Saad Iqbal

@saadiqbal · wordpress.org profile ↗

Member since: 2014-12-28
Location: Dubai
Employer: WPExperts.io
Job title: Founder
Authored: 88 (7 closed)
SVN commit access: 2
Readme contributor: 0
Combined install base: 1.3M+ across 88 plugins

Alerts (0)

No open alerts.

Show 24 resolved alerts

Critical forum_complaint_cluster New User Approve Resolved · out_of_scope_vuln_class_cve 21d ago

Slug new-user-approve

Active installs 20,000

Critical matches 1

High matches 0

Lookback days 90

Sample threads

Title	Date	Url	Starter	Keyword
`Plugin Security Risks (CSRF)`	2026-02-03 22:23:12	https://wordpress.org/support/topic/plugin-security-risks-csrf/	`orbitmedia`	`backdoor`

Explanation Cluster of support-forum threads in the last 90 days containing user-reported attack vocabulary. Critical when any thread mentions explicit compromise terms (hacked / backdoor / admin user added); high when two or more mention symptom-class terms (redirect to spam / vendor alerts).

View raw JSON

{
    "slug": "new-user-approve",
    "active_installs": 20000,
    "critical_matches": 1,
    "high_matches": 0,
    "lookback_days": 90,
    "sample_threads": [
        {
            "title": "Plugin Security Risks (CSRF)",
            "date": "2026-02-03 22:23:12",
            "url": "https://wordpress.org/support/topic/plugin-security-risks-csrf/",
            "starter": "orbitmedia",
            "keyword": "backdoor"
        }
    ],
    "explanation": "Cluster of support-forum threads in the last 90 days containing user-reported attack vocabulary. Critical when any thread mentions explicit compromise terms (hacked / backdoor / admin user added); high when two or more mention symptom-class terms (redirect to spam / vendor alerts)."
}

Critical code_pattern Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Resolved · no_longer_matches 28d ago

Slug	post-smtp
Pattern	`unserialize_after_remote_call`
Kind	`builtin`
Version	`3.9.1`
Hit count	3
First hit	File `includes/libs/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php` Line 73 Snippet L73: return unserialize(file_get_contents($file)); → L73: return unserialize(file_get_contents($file));
Explanation	a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak.

View raw JSON

{
    "slug": "post-smtp",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "3.9.1",
    "hit_count": 3,
    "first_hit": {
        "file": "includes/libs/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php",
        "line": 73,
        "snippet": "L73: return unserialize(file_get_contents($file));  \u2192  L73: return unserialize(file_get_contents($file));"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}

Critical code_scan_delta Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Resolved · fp_vendored_library_local_cache 28d ago

Slug post-smtp

Previous version 3.9.1

Current version 3.9.1

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`unserialize_after_remote_call`	`builtin`	`includes/libs/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php`	73	L73: return unserialize(file_get_contents($file)); → L73: return unserialize(file_get_contents($file));	`high`
`unserialize_after_remote_call`	`builtin`	`includes/libs/HTMLPurifier/HTMLPurifier/ConfigSchema.php`	72	L71: $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/sc → L72: $r = unserialize($contents);	`high`
`unserialize_after_remote_call`	`builtin`	`includes/libs/HTMLPurifier/HTMLPurifier/EntityLookup.php`	26	L26: $this->table = unserialize(file_get_contents($file)); → L26: $this->table = unserialize(file_get_contents($file));	`high`

New finding count 3

View raw JSON

{
    "slug": "post-smtp",
    "previous_version": "3.9.1",
    "current_version": "3.9.1",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/libs/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php",
            "line": 73,
            "snippet": "L73: return unserialize(file_get_contents($file));  \u2192  L73: return unserialize(file_get_contents($file));",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/libs/HTMLPurifier/HTMLPurifier/ConfigSchema.php",
            "line": 72,
            "snippet": "L71: $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/sc  \u2192  L72: $r = unserialize($contents);",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/libs/HTMLPurifier/HTMLPurifier/EntityLookup.php",
            "line": 26,
            "snippet": "L26: $this->table = unserialize(file_get_contents($file));  \u2192  L26: $this->table = unserialize(file_get_contents($file));",
            "confidence": "high"
        }
    ],
    "new_finding_count": 3
}

Critical domain_younger_than_plugin CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7 Resolved · no_longer_matches 28d ago

Slug	contact-form-7-honeypot
Domain	`cf7apps.com`
Domain source	`plugin_uri`
Domain registered at	2024-11-28
Plugin earliest commit	2011-06-28 12:09:39
Plugin latest release	2026-04-23 05:02:22
Gap days	4,901
Domain age at release	511
Active installs	300,000

View raw JSON

{
    "slug": "contact-form-7-honeypot",
    "domain": "cf7apps.com",
    "domain_source": "plugin_uri",
    "domain_registered_at": "2024-11-28",
    "plugin_earliest_commit": "2011-06-28 12:09:39",
    "plugin_latest_release": "2026-04-23 05:02:22",
    "gap_days": 4901,
    "domain_age_at_release": 511,
    "active_installs": 300000
}

High code_scan_match WP Contact Slider – Contact Form Slider Widget Resolved · code_scan_fp_class_vendor_cdn_enqueue 17d ago

Slug wp-contact-slider

Finding count 10

Findings

Pattern	Kind	File	Line	Snippet	Confidence
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/slider.php`	17	wp_enqueue_style( 'jquery-ui-core', "{$url}/jquery.ui.core.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/slider.php`	18	wp_enqueue_style( 'jquery-ui-theme', "{$url}/jquery.ui.theme.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/slider.php`	19	wp_enqueue_style( 'jquery-ui-slider', "{$url}/jquery.ui.slider.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	58	wp_register_style( 'jquery-ui-core', "$url/jquery.ui.core.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	59	wp_register_style( 'jquery-ui-theme', "$url/jquery.ui.theme.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	60	wp_register_style( 'jquery-ui-datepicker', "$url/jquery.ui.datepicker.css", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	63	wp_register_style( 'jquery-ui-slider', "$url/jquery.ui.slider.css", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	64	wp_register_style( 'jquery-ui-timepicker', "$url/jquery-ui-timepicker-addon.min.css", array( 'rwmb-date', 'jquery-ui-slider' ), '1.5.0' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	67	wp_register_script( 'jquery-ui-timepicker', "$url/jquery-ui-timepicker-addon.min.js", array( 'jquery-ui-datepicker', 'jquery-ui-slider' ), '1.5.0', true );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	68	wp_register_script( 'jquery-ui-timepicker-i18n', "$url/jquery-ui-timepicker-addon-i18n.min.js", array( 'jquery-ui-timepicker' ), '1.5.0', true );	`medium`

Resolved sha ccd2938043e5488dc09561275d36b47baa1de928

View raw JSON

{
    "slug": "wp-contact-slider",
    "finding_count": 10,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/slider.php",
            "line": 17,
            "snippet": "wp_enqueue_style( 'jquery-ui-core', \"{$url}/jquery.ui.core.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/slider.php",
            "line": 18,
            "snippet": "wp_enqueue_style( 'jquery-ui-theme', \"{$url}/jquery.ui.theme.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/slider.php",
            "line": 19,
            "snippet": "wp_enqueue_style( 'jquery-ui-slider', \"{$url}/jquery.ui.slider.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 58,
            "snippet": "wp_register_style( 'jquery-ui-core', \"$url/jquery.ui.core.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 59,
            "snippet": "wp_register_style( 'jquery-ui-theme', \"$url/jquery.ui.theme.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 60,
            "snippet": "wp_register_style( 'jquery-ui-datepicker', \"$url/jquery.ui.datepicker.css\", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 63,
            "snippet": "wp_register_style( 'jquery-ui-slider', \"$url/jquery.ui.slider.css\", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 64,
            "snippet": "wp_register_style( 'jquery-ui-timepicker', \"$url/jquery-ui-timepicker-addon.min.css\", array( 'rwmb-date', 'jquery-ui-slider' ), '1.5.0' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 67,
            "snippet": "wp_register_script( 'jquery-ui-timepicker', \"$url/jquery-ui-timepicker-addon.min.js\", array( 'jquery-ui-datepicker', 'jquery-ui-slider' ), '1.5.0', true );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 68,
            "snippet": "wp_register_script( 'jquery-ui-timepicker-i18n', \"$url/jquery-ui-timepicker-addon-i18n.min.js\", array( 'jquery-ui-timepicker' ), '1.5.0', true );",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "ccd2938043e5488dc09561275d36b47baa1de928"
}

High code_scan_match All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more. Resolved · code_scan_fp_class_vendor_cdn_enqueue 17d ago

Slug change-wp-admin-login

Finding count 2

Findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`includes/google-recaptcha/class-google-recaptcha.php`	201	wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js', array(), null, true);	`medium`	Url https://google.com/recaptcha/api.js Url host `google.com`
`remote_enqueue`	`builtin`	`includes/google-recaptcha/class-google-recaptcha.php`	206	wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js?render=' . $this->site_key, array(), null, true);	`medium`	Url https://google.com/recaptcha/api.js?render= Url host `google.com`

Resolved sha e49cf93b80e23683f87b526f37d67f2b39655a6e

View raw JSON

{
    "slug": "change-wp-admin-login",
    "finding_count": 2,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/google-recaptcha/class-google-recaptcha.php",
            "line": 201,
            "snippet": "wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js', array(), null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://google.com/recaptcha/api.js",
                "url_host": "google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/google-recaptcha/class-google-recaptcha.php",
            "line": 206,
            "snippet": "wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js?render=' . $this->site_key, array(), null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://google.com/recaptcha/api.js?render=",
                "url_host": "google.com"
            }
        }
    ],
    "resolved_sha": "e49cf93b80e23683f87b526f37d67f2b39655a6e"
}

High code_scan_match Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content Resolved · code_scan_fp_class_vendor_cdn_enqueue 17d ago

Slug password-protected

Finding count 2

Findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`admin/class-recaptcha.php`	490	wp_enqueue_script( 'pp-recaptcha-api-v2', esc_url( 'https://www.google.com/recaptcha/api.js' ), array(), null );	`medium`	Url https://www.google.com/recaptcha/api.js Url host `www.google.com`
`remote_enqueue`	`builtin`	`admin/class-recaptcha.php`	543	wp_enqueue_script( 'recaptcha-api-v3', ( 'https://www.google.com/recaptcha/api.js?onload=pprecaptcha&render=' . esc_attr( $grecaptcha_v3_site_key ) . '&badge=' . esc_attr( $grecaptcha_v3_badge ) ),	`medium`	Url https://www.google.com/recaptcha/api.js?onload=pprecaptcha&render= Url host `www.google.com`

Resolved sha 0ff2111d097e3582f32d47ab153bb1e849b5ea8b

View raw JSON

{
    "slug": "password-protected",
    "finding_count": 2,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "admin/class-recaptcha.php",
            "line": 490,
            "snippet": "wp_enqueue_script( 'pp-recaptcha-api-v2', esc_url( 'https://www.google.com/recaptcha/api.js' ), array(), null );",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js",
                "url_host": "www.google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "admin/class-recaptcha.php",
            "line": 543,
            "snippet": "wp_enqueue_script( 'recaptcha-api-v3', ( 'https://www.google.com/recaptcha/api.js?onload=pprecaptcha&render=' . esc_attr( $grecaptcha_v3_site_key ) . '&badge=' . esc_attr( $grecaptcha_v3_badge ) ),",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js?onload=pprecaptcha&render=",
                "url_host": "www.google.com"
            }
        }
    ],
    "resolved_sha": "0ff2111d097e3582f32d47ab153bb1e849b5ea8b"
}

High code_scan_delta WP Contact Slider – Contact Form Slider Widget Resolved · false_positive_cdn_known_good 22d ago

Slug wp-contact-slider

Previous version 2.5.4

Current version 2.5.4

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	58	wp_register_style( 'jquery-ui-core', "$url/jquery.ui.core.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	59	wp_register_style( 'jquery-ui-theme', "$url/jquery.ui.theme.css", array(), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	60	wp_register_style( 'jquery-ui-datepicker', "$url/jquery.ui.datepicker.css", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	63	wp_register_style( 'jquery-ui-slider', "$url/jquery.ui.slider.css", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	64	wp_register_style( 'jquery-ui-timepicker', "$url/jquery-ui-timepicker-addon.min.css", array( 'rwmb-date', 'jquery-ui-slider' ), '1.5.0' );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	67	wp_register_script( 'jquery-ui-timepicker', "$url/jquery-ui-timepicker-addon.min.js", array( 'jquery-ui-datepicker', 'jquery-ui-slider' ), '1.5.0', true );	`medium`
`remote_enqueue`	`builtin`	`inc/meta-box/inc/fields/datetime.php`	68	wp_register_script( 'jquery-ui-timepicker-i18n', "$url/jquery-ui-timepicker-addon-i18n.min.js", array( 'jquery-ui-timepicker' ), '1.5.0', true );	`medium`

New finding count 7

View raw JSON

{
    "slug": "wp-contact-slider",
    "previous_version": "2.5.4",
    "current_version": "2.5.4",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 58,
            "snippet": "wp_register_style( 'jquery-ui-core', \"$url/jquery.ui.core.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 59,
            "snippet": "wp_register_style( 'jquery-ui-theme', \"$url/jquery.ui.theme.css\", array(), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 60,
            "snippet": "wp_register_style( 'jquery-ui-datepicker', \"$url/jquery.ui.datepicker.css\", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 63,
            "snippet": "wp_register_style( 'jquery-ui-slider', \"$url/jquery.ui.slider.css\", array( 'jquery-ui-core', 'jquery-ui-theme' ), '1.8.17' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 64,
            "snippet": "wp_register_style( 'jquery-ui-timepicker', \"$url/jquery-ui-timepicker-addon.min.css\", array( 'rwmb-date', 'jquery-ui-slider' ), '1.5.0' );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 67,
            "snippet": "wp_register_script( 'jquery-ui-timepicker', \"$url/jquery-ui-timepicker-addon.min.js\", array( 'jquery-ui-datepicker', 'jquery-ui-slider' ), '1.5.0', true );",
            "confidence": "medium"
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "inc/meta-box/inc/fields/datetime.php",
            "line": 68,
            "snippet": "wp_register_script( 'jquery-ui-timepicker-i18n', \"$url/jquery-ui-timepicker-addon-i18n.min.js\", array( 'jquery-ui-timepicker' ), '1.5.0', true );",
            "confidence": "medium"
        }
    ],
    "new_finding_count": 7
}

High code_scan_delta All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more. Resolved · false_positive_cdn_known_good 22d ago

Slug change-wp-admin-login

Previous version 2.1.1

Current version 2.1.1

New findings

Pattern	Kind	File	Line	Snippet	Confidence	Details
`remote_enqueue`	`builtin`	`includes/google-recaptcha/class-google-recaptcha.php`	186	wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js', array(), null, true);	`medium`	Url https://google.com/recaptcha/api.js Url host `google.com`
`remote_enqueue`	`builtin`	`includes/google-recaptcha/class-google-recaptcha.php`	191	wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js?render=' . $this->site_key, array(), null, true);	`medium`	Url https://google.com/recaptcha/api.js?render= Url host `google.com`

New finding count 2

View raw JSON

{
    "slug": "change-wp-admin-login",
    "previous_version": "2.1.1",
    "current_version": "2.1.1",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/google-recaptcha/class-google-recaptcha.php",
            "line": 186,
            "snippet": "wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js', array(), null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://google.com/recaptcha/api.js",
                "url_host": "google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/google-recaptcha/class-google-recaptcha.php",
            "line": 191,
            "snippet": "wp_register_script('aio-login-g-recaptcha', 'https://google.com/recaptcha/api.js?render=' . $this->site_key, array(), null, true);",
            "confidence": "medium",
            "details": {
                "url": "https://google.com/recaptcha/api.js?render=",
                "url_host": "google.com"
            }
        }
    ],
    "new_finding_count": 2
}

High committer_younger_than_plugin CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7 Resolved · benign_company_employee 25d ago

Slug	contact-form-7-honeypot
Committer slug	`nocean`
Committer display name	`Ryan`
Committer employer	—
Committer member since	2019-09-19
Committer first commit	2020-05-20 14:56:40
Committer commit count	40
Plugin listed author	`saadiqbal`
Earliest plugin commit	2011-06-28 12:09:39
Plugin age at join days	3,249
Committer age at join days	244
Active installs	300,000

View raw JSON

{
    "slug": "contact-form-7-honeypot",
    "committer_slug": "nocean",
    "committer_display_name": "Ryan",
    "committer_employer": null,
    "committer_member_since": "2019-09-19",
    "committer_first_commit": "2020-05-20 14:56:40",
    "committer_commit_count": 40,
    "plugin_listed_author": "saadiqbal",
    "earliest_plugin_commit": "2011-06-28 12:09:39",
    "plugin_age_at_join_days": 3249,
    "committer_age_at_join_days": 244,
    "active_installs": 300000
}

Medium code_scan_match Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution Resolved · code_scan_fp_class_genre_encoding 17d ago

Slug file-manager-advanced

Finding count 15

Findings

Pattern	Kind	File	Line	Snippet	Confidence
`base64_decode`	`builtin`	`application/library/php/elFinderVolumeDriver.class.php`	2,828	`$content = base64_decode(substr($content, strlen($m[0])));`	`medium`
`base64_decode`	`builtin`	`application/library/php/elFinderVolumeDriver.class.php`	3,951	`$h = base64_decode(strtr($h, '-_.', '+/='));`	`medium`
`base64_decode`	`builtin`	`application/library/php/elFinder.class.php`	2,007	`$src = base64_decode($file['file']);`	`medium`
`base64_decode`	`builtin`	`application/library/php/elFinder.class.php`	2,918	`$data = base64_decode(substr($str, strlen($m[0])));`	`medium`
`base64_decode`	`builtin`	`application/library/php/elFinder.class.php`	4,793	`$data = unserialize(base64_decode($var));`	`medium`
`base64_decode`	`builtin`	`application/library/php/elFinderSession.php`	205	`if (($data = base64_decode($data)) !== false) {`	`medium`
`eval_call`	`builtin`	`application/class_fma_pure_php_validator.php`	346	`@eval( $safe_code );`	`medium`
`eval_call`	`builtin`	`application/svg-sanitizer/includes/phpunit/php-code-coverage/src/Filter.php`	111	`\strpos($filename, 'eval()\'d code') !== false \|\|`	`medium`
`eval_call`	`builtin`	`application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/TestCase.php`	1,893	`eval(`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php	1,158	`eval(self::MOCKED_CLONE_METHOD_WITH_VOID_RETURN_TYPE_TRAIT);`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php	1,165	`eval(self::MOCKED_CLONE_METHOD_WITHOUT_RETURN_TYPE_TRAIT);`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php	1,175	`eval(self::UNMOCKED_CLONE_METHOD_WITH_VOID_RETURN_TYPE_TRAIT);`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php	1,182	`eval(self::UNMOCKED_CLONE_METHOD_WITHOUT_RETURN_TYPE_TRAIT);`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/MockTrait.php	38	`eval($this->classCode);`	`medium`
`eval_call`	`builtin`	application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/MockClass.php	45	`eval($this->classCode);`	`medium`

Resolved sha 91df8b25be7e4cb134035ccd0fa08cc6887e78db

View raw JSON

{
    "slug": "file-manager-advanced",
    "finding_count": 15,
    "findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinderVolumeDriver.class.php",
            "line": 2828,
            "snippet": "$content = base64_decode(substr($content, strlen($m[0])));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinderVolumeDriver.class.php",
            "line": 3951,
            "snippet": "$h = base64_decode(strtr($h, '-_.', '+/='));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinder.class.php",
            "line": 2007,
            "snippet": "$src = base64_decode($file['file']);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinder.class.php",
            "line": 2918,
            "snippet": "$data = base64_decode(substr($str, strlen($m[0])));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinder.class.php",
            "line": 4793,
            "snippet": "$data = unserialize(base64_decode($var));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "application/library/php/elFinderSession.php",
            "line": 205,
            "snippet": "if (($data = base64_decode($data)) !== false) {",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/class_fma_pure_php_validator.php",
            "line": 346,
            "snippet": "@eval( $safe_code );",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/php-code-coverage/src/Filter.php",
            "line": 111,
            "snippet": "\\strpos($filename, 'eval()\\'d code') !== false ||",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/TestCase.php",
            "line": 1893,
            "snippet": "eval(",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php",
            "line": 1158,
            "snippet": "eval(self::MOCKED_CLONE_METHOD_WITH_VOID_RETURN_TYPE_TRAIT);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php",
            "line": 1165,
            "snippet": "eval(self::MOCKED_CLONE_METHOD_WITHOUT_RETURN_TYPE_TRAIT);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php",
            "line": 1175,
            "snippet": "eval(self::UNMOCKED_CLONE_METHOD_WITH_VOID_RETURN_TYPE_TRAIT);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/Generator.php",
            "line": 1182,
            "snippet": "eval(self::UNMOCKED_CLONE_METHOD_WITHOUT_RETURN_TYPE_TRAIT);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/MockTrait.php",
            "line": 38,
            "snippet": "eval($this->classCode);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "application/svg-sanitizer/includes/phpunit/phpunit/src/Framework/MockObject/MockClass.php",
            "line": 45,
            "snippet": "eval($this->classCode);",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "91df8b25be7e4cb134035ccd0fa08cc6887e78db"
}

Medium code_scan_match Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Resolved · code_scan_fp_class_genre_encoding 17d ago

Slug post-smtp

Finding count 43

Findings

Pattern	Kind	File	Line	Snippet	Confidence
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,525	$access_key_id = isset( $this->options_array[ PostSMTPSES\PostSmtpAmazonSesTransport::OPTION_ACCESS_KEY_ID ] ) ? base64_decode( $this->options_array[ PostSMTPSES\PostSmtpAmazonSesTransport::OP	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,526	$access_key_secret = isset( $this->options_array[ PostSMTPSES\PostSmtpAmazonSesTransport::OPTION_SECRET_ACCESS_KEY ] ) ? base64_decode( $this->options_array[ PostSMTPSES\PostSmtpAmazonSesTrans	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,572	$app_client_id = isset( $options['office365_app_id'] ) ? base64_decode( $options['office365_app_id'] ) : '';	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,573	$app_client_secret = isset( $options['office365_app_password'] ) ? base64_decode( $options['office365_app_password'] ) : '';	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,804	$client_secret = isset( $this->options_array[ ZohoMailPostSMTP\ZohoMailTransport::OPTION_CLIENT_SECRET ] ) ? base64_decode( $this->options_array[ ZohoMailPostSMTP\ZohoMailTransport::OPTION_CLI	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,943	$sanitized['slack_token'] = base64_decode( isset( $options['slack_token'] ) ? $options['slack_token'] : '' );	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,944	$sanitized['pushover_user'] = base64_decode( isset( $options['pushover_user'] ) ? $options['pushover_user'] : '' );	`medium`
`base64_decode`	`builtin`	`Postman/Wizard/NewWizard.php`	1,945	$sanitized['pushover_token'] = base64_decode( isset( $options['pushover_token'] ) ? $options['pushover_token'] : '' );	`medium`
`base64_decode`	`builtin`	`Postman/Postman-Mail/libs/vendor_prefixed/google/apiclient/src/Client.php`	455	`$payload = \json_decode(\base64_decode($parts[1]), \true);`	`medium`
`hex_string_long`	`builtin`	`Postman/Postman-Mail/Zend-1.12.10/Mime.php`	399	"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x7F\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8A\x8B\x8C\x8D\x8	`medium`
`base64_decode`	`builtin`	`Postman/Postman-Mail/Zend-1.12.10/Mail/Protocol/Smtp/Auth/Crammd5.php`	76	`$challenge = base64_decode($challenge);`	`medium`
`base64_decode`	`builtin`	`Postman/PostmanEmailLogs.php`	212	`$decoded = base64_decode( trim( $part_body ), true );`	`medium`
`base64_decode`	`builtin`	`Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php`	42	`return base64_decode( $this->options [ self::PUSHOVER_USER ] );`	`medium`
`base64_decode`	`builtin`	`Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php`	48	`return base64_decode( $this->options [ self::PUSHOVER_TOKEN ] );`	`medium`
`base64_decode`	`builtin`	`Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php`	54	`return base64_decode( $this->options [ self::SLACK_TOKEN ] );`	`medium`

Resolved sha 1e12571330485faf037da754e7673ce70d81b353

View raw JSON

{
    "slug": "post-smtp",
    "finding_count": 43,
    "findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1525,
            "snippet": "$access_key_id = isset( $this->options_array[ PostSMTPSES\\PostSmtpAmazonSesTransport::OPTION_ACCESS_KEY_ID ] ) ? base64_decode( $this->options_array[ PostSMTPSES\\PostSmtpAmazonSesTransport::OP",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1526,
            "snippet": "$access_key_secret = isset( $this->options_array[ PostSMTPSES\\PostSmtpAmazonSesTransport::OPTION_SECRET_ACCESS_KEY ] ) ? base64_decode( $this->options_array[ PostSMTPSES\\PostSmtpAmazonSesTrans",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1572,
            "snippet": "$app_client_id = isset( $options['office365_app_id'] ) ? base64_decode( $options['office365_app_id'] ) : '';",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1573,
            "snippet": "$app_client_secret = isset( $options['office365_app_password'] ) ? base64_decode( $options['office365_app_password'] ) : '';",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1804,
            "snippet": "$client_secret = isset( $this->options_array[ ZohoMailPostSMTP\\ZohoMailTransport::OPTION_CLIENT_SECRET ] ) ? base64_decode( $this->options_array[ ZohoMailPostSMTP\\ZohoMailTransport::OPTION_CLI",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1943,
            "snippet": "$sanitized['slack_token'] = base64_decode( isset( $options['slack_token'] ) ? $options['slack_token'] : '' );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1944,
            "snippet": "$sanitized['pushover_user'] = base64_decode( isset( $options['pushover_user'] ) ? $options['pushover_user'] : '' );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Wizard/NewWizard.php",
            "line": 1945,
            "snippet": "$sanitized['pushover_token'] = base64_decode( isset( $options['pushover_token'] ) ? $options['pushover_token'] : '' );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Postman-Mail/libs/vendor_prefixed/google/apiclient/src/Client.php",
            "line": 455,
            "snippet": "$payload = \\json_decode(\\base64_decode($parts[1]), \\true);",
            "confidence": "medium"
        },
        {
            "pattern": "hex_string_long",
            "kind": "builtin",
            "file": "Postman/Postman-Mail/Zend-1.12.10/Mime.php",
            "line": 399,
            "snippet": "\"\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\\x08\\x09\\x0A\\x0B\\x0C\\x0D\\x0E\\x0F\\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17\\x18\\x19\\x1A\\x1B\\x1C\\x1D\\x1E\\x1F\\x7F\\x80\\x81\\x82\\x83\\x84\\x85\\x86\\x87\\x88\\x89\\x8A\\x8B\\x8C\\x8D\\x8",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Postman-Mail/Zend-1.12.10/Mail/Protocol/Smtp/Auth/Crammd5.php",
            "line": 76,
            "snippet": "$challenge = base64_decode($challenge);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/PostmanEmailLogs.php",
            "line": 212,
            "snippet": "$decoded = base64_decode( trim( $part_body ), true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php",
            "line": 42,
            "snippet": "return base64_decode( $this->options [ self::PUSHOVER_USER ] );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php",
            "line": 48,
            "snippet": "return base64_decode( $this->options [ self::PUSHOVER_TOKEN ] );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "Postman/Extensions/Core/Notifications/PostmanNotifyOptions.php",
            "line": 54,
            "snippet": "return base64_decode( $this->options [ self::SLACK_TOKEN ] );",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "1e12571330485faf037da754e7673ce70d81b353"
}

Low contributor_added myCred Rank Plus Resolved · cold_start_fp_first_observation 17d ago

Slug	mycred-rank-plus
New contributors	`saadiqbal`
Active installs	20

View raw JSON

{
    "slug": "mycred-rank-plus",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 20
}

Low contributor_added myCred for BuddyPress Compliments Resolved · cold_start_fp_first_observation 17d ago

Slug	mycred-for-buddypress-compliments
New contributors	`saadiqbal`
Active installs	20

View raw JSON

{
    "slug": "mycred-for-buddypress-compliments",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 20
}

Low plugin_closed myCred for BuddyPress Compliments Resolved · fp:author_request_closure 20d ago

Slug	mycred-for-buddypress-compliments
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	20

View raw JSON

{
    "slug": "mycred-for-buddypress-compliments",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 20
}

Low plugin_closed myCred Rank Plus Resolved · fp:author_request_closure 20d ago

Slug	mycred-rank-plus
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	20

View raw JSON

{
    "slug": "mycred-rank-plus",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 20
}

Low plugin_closed myCred – MemberPress Integration (Gamification for Membership Sites) Resolved · legit_author_request_closure 21d ago

Slug	mycred-memberpress
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	20

View raw JSON

{
    "slug": "mycred-memberpress",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 20
}

Low contributor_added myCred – MemberPress Integration (Gamification for Membership Sites) Resolved · cold_start_fp 21d ago

Slug	mycred-memberpress
New contributors	`saadiqbal`
Active installs	20

View raw JSON

{
    "slug": "mycred-memberpress",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 20
}

Low plugin_closed myCred Credly Resolved · legit_author_request_closure 21d ago

Slug	mycred-credly
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	20

View raw JSON

{
    "slug": "mycred-credly",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 20
}

Low contributor_added myCred Credly Resolved · cold_start_fp 21d ago

Slug	mycred-credly
New contributors	`saadiqbal`
Active installs	20

View raw JSON

{
    "slug": "mycred-credly",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 20
}

Low plugin_closed myCred for Rating Form Resolved · legit_author_request_closure 21d ago

Slug	mycred-for-rating-form
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	20

View raw JSON

{
    "slug": "mycred-for-rating-form",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 20
}

Low contributor_added myCred for Rating Form Resolved · cold_start_fp 21d ago

Slug	mycred-for-rating-form
New contributors	`saadiqbal`
Active installs	20

View raw JSON

{
    "slug": "mycred-for-rating-form",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 20
}

Low plugin_closed myCred for TotalPoll Resolved · legit_author_request_closure 21d ago

Slug	mycred-for-totalpoll
Closed reason	`author-request`
Closed date	2026-04-30 00:00:00
Active installs	30

View raw JSON

{
    "slug": "mycred-for-totalpoll",
    "closed_reason": "author-request",
    "closed_date": "2026-04-30 00:00:00",
    "active_installs": 30
}

Low contributor_added myCred for TotalPoll Resolved · cold_start_fp 21d ago

Slug	mycred-for-totalpoll
New contributors	`saadiqbal`
Active installs	30

View raw JSON

{
    "slug": "mycred-for-totalpoll",
    "new_contributors": [
        "saadiqbal"
    ],
    "active_installs": 30
}

Plugins authored (88)

Plugin	Version	Installs	Last updated	Status
Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App ·`post-smtp`	3.9.1	300k+	1mo ago	Active
CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7 ·`contact-form-7-honeypot`	3.5.0	300k+	29d ago	Active
Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content ·`password-protected`	2.8.0	300k+	1mo ago	Active
Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution ·`file-manager-advanced`	5.4.11	100k+	2mo ago	Active
All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more. ·`change-wp-admin-login`	2.2.0	60k+	20d ago	Active
Open Graph and Twitter Card Tags ·`wonderm00ns-simple-facebook-open-graph-tags`	3.3.9	60k+	3mo ago	Active
Custom Login Page Customizer – Login Designer ·`login-designer`	1.6.10	30k+	6mo ago	Active
New User Approve ·`new-user-approve`	3.2.7	20k+	18d ago	Active
Post Snippets – Custom WordPress Code Snippets Customizer ·`post-snippets`	4.0.19	20k+	1mo ago	Active
Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder ·`gutena-forms`	1.8.0	20k+	1mo ago	Active
Email Templates Customizer and Designer for WordPress and WooCommerce ·`email-templates`	1.5.11	20k+	1mo ago	Active
WC Hide Shipping Methods ·`wc-hide-shipping-methods`	2.0.5	20k+	6mo ago	Active
Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred ·`mycred`	3.0.5	10k+	25d ago	Active
WP Contact Slider – Contact Form Slider Widget ·`wp-contact-slider`	2.5.4	10k+	3mo ago	Active
Gutena Accordion – Beautiful FAQ Accordion Block ·`gutena-accordion`	1.0.5	6k+	4mo ago	Active
Gutena Tabs ·`gutena-tabs`	1.0.10	6k+	5mo ago	Active
License Manager for WooCommerce ·`license-manager-for-woocommerce`	3.0.15	6k+	2mo ago	Active
Custom Add to Cart labels for WooCommerce ·`wc-custom-add-to-cart-labels`	1.5.3	5k+	6mo ago	Active
Rocket Maintenance Mode & Coming Soon Page ·`rocket-maintenance-mode`	4.4	4k+	2y ago	Active
Gutena Testimonial Slider ·`gutena-testimonial`	1.0.3	3k+	5mo ago	Active
Admin Bar User Switching ·`admin-bar-user-switching`	1.4	2k+	3y ago	Active
WP Secure Maintenance ·`wp-secure-maintainance`	1.7	1k+	1y ago	Active
Gutena Video Lightbox ·`gutena-lightbox`	1.0.3	1k+	5mo ago	Active
Gutena Kit – Gutenberg Blocks and Templates ·`gutena-kit`	2.0.7	1k+	1mo ago	Active
WP Easy Pay – Payment and Donation form Builder for Square ·`wp-easy-pay`	4.4.0	1k+	23d ago	Active
Quick Contact Form ·`quick-contact-form`	8.2.7	1k+	4mo ago	Active
Gutena Star Ratings ·`gutena-star-ratings`	1.0.1	1k+	5mo ago	Active
WP PDF Generator ·`wp-pdf-generator`	1.2.4	1k+	1y ago	Active
Wholesale for WooCommerce ·`woo-wholesale-pricing`	2.0.4	1k+	8mo ago	Active
Gutena Newsletter – Subscriber Block & Connect Mailchimp ·`newsletter-block-by-gutena`	1.1.6	1k+	5mo ago	Active
User Avatar – Reloaded ·`user-avatar-reloaded`	1.2.2	900	2y ago	Active
WC Shop Sync – Square Payment Gateway and Product Synchronization for WooCommerce ·`woosquare`	4.7.3	900	18d ago	Active
Gutena PhotoFeed ·`photofeed-block-by-gutena`	1.0.3	800	5mo ago	Active
Gutena Team – Team Slider and Grid ·`gutena-team`	1.0.0	800	5mo ago	Active
Gutena Recent Post Custom Tag ·`post-featured-tag-block-by-gutena`	1.0.3	800	5mo ago	Active
myCred for Elementor ·`mycred-for-elementor`	1.3	500	7mo ago	Active
Conditional Fees for WooCommerce Lite ·`woo-add-custom-fee`	1.7.1	500	1y ago	Active
myCred – Gutenberg Blocks ·`mycred-blocks`	1.1.4	400	1y ago	Active
myCred Toolkit – Ultimate myCred Modules To Support WordPress Gamification and Loyalty Rewards ·`mycred-toolkit`	1.4.2	400	2mo ago	Active
MainWP Post SMTP Extension – Easily Manage WP SMTP Setup for All Sites in One Place ·`post-smtp-for-mainwp`	1.0.6	300	2mo ago	Active
myCred H5P ·`mycred-h5p`	1.2.9	200	1y ago	Active
myCred – Learndash ·`mycred-learndash`	2.3	200	1y ago	Active
Multi Currency Switcher ·`multi-currency-switcher`	1.0.1	200	9mo ago	Active
WPExperts Square For GiveWP ·`wpexperts-square-for-give`	1.3.2	100	1y ago	Active
myCred Birthdays ·`mycred-birthdays`	1.0.8	100	1y ago	Active
B2B Invoice Payment Method for WooCommerce ·`invoice-payment-gateway-for-woocommerce`	1.2.1	100	11mo ago	Active
myCred Paid Memberships Pro ·`mycred-paid-memberships-pro`	1.3.1	100	1y ago	Active
myCred BP Group Leaderboards ·`mycred-bp-group-leaderboards`	1.3.2	90	1y ago	Active
myCred – BuddyBoss Integration ·`mycred-buddyboss`	1.3.3	90	1y ago	Active
myCred Tutor LMS – Gamification in eLearning ·`mycred-tutor-lms-gamification-in-elearning`	1.0.8	90	1y ago	Active
Secure WP Admin ·`secure-wp-admin`	1.4.2	80	1y ago	Active
myCred for Courseware ·`mycred-for-courseware`	1.1.8	80	1y ago	Active
Product Disclaimer For WooCommerce ·`woo-product-disclaimer`	2.2.1	80	2y ago	Active
B2B Request a Quote ·`woo-add-to-quote`	1.5.6	80	8mo ago	Active
User Management ·`user-management`	1.2	70	1y ago	Active
MemberPress Square — Accept Square Payments in MemberPress ·`pay-with-square-in-memberpress`	1.3	70	6mo ago	Active
myCred Amelia – Gamification with Events & Appointments Booking ·`mycred-amelia`	1.1.9	40	9mo ago	Active
myCred for TotalPoll ·`mycred-for-totalpoll`	1.3.2	30	—	Closed
myCred for BuddyPress Compliments ·`mycred-for-buddypress-compliments`	1.1.9	20	—	Closed
myCred for Rating Form ·`mycred-for-rating-form`	1.3.8	20	—	Closed
Gravity Forms Square (Free) ·`pay-with-square-in-gravity-forms`	1.2	20	6mo ago	Active
myCred – MemberPress Integration (Gamification for Membership Sites) ·`mycred-memberpress`	1.0.9	20	—	Closed
myCred Credly ·`mycred-credly`	2.1.3	20	—	Closed
myCred Rank Plus ·`mycred-rank-plus`	1.0.5	20	—	Closed
myCred GiveWP ·`mycred-givewp`	1.0.8	10	1y ago	Active
myCred – LifterLMS Integration ·`mycred-lifterlms-integration`	1.7.2	10	1y ago	Active
myCred for Event Espresso 4 ·`mycred-for-event-espresso-4`	1.1	10	1y ago	Active
myCred Zoom Rewards ·`mycred-zoom-rewards`	1.0.9	10	1y ago	Active
myCred Badge Editor ·`mycred-badge-editor`	1.0.4	10	1y ago	Active
myCred Badge Plus ·`mycred-badge-plus`	1.0.4	10	1y ago	Active
myCred for Events Manager Pro ·`mycred-for-events-manager-pro`	3.1	10	1y ago	Active
myCred for WP-PostViews ·`mycred-for-wp-postviews`	1.3.2	10	1y ago	Active
myCred LearnDash Points Importer ·`mycred-learndash-points-importer`	1.1.7	10	1y ago	Active
myCred Retro ·`mycred-retro`	1.2.9	10	1y ago	Active
myCred WP Simple Pay – Stripe Payment Addon ·`mycred-wp-simple-pay-addon`	1.1	10	1y ago	Active
myCred – Zapier Integration ·`mycred-zapier`	1.0.9	10	1y ago	Active
WPFormify – Stripe Payments with Form and Checkout ·`wpformify`	1.1.1	10	12mo ago	Active
myCred for GD Star Rating ·`mycred-for-gd-star-rating`	1.3.9	10	1y ago	Active
myCred Badgr Integration ·`mycred-badgr-achievement-badge`	1.0.8	10	1y ago	Active
Bookify – Appointment Booking & Scheduling for WordPress ·`bookify`	1.3.3	10	1mo ago	Active
myCred – GamiPress Importer ·`mycred-gamipress-importer`	1.1.8	10	1y ago	Active
myCred – AnsPress (Gamify your Question and answer Sites) ·`mycred-anspress-integration`	1.1.9	10	1y ago	Active
Card Stripe js For WooCommerce ·`wc-stripe-card-js`	1.1	10	3y ago	Active
myCred – myCred Githubreviews ·`mycred-githubreviews`	1.1	—	1y ago	Active
Gravity Forms Booking – Appointment Booking & Scheduling Addon for Gravity Forms ·`appointment-and-booking-for-gravity-forms`	1.3	—	2mo ago	Active
myCred Square ·`mycred-square`	1.0.9	—	1y ago	Active
myCred for TotalSurvey ·`mycred-for-totalsurvey`	1.0.4	—	1y ago	Active
APPExperts – Mobile App Builder for WordPress \| WooCommerce to iOS and Android Apps ·`appexperts`	1.4.5	—	—	Closed

SVN commit access (2)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin	Primary author	Installs	Commits	First	Latest	Status
User Avatar – Reloaded	saadiqbal	900	26	4y ago	2y ago	Active
Custom Add to Cart labels for WooCommerce	saadiqbal	5k+	5	1y ago	1y ago	Active