Shield Security – Smart Bot Blocking, Brute-Force Login Protection & File Scanning

wp-simple-firewall · by paultgoodchild · wordpress.org ↗ · SVN ↗

Active installs: 40k+
Current version: 22.0.7
Added: 2013-07-09
Last updated: 2026-05-25 (17d ago)
First seen by beacon: 1mo ago
Total downloads: 12,733,100

Alerts (0)

No open alerts.

Show 4 resolved alerts

Medium domain_younger_than_plugin Resolved · benign_vendor_product_domain 2026-05-28 01:54:36 (15d ago)

Slug	wp-simple-firewall
Domain	`shldscrty.com`
Domain source	`plugin_uri`
Domain registered at	2024-11-27
Plugin earliest commit	2023-07-26 08:24:37
Plugin latest release	2026-05-25 13:19:41
Gap days	489
Domain age at release	544
Active installs	40,000

View raw JSON

{
    "slug": "wp-simple-firewall",
    "domain": "shldscrty.com",
    "domain_source": "plugin_uri",
    "domain_registered_at": "2024-11-27",
    "plugin_earliest_commit": "2023-07-26 08:24:37",
    "plugin_latest_release": "2026-05-25 13:19:41",
    "gap_days": 489,
    "domain_age_at_release": 544,
    "active_installs": 40000
}

Medium code_scan_delta Resolved · benign_baseline_findings_no_new_ioc 2026-05-27 19:35:22 (15d ago)

Slug wp-simple-firewall

Previous version 21.2.6

Current version 22.0.7

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`base64_decode`	`builtin`	`src/Modules/HackGuard/Scan/Queue/QueueItemVO.php`	63	`$decoded = \base64_decode( $value, true );`	`medium`
`base64_decode`	`builtin`	`src/Scans/Afs/Scan.php`	21	`$path = \base64_decode( (string)$item, true );`	`medium`
`base64_decode`	`builtin`	`src/Components/CompCons/Login/TwoFactor/Import/SolidSecurityBridge.php`	160	`$decoded = \base64_decode( \substr( $storedSecret, 4 ), true );`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/league/uri/src/Uri.php`	697	`$userinfo = base64_decode(substr($server['HTTP_AUTHORIZATION'], 6), true);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/league/uri/src/Uri.php`	877	`$res = base64_decode($data, true);`	`medium`
`hex_string_long`	`builtin`	`vendor_prefixed/league/uri/src/Uri.php`	199	private const ASCII = "\x20\x65\x69\x61\x73\x6E\x74\x72\x6F\x6C\x75\x64\x5D\x5B\x63\x6D\x70\x27\x0A\x67\x7C\x68\x76\x2E\x66\x62\x2C\x3A\x3D\x2D\x71\x31\x30\x43\x32\x2A\x79\x78\x29\x28\x4C\x39\x41\	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/thecodingmachine/safe/src/functions.php`	15	`function base64_decode( string $data, bool $strict = false ) :string {`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/thecodingmachine/safe/src/functions.php`	17	`$result = \base64_decode( $data, $strict );`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/beberlei/assert/lib/Assert/Assertion.php`	2,115	`if (false === \base64_decode($value, true)) {`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/spomky-labs/base64url/src/Base64Url.php`	49	`$decoded = base64_decode(strtr($data, '-_', '+/'), true);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/spomky-labs/cbor-php/src/Tag/Base64EncodingTag.php`	56	`$result = base64_decode($this->object->getNormalizedData($ignoreTags), true);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/spomky-labs/cbor-php/src/Utils.php`	52	`$decoded = base64_decode(strtr($data, '-_', '+/'), true);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/fgrosse/phpasn1/lib/ASN1/TemplateParser.php`	28	`return $this->parseBinary(base64_decode($data), $template);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/web-auth/metadata-service/src/SingleMetadata.php`	45	`$json = base64_decode($this->data, true);`	`medium`
`base64_decode`	`builtin`	`vendor_prefixed/web-auth/webauthn-lib/src/PublicKeyCredentialUserEntity.php`	66	`$id = base64_decode($json['id'], true);`	`medium`

New finding count 20

View raw JSON

{
    "slug": "wp-simple-firewall",
    "previous_version": "21.2.6",
    "current_version": "22.0.7",
    "new_findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Modules/HackGuard/Scan/Queue/QueueItemVO.php",
            "line": 63,
            "snippet": "$decoded = \\base64_decode( $value, true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Scans/Afs/Scan.php",
            "line": 21,
            "snippet": "$path = \\base64_decode( (string)$item, true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Components/CompCons/Login/TwoFactor/Import/SolidSecurityBridge.php",
            "line": 160,
            "snippet": "$decoded = \\base64_decode( \\substr( $storedSecret, 4 ), true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/league/uri/src/Uri.php",
            "line": 697,
            "snippet": "$userinfo = base64_decode(substr($server['HTTP_AUTHORIZATION'], 6), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/league/uri/src/Uri.php",
            "line": 877,
            "snippet": "$res = base64_decode($data, true);",
            "confidence": "medium"
        },
        {
            "pattern": "hex_string_long",
            "kind": "builtin",
            "file": "vendor_prefixed/league/uri/src/Uri.php",
            "line": 199,
            "snippet": "private const ASCII = \"\\x20\\x65\\x69\\x61\\x73\\x6E\\x74\\x72\\x6F\\x6C\\x75\\x64\\x5D\\x5B\\x63\\x6D\\x70\\x27\\x0A\\x67\\x7C\\x68\\x76\\x2E\\x66\\x62\\x2C\\x3A\\x3D\\x2D\\x71\\x31\\x30\\x43\\x32\\x2A\\x79\\x78\\x29\\x28\\x4C\\x39\\x41\\",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/thecodingmachine/safe/src/functions.php",
            "line": 15,
            "snippet": "function base64_decode( string $data, bool $strict = false ) :string {",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/thecodingmachine/safe/src/functions.php",
            "line": 17,
            "snippet": "$result = \\base64_decode( $data, $strict );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/beberlei/assert/lib/Assert/Assertion.php",
            "line": 2115,
            "snippet": "if (false === \\base64_decode($value, true)) {",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/spomky-labs/base64url/src/Base64Url.php",
            "line": 49,
            "snippet": "$decoded = base64_decode(strtr($data, '-_', '+/'), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/spomky-labs/cbor-php/src/Tag/Base64EncodingTag.php",
            "line": 56,
            "snippet": "$result = base64_decode($this->object->getNormalizedData($ignoreTags), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/spomky-labs/cbor-php/src/Utils.php",
            "line": 52,
            "snippet": "$decoded = base64_decode(strtr($data, '-_', '+/'), true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/fgrosse/phpasn1/lib/ASN1/TemplateParser.php",
            "line": 28,
            "snippet": "return $this->parseBinary(base64_decode($data), $template);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/web-auth/metadata-service/src/SingleMetadata.php",
            "line": 45,
            "snippet": "$json = base64_decode($this->data, true);",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "vendor_prefixed/web-auth/webauthn-lib/src/PublicKeyCredentialUserEntity.php",
            "line": 66,
            "snippet": "$id = base64_decode($json['id'], true);",
            "confidence": "medium"
        }
    ],
    "new_finding_count": 20
}

Medium code_scan_match Resolved · code_scan_fp_class_genre_encoding 2026-05-05 12:03:48 (1mo ago)

Slug wp-simple-firewall

Finding count 30

Findings

Pattern	Kind	File	Line	Snippet	Confidence
`base64_decode`	`builtin`	`src/Utilities/Forms/FormParams.php`	32	`$raw = \base64_decode( $raw );`	`medium`
`base64_decode`	`builtin`	`src/Utilities/Tool/ConvertHtmlToPDF.php`	23	return empty( $res[ 'is_base64' ] ) ? $res[ 'converted_content' ] : \base64_decode( $res[ 'converted_content' ] );	`medium`
`gzinflate`	`builtin`	`src/Modules/Plugin/Lib/Reporting/ReportingController.php`	58	`return ( new ConvertHtmlToPDF() )->run( \gzinflate( $report->content ) );`	`medium`
`base64_decode`	`builtin`	`src/Modules/LoginGuard/Lib/TwoFactor/Provider/Passkey.php`	196	`return $this->verifyAuthResponse( \base64_decode( $otp ) )->success;`	`medium`
`base64_decode`	`builtin`	`src/Modules/HackGuard/Lib/FileLocker/Ops/Diff.php`	44	`base64_decode( $res[ 'html' ][ 'css_default' ] ),`	`medium`
`base64_decode`	`builtin`	`src/Modules/HackGuard/Lib/FileLocker/Ops/Diff.php`	45	`base64_decode( $res[ 'html' ][ 'content' ] )`	`medium`
`base64_decode`	`builtin`	`src/Modules/HackGuard/Scan/Queue/QueueItemVO.php`	65	`$decoded = \base64_decode( $value, true );`	`medium`
`base64_decode`	`builtin`	`src/Scans/Afs/Scan.php`	21	`$path = \base64_decode( (string)$item, true );`	`medium`
`base64_decode`	`builtin`	`src/Scans/Afs/ResultItem.php`	106	`$value = \base64_decode( $value );`	`medium`
`base64_decode`	`builtin`	`src/Scans/Afs/ScanFromFileMap.php`	27	`$fullPath = \base64_decode( $fullPath );`	`medium`
`base64_decode`	`builtin`	`src/DBs/Mfa/Ops/Record.php`	20	`$value = @\json_decode( @\base64_decode( $value ), true );`	`medium`
`base64_decode`	`builtin`	`src/DBs/Malware/Ops/Record.php`	30	`$value = \base64_decode( $value );`	`medium`
`base64_decode`	`builtin`	`src/DBs/FileLocker/Ops/Record.php`	25	`$value = (string)\base64_decode( $value );`	`medium`
`base64_decode`	`builtin`	`src/DBs/Snapshots/Ops/Record.php`	16	`$value = @\json_decode( @\base64_decode( $value ), true );`	`medium`
`base64_decode`	`builtin`	`src/DBs/Rules/Ops/Record.php`	30	`$value = @\json_decode( @\base64_decode( (string)$value ), true );`	`medium`

Resolved sha dd3934f54a053ae11586c9fc6f18fc4b0e2e5599

View raw JSON

{
    "slug": "wp-simple-firewall",
    "finding_count": 30,
    "findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Utilities/Forms/FormParams.php",
            "line": 32,
            "snippet": "$raw = \\base64_decode( $raw );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Utilities/Tool/ConvertHtmlToPDF.php",
            "line": 23,
            "snippet": "return empty( $res[ 'is_base64' ] ) ? $res[ 'converted_content' ] : \\base64_decode( $res[ 'converted_content' ] );",
            "confidence": "medium"
        },
        {
            "pattern": "gzinflate",
            "kind": "builtin",
            "file": "src/Modules/Plugin/Lib/Reporting/ReportingController.php",
            "line": 58,
            "snippet": "return ( new ConvertHtmlToPDF() )->run( \\gzinflate( $report->content ) );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Modules/LoginGuard/Lib/TwoFactor/Provider/Passkey.php",
            "line": 196,
            "snippet": "return $this->verifyAuthResponse( \\base64_decode( $otp ) )->success;",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Modules/HackGuard/Lib/FileLocker/Ops/Diff.php",
            "line": 44,
            "snippet": "base64_decode( $res[ 'html' ][ 'css_default' ] ),",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Modules/HackGuard/Lib/FileLocker/Ops/Diff.php",
            "line": 45,
            "snippet": "base64_decode( $res[ 'html' ][ 'content' ] )",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Modules/HackGuard/Scan/Queue/QueueItemVO.php",
            "line": 65,
            "snippet": "$decoded = \\base64_decode( $value, true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Scans/Afs/Scan.php",
            "line": 21,
            "snippet": "$path = \\base64_decode( (string)$item, true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Scans/Afs/ResultItem.php",
            "line": 106,
            "snippet": "$value = \\base64_decode( $value );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/Scans/Afs/ScanFromFileMap.php",
            "line": 27,
            "snippet": "$fullPath = \\base64_decode( $fullPath );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/DBs/Mfa/Ops/Record.php",
            "line": 20,
            "snippet": "$value = @\\json_decode( @\\base64_decode( $value ), true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/DBs/Malware/Ops/Record.php",
            "line": 30,
            "snippet": "$value = \\base64_decode( $value );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/DBs/FileLocker/Ops/Record.php",
            "line": 25,
            "snippet": "$value = (string)\\base64_decode( $value );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/DBs/Snapshots/Ops/Record.php",
            "line": 16,
            "snippet": "$value = @\\json_decode( @\\base64_decode( $value ), true );",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "src/DBs/Rules/Ops/Record.php",
            "line": 30,
            "snippet": "$value = @\\json_decode( @\\base64_decode( (string)$value ), true );",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "dd3934f54a053ae11586c9fc6f18fc4b0e2e5599"
}

Medium domain_younger_than_plugin Resolved · no_longer_matches 2026-04-24 09:27:50 (1mo ago)

Slug	wp-simple-firewall
Domain	`shldscrty.com`
Domain source	`c2_http_call`
Domain registered at	2024-11-27
Plugin earliest commit	2023-07-26 08:24:37
Plugin latest release	2026-04-21 19:53:47
Gap days	489
Domain age at release	510
Active installs	40,000

View raw JSON

{
    "slug": "wp-simple-firewall",
    "domain": "shldscrty.com",
    "domain_source": "c2_http_call",
    "domain_registered_at": "2024-11-27",
    "plugin_earliest_commit": "2023-07-26 08:24:37",
    "plugin_latest_release": "2026-04-21 19:53:47",
    "gap_days": 489,
    "domain_age_at_release": 510,
    "active_installs": 40000
}

SVN committers (1)

Accounts with actual commit access to wp-simple-firewall on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer	Member since	Commits	First commit	Latest commit
Paul	2011-06-05	5	2023-07-26 · r2943471	2026-06-04 · r3560640

Readme contributors (2)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor	Member since	SVN access	Status
Paul	2011-06-05	5 commits	Active
Shield Security	2021-02-04	—	Active

Versions (100 most recent)

Version	Released	Download
22.1.1	2026-06-04 · 7d ago	zip
22.0.7	2026-05-25 · 17d ago	zip
22.0.5	2026-05-21 · 21d ago	zip
22.0.4	2026-05-20 · 22d ago	zip
22.0.1	—	zip
22.0.1.1	—	zip
22.0.1.2	—	zip
22.0.0	2026-05-12 · 1mo ago	zip
21.99.12	2026-05-08 · 1mo ago	—
21.99.10	2026-04-30 · 1mo ago	zip
21.99.7	2026-04-27 · 1mo ago	zip
21.2.7	2026-04-21 · 1mo ago	—
21.99.6	2026-04-21 · 1mo ago	zip
21.99.3	2026-04-17 · 1mo ago	zip
21.99.1	2026-04-15 · 1mo ago	zip
21.2.6	2026-03-05 · 3mo ago	zip
21.2.5	2026-02-27 · 3mo ago	zip
21.2.4	2026-02-25 · 3mo ago	zip
21.2.3	2026-02-25 · 3mo ago	zip
21.2.2	2026-02-18 · 3mo ago	zip
21.2.1	2026-02-17 · 3mo ago	zip
21.2.0	2026-02-16 · 3mo ago	zip
21.1.13	2026-02-16 · 3mo ago	zip
21.0.10	2026-01-13 · 4mo ago	zip
21.0.9	2026-01-12 · 5mo ago	zip
21.0.8	2025-12-11 · 6mo ago	zip
21.0.7	2025-12-05 · 6mo ago	zip
21.0.6	2025-06-02 · 1y ago	zip
21.0.3	2025-05-19 · 1y ago	zip
21.0.2	2025-05-15 · 1y ago	zip
20.1.9	2025-04-10 · 1y ago	zip
20.1.8	2025-04-08 · 1y ago	zip
20.1.7	2025-03-21 · 1y ago	zip
20.1.6	2025-03-20 · 1y ago	zip
20.1.5	2025-02-25 · 1y ago	zip
20.1.4	2025-02-24 · 1y ago	zip
20.1.3	2025-02-24 · 1y ago	zip
20.1.2	2024-12-10 · 1y ago	zip
20.0.12	2024-12-03 · 1y ago	zip
20.0.11	2024-11-24 · 1y ago	zip
20.0.10	2024-09-17 · 1y ago	zip
20.0.9	2024-09-16 · 1y ago	zip
20.0.8	2024-08-29 · 1y ago	zip
20.0.7	2024-08-11 · 1y ago	zip
20.0.6	2024-07-29 · 1y ago	zip
20.0.5	2024-07-28 · 1y ago	zip
20.0.4	2024-07-26 · 1y ago	zip
20.0.3	2024-07-23 · 1y ago	zip
20.0.2	2024-07-22 · 1y ago	zip
20.0.1	2024-07-19 · 1y ago	zip
20.0.0	2024-07-16 · 1y ago	zip
19.1.19	2024-07-16 · 1y ago	zip
19.1.0	2024-03-19 · 2y ago	zip
19.0.7	2024-02-12 · 2y ago	zip
19.0.1	2024-01-30 · 2y ago	zip
18.5.10	2023-12-23 · 2y ago	zip
18.5.0	2023-11-10 · 2y ago	zip
18.4.6	2023-11-07 · 2y ago	zip
18.4.0	2023-09-22 · 2y ago	zip
18.3.9	2023-09-20 · 2y ago	zip
18.2.11	2023-08-29 · 2y ago	zip
18.1.2	2023-06-08 · 3y ago	zip
18.0.6	2023-04-26 · 3y ago	zip
17.0.19	2023-03-24 · 3y ago	zip
17.0.0	2023-02-10 · 3y ago	zip
16.1.15	2023-02-08 · 3y ago	zip
16.1.0	2022-09-11 · 3y ago	zip
16.0.9	2022-09-07 · 3y ago	zip
15.1.9	2022-08-04 · 3y ago	zip
15.1.0	2022-06-06 · 4y ago	zip
15.0.13	2022-05-19 · 4y ago	zip
15.0.0	2022-05-05 · 4y ago	zip
14.9.11	2022-05-04 · 4y ago	zip
14.1.7	2022-03-25 · 4y ago	zip
14.0.3	2022-02-16 · 4y ago	zip
13.0.6	2022-01-14 · 4y ago	zip
12.0.13	2021-10-10 · 4y ago	zip
11.5.6	2021-09-23 · 4y ago	zip
11.4.5	2021-07-22 · 4y ago	zip
11.3.0	2021-06-07 · 5y ago	zip
11.2.4	2021-05-30 · 5y ago	zip
11.1.1	2021-04-13 · 5y ago	zip
11.0.3	2021-03-26 · 5y ago	zip
10.2.6	2021-03-08 · 5y ago	zip
10.1.6	2021-02-10 · 5y ago	zip
10.0.3	2020-10-24 · 5y ago	zip
9.2.1	2020-10-14 · 5y ago	zip
9.1.0	2020-08-12 · 5y ago	zip
9.0.4	2020-06-05 · 6y ago	zip
8.7.0	2020-03-16 · 6y ago	zip
8.6.3	2020-02-25 · 6y ago	zip
8.5.7	2020-02-10 · 6y ago	zip
8.4.4	2019-12-06 · 6y ago	zip
8.3.0	2019-11-18 · 6y ago	zip
8.2.3	2019-10-25 · 6y ago	zip
8.1.1	2019-09-18 · 6y ago	zip
8.0.2	2019-09-05 · 6y ago	zip
8.0.0	2019-08-27 · 6y ago	zip
7.4.2	2019-05-30 · 7y ago	zip
7.3.2	2019-04-18 · 7y ago	zip