\u002Fsessionquota","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsessionquota.1.0.0.zip",100,{"attackSurface":59,"codeSignals":76,"taintFlows":84,"riskAssessment":85,"analyzedAt":88},{"hooks":60,"ajaxHandlers":72,"restRoutes":73,"shortcodes":74,"cronEvents":75,"entryPointCount":13,"unprotectedCount":13},[61,67],{"type":62,"name":63,"callback":64,"file":65,"line":66},"action","plugins_loaded","anonymous","wp-redis-user-session-storage.php",62,{"type":68,"name":69,"callback":64,"priority":70,"file":65,"line":71},"filter","session_token_manager",9,68,[],[],[],[],{"dangerousFunctions":77,"sqlUsage":78,"outputEscaping":81,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":83},[],{"prepared":79,"raw":13,"locations":80},4,[],{"escaped":13,"rawEcho":13,"locations":82},[],[],[],{"summary":86,"deductions":87},"The \"wp-redis-user-session-storage\" v0.2 plugin exhibits a very strong security posture based on the provided static analysis.  The complete absence of dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), unescaped output, file operations, and external HTTP requests indicates a high level of coding discipline. Furthermore, the plugin has no recorded vulnerability history, suggesting a mature and secure development process.  The zero attack surface, particularly with no unprotected entry points, is a significant strength, meaning there are no immediately obvious ways for an attacker to interact with the plugin without proper authorization.\n\nWhile the static analysis is highly positive, the complete lack of taint analysis data is a minor concern. This could mean that either no taint analysis was performed or that the analysis tools found no issues. However, given the other positive signals, it's likely that the plugin is well-written. The lack of nonce and capability checks on entry points (which are currently zero) is noted, but this is effectively mitigated by the absence of any entry points in the first place.  Overall, this plugin appears to be a very secure option for its intended purpose, with no identified vulnerabilities or significant code weaknesses.",[],"2026-03-16T20:29:59.057Z",{"wat":90,"direct":96},{"assetPaths":91,"generatorPatterns":93,"scriptPaths":94,"versionParams":95},[92],"\u002Fwp-content\u002Fplugins\u002Fwp-redis-user-session-storage\u002Finc\u002F",[],[],[],{"cssClasses":97,"htmlComments":98,"htmlAttributes":99,"restEndpoints":100,"jsGlobals":101,"shortcodeOutput":102},[],[],[],[],[],[]]