[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzIJ5XsQknY44SNtSLMo8Za5P4UgXVlPEXbqKRQraWx0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":141,"fingerprints":224},"xmlrpc-lockdown","XMLRPC Lockdown by AO Digital","2.0","aodigitalau","https:\u002F\u002Fprofiles.wordpress.org\u002Faodigitalau\u002F","\u003Cp>XMLRPC Lockdown by AO Digital is an advanced security plugin for WordPress. It blocks access to \u003Ccode>xmlrpc.php\u003C\u002Fcode> for all requests except those explicitly allowed, such as requests from Jetpack, the WordPress mobile app, and other specified services. With the latest enhancements, users can customize the list of allowed services and create custom allowances for specific IPs, URLs, or referrers directly from the WordPress admin dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Blocks unauthorized access to \u003Ccode>xmlrpc.php\u003C\u002Fcode>, enhancing WordPress security.\u003Cbr \u002F>\n– Allows specific services like Jetpack and the WordPress mobile app to work seamlessly.\u003Cbr \u002F>\n– New settings page for managing allowed plugins and custom allowances.\u003Cbr \u002F>\n– AJAX-powered options saving for a smooth user experience.\u003Cbr \u002F>\n– Fully compatible with PHP 8.0+ and tested up to WordPress 6.7.2.\u003C\u002Fp>\n\u003Cp>Whether you’re looking to secure your site or fine-tune \u003Ccode>xmlrpc.php\u003C\u002Fcode> access, XMLRPC Lockdown by AO Digital offers a robust, user-friendly solution.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For assistance with XMLRPC Lockdown by AO Digital, please visit \u003Ca href=\"http:\u002F\u002Faodigital.com.au\" rel=\"nofollow ugc\">AO Digital Support\u003C\u002Fa> or email us at support@aodigital.com.au.\u003C\u002Fp>\n","XMLRPC Lockdown by AO Digital is an advanced security plugin for WordPress. It blocks access to xmlrpc.php for all requests except those explicitly al &hellip;",80,2134,100,1,"2024-12-10T10:03:00.000Z","6.7.5","","8.0",[20,21,22,23,24],"jetpack","mobile-app","security","wordpress","xmlrpc","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fxmlrpc-lockdown\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxmlrpc-lockdown.2.0.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,30,88,"2026-04-04T05:52:42.865Z",[38,57,78,100,121],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":17,"download_link":56,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"stop-xml-rpc-attacks","Stop XML-RPC Attacks","2.0.0","Pascal CESCATO","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcescato\u002F","\u003Cp>Stop XML-RPC Attacks protects your WordPress site from XML-RPC brute force attacks, DDoS attempts, and reconnaissance probes while maintaining compatibility with essential services like Jetpack and WooCommerce.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Three security modes: Full Disable, Guest Disable, or Selective Blocking\u003C\u002Fli>\n\u003Cli>Blocks dangerous methods: system.multicall, pingback.ping, and more\u003C\u002Fli>\n\u003Cli>Compatible with Jetpack and WooCommerce\u003C\u002Fli>\n\u003Cli>Optional user enumeration blocking\u003C\u002Fli>\n\u003Cli>Attack logging for monitoring\u003C\u002Fli>\n\u003Cli>Zero configuration required – works out of the box\u003C\u002Fli>\n\u003Cli>Clean, intuitive admin interface\u003C\u002Fli>\n\u003C\u002Ful>\n","Blocks dangerous XML-RPC methods while preserving Jetpack, WooCommerce, and mobile apps compatibility.",6000,26717,4,"2026-01-01T13:41:00.000Z","6.9.4","6.0","7.4",[54,55,20,22,24],"brute-force","ddos","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-xml-rpc-attacks.2.0.0.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":13,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":52,"tags":71,"homepage":76,"download_link":77,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-disable-xml-rpc","Simple Disable XML-RPC | Reduce Brute Force & DDOS Attacks","1.4.0","Delower Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdelower\u002F","\u003Cp>\u003Cstrong>Simple Disable XML-RPC\u003C\u002Fstrong> is a lightweight, powerful WordPress plugin that gives you complete control over your site’s XML-RPC functionality. Protect your WordPress site from brute force attacks, DDoS attempts, and other XML-RPC security vulnerabilities with just one click.\u003C\u002Fp>\n\u003Ch3>🔒 Why Disable XML-RPC?\u003C\u002Fh3>\n\u003Cp>XML-RPC is a remote communication protocol that allows external applications to interact with your WordPress site. While useful for some services, it’s frequently exploited by attackers for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Brute Force Attacks\u003C\u002Fstrong> – Automated password guessing attempts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DDoS Attacks\u003C\u002Fstrong> – Overwhelming your server with requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resource Exhaustion\u003C\u002Fstrong> – Slowing down your website\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pingback Vulnerabilities\u003C\u002Fstrong> – Exploiting pingback features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>🎯 One-Click Control\u003C\u002Fstrong> – Modern toggle switch interface (NEW in v1.4.0)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔐 Enhanced Security\u003C\u002Fstrong> – Block XML-RPC attacks instantly\u003C\u002Fli>\n\u003Cli>\u003Cstrong>⚡ Improved Performance\u003C\u002Fstrong> – Reduce server load and resource usage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🎨 Beautiful Admin Interface\u003C\u002Fstrong> – Clean, modern card-based design (NEW in v1.4.0)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🌐 Translation Ready\u003C\u002Fstrong> – Fully internationalized and translation-ready\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📱 Mobile Responsive\u003C\u002Fstrong> – Settings page works perfectly on all devices\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🧹 Clean Uninstall\u003C\u002Fstrong> – Removes all data when uninstalled\u003C\u002Fli>\n\u003Cli>\u003Cstrong>⚙️ Developer Friendly\u003C\u002Fstrong> – Well-coded, follows WordPress standards\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔄 Regular Updates\u003C\u002Fstrong> – Actively maintained and tested with latest WordPress versions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>💯 Lightweight\u003C\u002Fstrong> – No bloat, minimal impact on your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🆕 What’s New in Version 1.4.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>✅ Modern toggle switch replaces old checkbox\u003C\u002Fli>\n\u003Cli>✅ Beautiful card-based admin interface\u003C\u002Fli>\n\u003Cli>✅ Enhanced security with proper sanitization\u003C\u002Fli>\n\u003Cli>✅ Better code organization (OOP approach)\u003C\u002Fli>\n\u003Cli>✅ Improved accessibility and UX\u003C\u002Fli>\n\u003Cli>✅ Removes X-Pingback header when disabled\u003C\u002Fli>\n\u003Cli>✅ Fixed activation redirect for bulk installations\u003C\u002Fli>\n\u003Cli>✅ Better mobile responsive design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎯 Perfect For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Security-focused website owners\u003C\u002Fli>\n\u003Cli>Sites that don’t use mobile apps or remote publishing\u003C\u002Fli>\n\u003Cli>Sites experiencing XML-RPC attacks\u003C\u002Fli>\n\u003Cli>Performance-conscious administrators\u003C\u002Fli>\n\u003Cli>Anyone wanting better control over WordPress features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 How It Works\u003C\u002Fh3>\n\u003Cp>This plugin uses the native WordPress \u003Ccode>xmlrpc_enabled\u003C\u002Fcode> filter to safely disable XML-RPC without modifying core files. Simply activate the plugin, toggle the switch on the settings page, and you’re protected!\u003C\u002Fp>\n\u003Ch3>⚠️ Important Note\u003C\u002Fh3>\n\u003Cp>Disabling XML-RPC may affect:\u003Cbr \u002F>\n* WordPress mobile apps\u003Cbr \u002F>\n* Jetpack (some features)\u003Cbr \u002F>\n* Remote publishing tools\u003Cbr \u002F>\n* Pingbacks and trackbacks\u003Cbr \u002F>\n* Third-party services that rely on XML-RPC\u003C\u002Fp>\n\u003Cp>Only disable XML-RPC if you don’t use these features.\u003C\u002Fp>\n\u003Ch3>🤝 Contributing & Bug Reports\u003C\u002Fh3>\n\u003Cp>Bug reports and pull requests are welcome on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress-Satkhira-Community\u002Fsimple-disable-xml-rpc\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. Help us make this plugin better!\u003C\u002Fp>\n\u003Ch3>💝 Support the Development\u003C\u002Fh3>\n\u003Cp>If you find this plugin helpful, please consider:\u003Cbr \u002F>\n* ⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-disable-xml-rpc\u002Freviews\u002F\" rel=\"ugc\">Rating it 5 stars\u003C\u002Fa>\u003Cbr \u002F>\n* 🐛 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress-Satkhira-Community\u002Fsimple-disable-xml-rpc\u002Fissues\" rel=\"nofollow ugc\">Reporting bugs\u003C\u002Fa>\u003Cbr \u002F>\n* 💬 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress-Satkhira-Community\u002Fsimple-disable-xml-rpc\u002Fissues\" rel=\"nofollow ugc\">Suggesting features\u003C\u002Fa>\u003Cbr \u002F>\n* ☕ \u003Ca href=\"https:\u002F\u002Fwww.wpsatkhira.com\u002Fdonate\" rel=\"nofollow ugc\">Buying us a coffee\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Simple Disable XML-RPC does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Collect any user data\u003C\u002Fli>\n\u003Cli>Store any personal information\u003C\u002Fli>\n\u003Cli>Make external API calls\u003C\u002Fli>\n\u003Cli>Use cookies or tracking\u003C\u002Fli>\n\u003Cli>Send data to third parties\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin only stores one setting in your WordPress database: whether XML-RPC is enabled or disabled.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? We’re here for you!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📖 \u003Ca href=\"https:\u002F\u002Fwww.wpsatkhira.com\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>💬 \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-disable-xml-rpc\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>🐛 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress-Satkhira-Community\u002Fsimple-disable-xml-rpc\u002Fissues\" rel=\"nofollow ugc\">Report Bugs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>⭐ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsimple-disable-xml-rpc\u002Freviews\u002F\" rel=\"ugc\">Rate Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed with ❤️ by \u003Ca href=\"https:\u002F\u002Fwww.wpsatkhira.com\" rel=\"nofollow ugc\">WordPress Satkhira Community\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Contributors:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdelower\u002F\" rel=\"nofollow ugc\">wpdelower\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmonarchwp23\u002F\" rel=\"nofollow ugc\">monarchwp23\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Special thanks to all our users and contributors who help make this plugin better!\u003C\u002Fp>\n","Simply disable XML-RPC on your WordPress site with a simple toggle switch. Protect your site from XML-RPC attacks and improve security.",1000,8616,5,"2025-11-09T02:27:00.000Z","6.8.5","6.1",[72,73,74,75,24],"disable-xml","disable-xml-rpc","wordpress-security","xml","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-disable-xml-rpc\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-disable-xml-rpc.1.4.0.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":50,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":98,"download_link":99,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"malcare-security","MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall","6.36","malcare","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalcare\u002F","\u003Ch3>MALCARE SECURITY SERVICES\u003C\u002Fh3>\n\u003Cp>Security Plugin For WordPress Websites\u003Cbr \u002F>\n★★★★★\u003C\u002Fp>\n\u003Cp>A WordPress security plugin ensures that your website remains completely safe and secure, always. We created \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002F\" rel=\"nofollow ugc\">MalCare Security Plugin\u003C\u002Fa> to help website owners worry less about their site security, achieve peace of mind and focus all their energies on growing their business or website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why you need MalCare Security?\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fj3h0JF0we4o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Difference Between MalCare Free vs Premium\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F4ja5ix9WDCo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Why MalCare is best WordPress security plugin?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fvt-0TrMV-TQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>MalCare in 1 Minute – Overview\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FH1XRntW_FeE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003Cbr \u002F>\n\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Links: \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Security Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002F\" rel=\"nofollow ugc\">Why Choose MalCare?\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ftop-wordpress-security-plugins-compared\u002F\" rel=\"nofollow ugc\">Comparisons\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fmalcare-free-premium\u002F\" rel=\"nofollow ugc\">Free vs Paid\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MalCare is the \u003Cstrong>fastest\u003C\u002Fstrong> malware detection and removal plugin loved by thousands of developers and agencies. With an industry-first \u003Cstrong>automatic one-click malware removal\u003C\u002Fstrong>, your WordPress website is clean before Google blacklists it or your web host takes it down. MalCare has been developed from the ground up after \u003Cstrong>analyzing over 240,000 websites over 2.5+ years\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Its \u003Cstrong>intelligent scanning methodology\u003C\u002Fstrong> will \u003Cstrong>never slow down your WordPress site\u003C\u002Fstrong> and \u003Cstrong>accurately identifies\u003C\u002Fstrong> the most complex malware that typically goes undetected in other popular WordPress security plugins.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>one-click malware cleaner\u003C\u002Fstrong> offers unlimited automated cleanups while the inbuilt \u003Cstrong>powerful cloud-based firewall\u003C\u002Fstrong> ensures round-the-clock website protection against spam attacks. Moreover, you can \u003Cstrong>block countries\u003C\u002Fstrong> to mitigate hack attacks.\u003C\u002Fp>\n\u003Cp>MalCare comes integrated with a \u003Cstrong>complete website management\u003C\u002Fstrong> module that ensures better WP security and site management to your websites from a single dashboard.\u003C\u002Fp>\n\u003Cp>The WP security plugin \u003Cstrong>notifies you if the WordPress site goes down\u003C\u002Fstrong> so that you can handle the situation before you start losing visitors. Performance Check enables WordPress users to keep an eye on their \u003Cstrong>loading speed\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>MalCare offers a premium \u003Cstrong>White-Label\u003C\u002Fstrong> solution that lets agencies provide better website security to their clients without risking their business. And enables users to \u003Cstrong>generate beautiful reports\u003C\u002Fstrong> for their clients.\u003C\u002Fp>\n\u003Ch3>Why Choose MalCare WordPress Security Plugin?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Ch4>WordPress Malware Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cloud Based Deep malware scanner\u003C\u002Fli>\n\u003Cli>Doesn’t Slow down your WordPress site\u003C\u002Fli>\n\u003Cli>Detects malware BEFORE it’s too late\u003C\u002Fli>\n\u003Cli>NO impact on your website\u003C\u002Fli>\n\u003Cli>Finds ALL types of malware, even new & complex ones\u003C\u002Fli>\n\u003Cli>Get Alerts about Security Risks with our WordPress Vulnerability Scanner\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Malware Removal\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View hacked file details\u003C\u002Fli>\n\u003Cli>Cleans your site INSTANTLY, in less than 60 Secs\u003C\u002Fli>\n\u003Cli>Removes ALL traces of malware\u003C\u002Fli>\n\u003Cli>UNLIMITED hack cleanups\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Website Protection\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blocks hacker BOTS from attacking login page\u003C\u002Fli>\n\u003Cli>Identifies & blocks MALICIOUS traffic\u003C\u002Fli>\n\u003Cli>Enables users to HARDEN their WordPress sites\u003C\u002Fli>\n\u003Cli>Enables users to block ENTIRE countries\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Easy to Use\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set up an account in 60 secs\u003C\u002Fli>\n\u003Cli>Configure security once & never look at it again\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Agile & responsive customer support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Is MalCare Such a Game-Changer?\u003C\u002Fh3>\n\u003Cp>MalCare offers unparalleled security services. Some services are free and others are paid.\u003C\u002Fp>\n\u003Ch4>MalCare’s FREE Services –\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Ch4>Cloud-Based Malware Scanning (Free)\u003C\u002Fh4>\n\u003Cp>MalCare’s Cloud-based Scanning ensures no impact on your website ever. Moreover, it detects Complex Malware missed by other popular security plugins for WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Web-Application WordPress Firewall (Free)\u003C\u002Fh4>\n\u003Cp>Get Real-Time Protection for your WordPress website against the latest security threats with MalCare’s Smart Firewall. Block hackers & bots before they harm your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>CAPTCHA-Based Login Page Protection (Free)\u003C\u002Fh4>\n\u003Cp>Automatically prevent brute force attacks with MalCare’s Smart Captcha-Based Login Page Protection. Round-the-clock protection against malicious traffic.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>MalCare’s PAID Services –\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Ch4>Viewing Hacked Files (Paid)\u003C\u002Fh4>\n\u003Cp>View the infected files present on your WordPress website. Learn which themes or plugins or files or folders were infected by hackers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Industry-First Instant Malware Removal (Paid)\u003C\u002Fh4>\n\u003Cp>Clean your hacked site instantly in less than 60 secs with MalCare’s 1-Click Cleaner. Clean your website before Google blacklists it or your web host takes it down.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>WordPress Recommended Website Hardening (Paid)\u003C\u002Fh4>\n\u003Cp>Easily configure WordPress recommended best security practices with just 1-Click from right within MalCare’s dashboard. No technical knowledge needed.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Geo-blocking (Paid)\u003C\u002Fh4>\n\u003Cp>Restrict access to users based on their geographical location. Easily block all visitors from certain countries to mitigate the risk of being hacked.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Uptime Monitoring (Paid)\u003C\u002Fh4>\n\u003Cp>With MalCare’s Uptime Monitoring keep a steady eye on your WordPress site. It ensures that you are not oblivious to website downtime.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Common Hack Attacks Prevented By MalCare\u003C\u002Fh3>\n\u003Cp>MalCare protects websites against all common hack attacks which includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-brute-force\u002F\" rel=\"nofollow ugc\">Brute force attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fjapanese-keyword-hack\u002F\" rel=\"nofollow ugc\">Japanese keyword hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-hacked-redirect\u002F\" rel=\"nofollow ugc\">WordPress redirect hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwhat-is-pharma-hack-how-to-clean-it\u002F\" rel=\"nofollow ugc\">Pharma hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fseo-spam\u002F\" rel=\"nofollow ugc\">SEO spam hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-theme-hacked\u002F\" rel=\"nofollow ugc\">WordPress theme hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fspam-link-injection-wordpress\u002F\" rel=\"nofollow ugc\">WordPress spam link injections\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Frevslider-exploit\u002F\" rel=\"nofollow ugc\">Revslider hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-timthumb\u002F\" rel=\"nofollow ugc\">TimThumb hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fadminer-php-hack\u002F\" rel=\"nofollow ugc\">Adminer.php hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fcross-site-scripting-xss-attacks-what-how-prevent-them\u002F\" rel=\"nofollow ugc\">XSS or cross-site scripting hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-detect-and-remove-wp-vcd-malware-a-step-by-step-guide-and-a-bonus-plugin\u002F\" rel=\"nofollow ugc\">WP-VCD hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fpreventing-sql-injections\u002F\" rel=\"nofollow ugc\">SQL injection hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-malvertising\u002F\" rel=\"nofollow ugc\">WordPress malvertising hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fremove-google-blacklist-warning\u002F\" rel=\"nofollow ugc\">Google Blacklist hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fgoogle-adwords-account-suspended\u002F\" rel=\"nofollow ugc\">Google Adwords hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fsession-hijacking-cookie-stealing\u002F\" rel=\"nofollow ugc\">Cookie stealing & session hijacking\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-remove-phishing\u002F\" rel=\"nofollow ugc\">WordPress phishing hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Ffavicon-ico-virus-wordpress\u002F\" rel=\"nofollow ugc\">Favicon.ico virus hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fremoving-wp-feed-php-malware\u002F\" rel=\"nofollow ugc\">WP-Feed.php & WP-Tmp.php\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fhow-to-scan-malware-and-backdoors-of-your-wordpress-site\u002F\" rel=\"nofollow ugc\">Backdoor hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fcoinhive-malware-wordpress\u002F\" rel=\"nofollow ugc\">Coinhive hack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fdeface-wordpress\u002F\" rel=\"nofollow ugc\">WordPress deface hack\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare Free vs. MalCare Premium\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Ch4>Cloud Based Malware Scanner (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Cloud-Based Malware Scanning \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Deep Malware Scanning – Files & Database \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Website Firewall (FREE)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Web Application Firewall \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Plugin Based Firewall \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Rules update every 7 days \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Login Page Protection \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Bot Protection \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Rules update every 5 mins \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Geo-Blocking \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Website Hardening \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Instant Malware Removal (PAID)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Malware Insights \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Instant One-Click Clean Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Automatic Clean-Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Unlimited Clean-Ups \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Personalized Customer Support (Paid)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support on WordPress forum \u003Cstrong>(Free)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Support via email and chat \u003Cstrong>(Paid)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Who Can Benefit From MalCare?\u003C\u002Fh3>\n\u003Cp>MalCare is perfect for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any WordPress Websites\u003C\u002Fli>\n\u003Cli>Small Business Websites\u003C\u002Fli>\n\u003Cli>Developer Websites\u003C\u002Fli>\n\u003Cli>Web Designing Websites\u003C\u002Fli>\n\u003Cli>eCommerce Stores\u003C\u002Fli>\n\u003Cli>Niche Sites\u003C\u002Fli>\n\u003Cli>Artists & Photographers Sites\u003C\u002Fli>\n\u003Cli>Amateur & Professional Bloggers\u003C\u002Fli>\n\u003Cli>Local Business Sites\u003C\u002Fli>\n\u003Cli>Website for Startups\u003C\u002Fli>\n\u003Cli>Websites Selling Courses\u003C\u002Fli>\n\u003Cli>Influencer Sites\u003C\u002Fli>\n\u003Cli>Web Hosting Companies\u003C\u002Fli>\n\u003Cli>Website Maintenance Services or Agencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Detailed Setup Step-by-Step Tutorials\u003C\u002Fh3>\n\u003Cp>This WordPress security plugin works in tandem with the \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\" rel=\"nofollow ugc\">MalCare\u003C\u002Fa> servers. MalCare servers do all the heavy processing and will alert you if your site has any security issues.\u003C\u002Fp>\n\u003Cp>Hence a MalCare account is needed to use the plugin. This account can also be used by our other products including \u003Ca href=\"https:\u002F\u002Fblogvault.net\" rel=\"nofollow ugc\">BlogVault\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fsolutions\u002Farticles\u002F35000055512-how-do-i-set-up-a-malcare-account-\" rel=\"nofollow ugc\">How to Set Up a MalCare Account?\u003C\u002Fa> (Help Doc)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=v8L_DZllk7k&list=\" rel=\"nofollow ugc\">How to Set Up a MalCare Account?\u003C\u002Fa> (Video)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare Full Security Features List\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Ch4>Cloud Based Malware Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Daily Scan Frequency\u003C\u002Fli>\n\u003Cli>On-demand Site Scans\u003C\u002Fli>\n\u003Cli>Scan Non-WP Files\u003C\u002Fli>\n\u003Cli>Does not slow down your website ever\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Instant Malware Removal\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>View Hacked Files details\u003C\u002Fli>\n\u003Cli>Instant Automatic Malware Removal\u003C\u002Fli>\n\u003Cli>Removal of Unknown & New Malware\u003C\u002Fli>\n\u003Cli>Unlimited Malware Removal\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Intelligent Malware Protection\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Web Application Firewall\u003C\u002Fli>\n\u003Cli>IP Whitelisting\u003C\u002Fli>\n\u003Cli>CAPTCHA-based Login Page Protection\u003C\u002Fli>\n\u003Cli>Traffic Logs\u003C\u002Fli>\n\u003Cli>Login Logs\u003C\u002Fli>\n\u003Cli>Geo-Blocking\u003C\u002Fli>\n\u003Cli>Alerts for Suspicious Logins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Website Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block PHP Execution in Untrusted Folders\u003C\u002Fli>\n\u003Cli>Disable Files Editor\u003C\u002Fli>\n\u003Cli>Block Plugin or Theme Installation\u003C\u002Fli>\n\u003Cli>Change Security Keys\u003C\u002Fli>\n\u003Cli>Reset All Passwords\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Complete Website Management\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Centralized Dashboard\u003C\u002Fli>\n\u003Cli>Plugins & Themes Management & Update\u003C\u002Fli>\n\u003Cli>User Management\u003C\u002Fli>\n\u003Cli>Team Management\u003C\u002Fli>\n\u003Cli>Client Management\u003C\u002Fli>\n\u003Cli>Generate & Schedule Reports\u003C\u002Fli>\n\u003Cli>White-Labeling Solution\u003C\u002Fli>\n\u003Cli>Uptime Monitoring\u003C\u002Fli>\n\u003Cli>Site Speed Monitoring\u003C\u002Fli>\n\u003Cli>Blacklist Alarm\u003C\u002Fli>\n\u003Cli>Slack Integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Chat\u003C\u002Fli>\n\u003Cli>Social Media\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Fans Are Raving About Us\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualcomposer.com\u002Fblog\u002Fmalcare-review\u002F\" rel=\"nofollow ugc\">MalCare Review on VisualComposer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fresources\u002Fmalcare-security-and-firewall-the-right-security-plugin-for-your-site\" rel=\"nofollow ugc\">MalCare Review on ElegantThemes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fblog.weglot.com\u002Fideal-security-solution-malcare-review\u002F\" rel=\"nofollow ugc\">MalCare Review on Weglot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpwhitesecurity.com\u002Fmalcare-wordpress-site-security-service-reviewed\u002F\" rel=\"nofollow ugc\">MalCare Review on WPWhiteSecurity\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=2yNIb4Pc_ig\" rel=\"nofollow ugc\">MalCare Reviews by WordPress Influencer Adam Preiser (Plus Real Malware Removal Demo)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Connect With Our Team of Security Experts\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">Join MalCare’s Facebook Community\u003C\u002Fa> – The purpose of the group is to enable Web Creators to gain valuable insights and help from community members which will be valuable to their business. So, if you are a WordPress user & want to keep up with the latest industry news and get help for your business, \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">join us\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch3>Don’t Know Where to Getting Started? Start From Here –\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fsolutions\u002Farticles\u002F35000055512-how-do-i-set-up-a-malcare-account-\" rel=\"nofollow ugc\">How to Setup MalCare Account?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002FWordPressForWebCreators\u002F\" rel=\"nofollow ugc\">Join MalCare Facebook Group MalCare\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fchannel\u002FUC5oQAXXvndQJuyVrWgMRWqg\" rel=\"nofollow ugc\">MalCare Tutorial Videos\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Fhome\" rel=\"nofollow ugc\">User Help Documentations\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Ffaq\u002F\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcare.freshdesk.com\u002Fsupport\u002Ftickets\u002Fnew\" rel=\"nofollow ugc\">Support for MalCare Users\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MalCare vs. Others\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002Fblog\u002Fsucuri-vs-wordfence-vs-malcare\u002F\" rel=\"nofollow ugc\">MalCare vs Sucuri vs Wordfence by CodeinWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmayor.com\u002Fmalcare-sucuri-wordfence-sitelock-ithemes-security-comparison\u002F\" rel=\"nofollow ugc\">MalCare vs Sucuri vs Wordfence vs SiteLock vs iThemes Security by WPMayor\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Get Bulletproof Security for your WordPress site. WordPress security plugin packed with comprehensive Firewall, malware scanner, cleaner & more.",200000,17387894,86,519,"2026-01-29T13:26:00.000Z","4.0","7.0",[94,95,96,97,74],"firewall","malware-removal","malware-scanner","vulnerabilities","https:\u002F\u002Fwww.malcare.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmalcare-security.6.36.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":50,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":119,"download_link":120,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"jetpack-protect","Jetpack Protect","4.4.1","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>Free daily vulnerability scans & WordPress security, powered by WPScan (an Automattic brand) and its 60,000+ vulnerability database. No setup needed!\u003C\u002Fp>\n\u003Ch3>TOTAL SITE SECURITY FROM WORDPRESS EXPERTS\u003C\u002Fh3>\n\u003Cp>Jetpack Protect is a free and essential WordPress security plugin that scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats. It’s easy to use; setup requires just a few clicks!\u003C\u002Fp>\n\u003Cp>By upgrading Protect, you also unlock malware scanning with one-click fixes for most issues and instant notifications when threats are detected. Our automated Web Application Firewall (WAF) also protects your site from bad actors around the clock.\u003C\u002Fp>\n\u003Cp>Jetpack Protect is created by WordPress experts; our parent company Automattic is behind Jetpack, WordPress.com, WooCommerce, WPScan, and much more. There is no better company to understand the security needs of WordPress sites.\u003C\u002Fp>\n\u003Ch3>WHAT DOES JETPACK PROTECT (FREE) CHECK FOR?\u003C\u002Fh3>\n\u003Cp>Jetpack Protect scans your site on a daily basis and warns you about:\u003Cbr \u002F>\n– The version of WordPress installed, and any associated vulnerabilities\u003Cbr \u002F>\n– What plugins are installed, and any related vulnerabilities\u003Cbr \u002F>\n– What themes are installed, and any associated vulnerabilities\u003C\u002Fp>\n\u003Ch4>What are vulnerabilities? Why do I need to scan my site regularly?\u003C\u002Fh4>\n\u003Cp>Site vulnerabilities are flaws in a website’s code that weaken the site’s overall security. These can be introduced to a site in various ways, in most cases unintentionally.\u003C\u002Fp>\n\u003Cp>Some of the ways vulnerabilities can be introduced to a site are:\u003Cbr \u002F>\n– Poorly written site code\u003Cbr \u002F>\n– Plugin and theme bugs\u003Cbr \u002F>\n– WordPress version bugs\u003Cbr \u002F>\n– System misconfigurations\u003C\u002Fp>\n\u003Cp>If a bad actor detects a vulnerability on your site, they can exploit it to access sensitive information, update your site, and more to damage your business or brand.\u003C\u002Fp>\n\u003Cp>That’s why it’s essential to use a reputable and reliable vulnerability & malware site scanner like Jetpack Protect to safeguard your site.\u003C\u002Fp>\n\u003Ch4>Can I use Jetpack Scan to fix a site that is already infected?\u003C\u002Fh4>\n\u003Cp>Jetpack Protect (Scan) detects and prevents attacks, but is not designed to fully clean up sites infected before it was active. If your site has malware, take immediate action to clean it up and remove the malicious code.\u003C\u002Fp>\n\u003Cp>To clean up your site, we suggest using a malware removal tool, or if possible restore from a backup taken before the infection. We recommend using Jetpack VaultPress Backup in conjunction with Jetpack Scan to secure your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fjetpack.com\u002Fsupport\u002Fscan\u002Fhow-to-clean-your-hacked-wordpress-site\u002F\" rel=\"nofollow ugc\">Learn more about cleaning your site\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>BRUTE FORCE ATTACK PROTECTION\u003C\u002Fh3>\n\u003Cp>Jetpack Protect blocks unwanted login attempts from malicious botnets and distributed attacks.\u003C\u002Fp>\n\u003Ch4>Is my site under attack?\u003C\u002Fh4>\n\u003Cp>Brute force attacks are the most common form of hacking — and hackers don’t discriminate. As the most commonly used Content Management System on the web, WordPress sites make an attractive target for hackers looking to exploit code vulnerabilities unique to WordPress.\u003C\u002Fp>\n\u003Cp>Using large networks of computers known as botnets, hackers can try to gain access to your site by using thousands of different combinations of usernames and passwords until they find the right one.\u003C\u002Fp>\n\u003Cp>Recently, attackers have found a way to “amplify” these attacks against the WordPress XML-RPC file – making it easier for attackers to try and break into your site.\u003C\u002Fp>\n\u003Cp>WordPress brute force attacks can:\u003Cbr \u002F>\n– Slow down your site (or cause it to stop responding) because of repeated server requests.\u003Cbr \u002F>\n– Allow unauthorized access to your site for hackers to modify your code or insert spammy links.\u003Cbr \u002F>\n– Put your site content and data at risk.\u003C\u002Fp>\n\u003Cp>That’s where Jetpack Protect comes in. Our state-of-the-art security tools automatically block these attacks, protecting your WordPress site from unauthorized access.\u003C\u002Fp>\n\u003Cp>On average, Jetpack blocks 5,193 WordPress brute force attacks over a site’s lifetime. It allows you to protect yourself against both traditional brute force attacks and distributed brute force attacks that use many servers against your site.\u003C\u002Fp>\n\u003Ch3>UPGRADE PROTECT TO REMOVE MALWARE IN ONE CLICK AND BE PROTECTED BY OUR WAF\u003C\u002Fh3>\n\u003Cp>By upgrading Protect, you unlock total site security from WordPress experts:\u003Cbr \u002F>\n– Automated daily malware scanning in addition to vulnerability checks\u003Cbr \u002F>\n– One-click fixes for most issues\u003Cbr \u002F>\n– Web Application Firewall (WAF) with automatic rule updates\u003Cbr \u002F>\n– Instant email notifications when threats are detected\u003Cbr \u002F>\n– Priority support from WordPress experts\u003C\u002Fp>\n\u003Ch4>What is malware? Why do I need to protect against it?\u003C\u002Fh4>\n\u003Cp>Malware is malicious code or software that has been created by bad actors to disrupt, damage, or gain access to your site. There are many ways that malware can get onto your WordPress site. The most common method is through attackers using vulnerable plugins or themes to install malware.\u003C\u002Fp>\n\u003Cp>Similar to the vulnerabilities listed above, bad actors can use malware to capture sensitive information, damage your site, and harm your business or brand.\u003C\u002Fp>\n\u003Cp>Jetpack Protect instantly notifies you of any threats detected, with one-click fixes for most issues.\u003C\u002Fp>\n\u003Ch4>What is a Web Application Firewall (WAF)?\u003C\u002Fh4>\n\u003Cp>A web application firewall blocks traffic and malicious requests to your site from known bad actors.\u003C\u002Fp>\n\u003Cp>As threats are detected, new rules are added to Jetpack Protect’s firewall, which provides around-the-clock protection for your WordPress site.\u003C\u002Fp>\n\u003Ch3>OVER 53,500 REGISTERED VULNERABILITIES IN OUR DATABASE\u003C\u002Fh3>\n\u003Cp>WordPress security is something that evolves over time. Jetpack Protect leverages the extensive database of WPScan, an Automattic brand. All vulnerabilities are entered into our database by dedicated WordPress security professionals and updated constantly as new information becomes available.\u003C\u002Fp>\n\u003Ch3>JETPACK PROTECT IS EASY TO SETUP AND USE\u003C\u002Fh3>\n\u003Cp>There’s nothing to configure – the setup process is as easy as:\u003Cbr \u002F>\n1. Install and activate the plugin\u003Cbr \u002F>\n2. Set up it with one click.\u003C\u002Fp>\n\u003Cp>After you activate the plugin, Jetpack Protect will run daily automatic malware scans on your WordPress site and update you on vulnerabilities associated with your installed plugins, themes, and WordPress core.\u003C\u002Fp>\n\u003Ch3>WITH 💚 BY JETPACK\u003C\u002Fh3>\n\u003Cp>This is just the start!\u003C\u002Fp>\n\u003Cp>We are working hard to bring more features and improvements to Jetpack Protect. Let us know your thoughts and ideas!\u003C\u002Fp>\n\u003Ch3>FURTHER READING\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fjetpack.com\u002F\" rel=\"nofollow ugc\">Jetpack: Security, performance, and growth tools made for WordPress sites by the WordPress experts.\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>You can follow the \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fjetpack?lang=en\" rel=\"nofollow ugc\">Jetpack Twitter\u003C\u002Fa> account to catch up on our latest WordPress security recommendations and updates.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fjetpack.com\u002Fblog\u002Fcategory\u002Fsecurity\u002Fpage\u002F3\u002F\" rel=\"nofollow ugc\">WordPress Security: How to Protect Your Site From Hackers\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fjetpack.com\u002Fblog\u002Fshould-you-use-jetpack-for-wordpress-security\u002F\" rel=\"nofollow ugc\">Should You Use Jetpack for WordPress Security?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fjetpack.com\u002Fblog\u002Fjetpack-acquires-wordpress-vulnerability-database-wpscan\u002F#more-139339\" rel=\"nofollow ugc\">Jetpack Acquires WordPress Vulnerability Database WPScan\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Free daily vulnerability scans & WordPress security, powered by WPScan (an Automattic brand) and its 60,000+ vulnerability database. No setup needed!",100000,2292886,94,120,"2025-11-21T02:10:00.000Z","6.7","7.2",[20,116,117,118,22],"malware","protect","scan","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjetpack-protect","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjetpack-protect.4.4.1.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":50,"requires_at_least":134,"requires_php":92,"tags":135,"homepage":137,"download_link":138,"security_score":110,"vuln_count":139,"unpatched_count":28,"last_vuln_date":140,"fetched_at":30},"secupress","SecuPress with Simple SSL – Simple and Performant Security","2.6","SecuPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fsecupress\u002F","\u003Ch4>Test it now!\u003C\u002Fh4>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fsecupress\u002F\" rel=\"nofollow ugc\">test SecuPress Free now\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>YOU MADE IT, WE KEEP IT SAFE!\u003C\u002Fh4>\n\u003Cp>The most advanced WordPress Protection on the market. SecuPress is focused on WordPress attacks and Malwares, not just “usual web protections” like many.\u003C\u002Fp>\n\u003Cp>Protect your WordPress with malware scans ; block bots & suspicious IPs. Get a complete \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">WordPress security toolkit\u003C\u002Fa> for free or as a pro plugin. SecuPress is GDPR compliant.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What’s the difference between free and pro version?\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you are proactive, our free WordPress security plugin is a great choice! No time to activate weekly scans? Then \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002F\" rel=\"nofollow ugc\">SecuPress pro\u003C\u002Fa> is the way to go. Our plugin takes care of everything with automated tasks.\u003C\u002Fp>\n\u003Ch4>Here are some of our most popular features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Brute Force Login Protection\u003C\u002Fli>\n\u003Cli>Password Spraying Protection\u003C\u002Fli>\n\u003Cli>Firewall features\u003C\u002Fli>\n\u003Cli>Security alerts (1)\u003C\u002Fli>\n\u003Cli>Malware Scanner (1)\u003C\u002Fli>\n\u003Cli>Block country by geolocation (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>We have included some features you won’t find in most WordPress security plugins:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Protection of Security Keys\u003C\u002Fli>\n\u003Cli>Block visits from Bad Bots\u003C\u002Fli>\n\u003Cli>Vulnerable Plugins & Themes detection (1)\u003C\u002Fli>\n\u003Cli>Security Reports in PDF format (1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can check out \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffaq\u002F\" rel=\"nofollow ugc\">Frequently Asked Questions\u003C\u002Fa> or get in touch with our \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fsupport\u002F\" rel=\"nofollow ugc\">support\u003C\u002Fa>. Want to know all about SecuPress? You can read our documentation here: \u003Ca href=\"https:\u002F\u002Fdocs.secupress.me\" rel=\"nofollow ugc\">docs.secupress.me\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How will you know it works?\u003C\u002Fstrong>\u003Cbr \u002F>\nWell, we have a dedicated security scanner that will give you a clear security grade and report for your website. This way, you’ll know exactly what to fix.\u003C\u002Fp>\n\u003Ch4>WordPress Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Security Audit\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress is the only plugin with a full scanner able to fix the issues for you. And when it requires a decision from you, it will ask you before proceeding. With this feature, you can check 35 security points in 5 minutes and let us take care of the rest.\u003C\u002Fp>\n\u003Cp>Once done, you get a security grade that gives you a clear idea of what your security level is. You can export this analysis in PDF format to share with others (clients or colleagues) (1).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Users & Login\u003C\u002Fstrong>\u003Cbr \u002F>\nThis feature is the easiest way to make sure your users’ data is protected and to keep their accounts from being compromised. With this feature you can limit the number of bad login attempts, ban non-existing usernames login attempts and set a non-login time slot. SecuPress also makes sure you control the sessions of your users.\u003C\u002Fp>\n\u003Cp>SecuPress also adds a \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Fblog\u002Ftwo-factor-authentication\u002F\" rel=\"nofollow ugc\">2FA\u003C\u002Fa> (Two Factor Authentication) because it’s almost a mandatory feature when it comes to WordPress security!\u003C\u002Fp>\n\u003Cp>The plugin also gives you greater user and password control as you can set:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Password lifetimes for your users.\u003C\u002Fli>\n\u003Cli>Enforce strong password use.\u003C\u002Fli>\n\u003Cli>Forbid the use of vague usernames like www or admin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tired of bots finding your WordPress login page? Finally, don’t let bots find your login page, just move it with the famous Move Login plugin, now included in SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugins and Themes\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress helps you detect themes and plugins that are vulnerable or that have been tampered with to include malicious code. If you install one of these, your security module will send out an email alert and give you a warning in WordPress.\u003C\u002Fp>\n\u003Cp>SecuPress takes security further by limiting plugin activation, deactivation, installation and removal in your production (live) website. Plugin and theme uploads via .zip files will be on lockdown as well to block off this easy hacking route.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress reinforces the WordPress Core to keep it safe. The security plugin optimizes what’s under the hood to secure the config file by setting the proper parameters.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sensitive Data\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress secures content in many ways:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The plugin secures WordPress Endpoints and APIs by blocking bad requests for XML-RPC or REST API.\u003C\u002Fli>\n\u003Cli>It blocks bad bots with its Robots Blackhole feature.\u003C\u002Fli>\n\u003Cli>It provides an anti-hotlink feature to preserve your bandwidth.\u003C\u002Fli>\n\u003Cli>The plugin packs 7 anti-disclose security modules to make sure no precious information is available to hackers in your PHP or WordPress itself.\u003C\u002Fli>\n\u003Cli>Profile and SecuPress settings pages are password protected to keep sensitive information away from prying eyes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Firewall\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SecuPress is one of the most efficient WordPress bouncer you’ll ever see!\u003C\u002Fli>\n\u003Cli>The plugin blocks malicious incoming requests.\u003C\u002Fli>\n\u003Cli>It blocks bad User Agents (no bad crawlers allowed).\u003C\u002Fli>\n\u003Cli>Bad requests methods also get the boot in a single click.\u003C\u002Fli>\n\u003Cli>URLs are kept in check: no bad URL contents.\u003C\u002Fli>\n\u003Cli>SQL injection scanners are kept out as well.\u003C\u002Fli>\n\u003Cli>Brute force attempts are stopped in their tracks.\u003C\u002Fli>\n\u003Cli>GeoIP Blocking by country gives you more control over your traffic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Malware Scan\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress has a unique malware scan developed by our security experts. It hunts down bad files and provides you with an easy step-by-step report that lets you take action. It looks into:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bad files in your FTP.\u003C\u002Fli>\n\u003Cli>Your uploads folder for dangerous files.\u003C\u002Fli>\n\u003Cli>Potential phishing attempts via \u003Ccode>index.php\u003C\u002Fcode> loads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Backups\u003C\u002Fstrong>\u003Cbr \u002F>\nWe know firsthand how painful it is to pick up the pieces after an attack damages your WordPress. SecuPress preserves your data to help you avoid lost content or settings if your website comes under attack. The plugin backs up your database and files and lets you download them to guarantee you peace of mind.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Anti Spam\u003C\u002Fstrong>\u003Cbr \u002F>\nDid you know that 60% of the traffic on the Internet is generated by bots? Most of them happen to be spam bots. We developed our own anti-spam system that works quietly in the background. Just activate it and enjoy a spam free experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Alerts\u003C\u002Fstrong>\u003Cbr \u002F>\nAlerts are an essential tool when your website is under attack. When something important happens on your website, SecuPress will send you an alert via email. We’re working on alerts via SMS, Slack & Twitter as well.\u003C\u002Fp>\n\u003Cp>You also receive a daily report that provides a debrief of the attempted attack and all the activities blocked by SecuPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Security Tasks\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress can run 3 separate scheduled tasks for you. It’s like having a security patrol on your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Scheduled Scanner:\u003C\u002Fstrong> SecuPress scans your website to detect any issues. After the scan is complete, you get a report in your inbox outlining any actions you have to take to protect your website.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Backup:\u003C\u002Fstrong> our team knows that everyone at one time or another forgets to back things up. We made it an automatic task to help ensure you always can recover from an attack with your content safe.\u003Cbr \u002F>\n\u003Cstrong>Scheduled Malware Scan:\u003C\u002Fstrong> this security feature scans your website at regular intervals to hunt down any malware that may have gotten into your WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Logs\u003C\u002Fstrong>\u003Cbr \u002F>\nSecuPress will keep a log of important security activities and 404 pages triggered by users, bots or even Chuck Norris. This lets you keep an eye on what’s going on in your WordPress at any time. You can also control banned IPs from this option.\u003C\u002Fp>\n\u003Cp>\u003Cem>(1) Available in the \u003Ca href=\"https:\u002F\u002Fsecupress.me\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Pro Version\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cem>(SecuPress est une extension de sécurité WordPress française)\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>Create a trust score for each non WP file and displays it\u003Cbr \u002F>\nCreate a “suspicious” status for alerts\u003Cbr \u002F>\nRevamp alerts\u003Cbr \u002F>\nRevamp logs\u003Cbr \u002F>\nAdd http logs\u003Cbr \u002F>\nPHP 8.O min\u003Cbr \u002F>\nreplace %s by ###USERNAME### in emails\u003Cbr \u002F>\n.htaccess scanner\u003Cbr \u002F>\nlogin rest disclose scanner\u003Cbr \u002F>\nmove EDD updater+white label into a mu to allow upgrade+rollback even with plugin deactivated\u003Cbr \u002F>\ngive possibility to rename logins\u003Cbr \u002F>\ntarget=”_blank” on doc links\u003Cbr \u002F>\nAI Scanner\u003Cbr \u002F>\nImprove malware scanner, again\u003C\u002Fp>\n","Protect your WordPress with SecuPress, analyze and ensure the safety of your website daily.",40000,1194523,82,108,"2026-01-16T10:56:00.000Z","5.4",[116,22,136,74],"security-plugin","https:\u002F\u002Fsecupress.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecupress.2.6.zip",6,"2025-04-28 00:00:00",{"attackSurface":142,"codeSignals":184,"taintFlows":191,"riskAssessment":218,"analyzedAt":223},{"hooks":143,"ajaxHandlers":167,"restRoutes":181,"shortcodes":182,"cronEvents":183,"entryPointCount":177,"unprotectedCount":28},[144,150,156,161,163],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_enqueue_scripts","xmlrpcld_enqueue_admin_assets","includes\\admin.php",201,{"type":151,"name":152,"callback":153,"file":154,"line":155},"filter","xmlrpc_enabled","xmlrpcld_block_xmlrpc","includes\\block-logic.php",61,{"type":145,"name":157,"callback":158,"file":159,"line":160},"admin_menu","xmlrpcld_add_admin_page","xmlrpclockdown.php",25,{"type":145,"name":146,"callback":147,"file":159,"line":162},26,{"type":145,"name":164,"callback":165,"file":159,"line":166},"init","xmlrpcld_init",29,[168,174,178],{"action":169,"nopriv":170,"callback":171,"hasNonce":172,"hasCapCheck":170,"file":173,"line":33},"save_allowed_plugins",false,"xmlrpcld_save_allowed_plugins",true,"includes\\ajax.php",{"action":175,"nopriv":170,"callback":176,"hasNonce":172,"hasCapCheck":170,"file":173,"line":177},"add_custom_allowance","xmlrpcld_add_custom_allowance",3,{"action":179,"nopriv":170,"callback":180,"hasNonce":172,"hasCapCheck":170,"file":173,"line":48},"remove_custom_allowance","xmlrpcld_remove_custom_allowance",[],[],[],{"dangerousFunctions":185,"sqlUsage":186,"outputEscaping":188,"fileOperations":28,"externalRequests":28,"nonceChecks":177,"capabilityChecks":28,"bundledLibraries":190},[],{"prepared":28,"raw":28,"locations":187},[],{"escaped":67,"rawEcho":28,"locations":189},[],[],[192,210],{"entryPoint":193,"graph":194,"unsanitizedCount":28,"severity":209},"xmlrpcld_save_allowed_plugins (includes\\ajax.php:6)",{"nodes":195,"edges":207},[196,201],{"id":197,"type":198,"label":199,"file":173,"line":200},"n0","source","$_POST",11,{"id":202,"type":203,"label":204,"file":173,"line":205,"wp_function":206},"n1","sink","update_option() [Settings Manipulation]",12,"update_option",[208],{"from":197,"to":202,"sanitized":172},"low",{"entryPoint":211,"graph":212,"unsanitizedCount":28,"severity":209},"\u003Cajax> (includes\\ajax.php:0)",{"nodes":213,"edges":216},[214,215],{"id":197,"type":198,"label":199,"file":173,"line":200},{"id":202,"type":203,"label":204,"file":173,"line":205,"wp_function":206},[217],{"from":197,"to":202,"sanitized":172},{"summary":219,"deductions":220},"The xmlrpc-lockdown plugin version 2.0 exhibits a strong security posture based on the provided static analysis. All identified entry points, including AJAX handlers, are protected by nonce checks. The code adheres to best practices by exclusively using prepared statements for SQL queries and properly escaping all output, indicating a robust defense against common injection vulnerabilities. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, and critical or high-severity taint flows suggests careful coding and a minimal attack surface.\n\nThe plugin's vulnerability history is also commendable, with zero known CVEs. This, combined with the clean static analysis, implies a well-maintained and secure codebase that has not historically been a target for exploitation or has effectively mitigated potential risks. The lack of any recorded vulnerabilities, regardless of severity, is a significant positive indicator.\n\nIn conclusion, xmlrpc-lockdown v2.0 appears to be a secure plugin. Its strengths lie in its adherence to fundamental WordPress security practices, such as proper nonce and output sanitization, and its clean vulnerability history. While the absence of capability checks on AJAX handlers could theoretically be a minor concern in highly complex scenarios, the presence of nonce checks significantly mitigates this risk. Overall, the plugin presents a low-risk profile.",[221],{"reason":222,"points":67},"Missing capability checks on AJAX handlers","2026-03-16T21:26:55.087Z",{"wat":225,"direct":234},{"assetPaths":226,"generatorPatterns":229,"scriptPaths":230,"versionParams":231},[227,228],"\u002Fwp-content\u002Fplugins\u002Fxmlrpc-lockdown\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fxmlrpc-lockdown\u002Fjs\u002Fadmin.js",[],[228],[232,233],"xmlrpc-lockdown\u002Fcss\u002Fadmin.css?ver=","xmlrpc-lockdown\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":235,"htmlComments":237,"htmlAttributes":238,"restEndpoints":239,"jsGlobals":240,"shortcodeOutput":242},[236],"checkbox-grid",[],[],[],[241],"xmlrpcld_allowed_plugins_nonce",[]]