PHP Wordpress-security Resources

Modern Login Here lives a simple mu-plugin to whitelabel and modernize wp-login.php. No admin panels, no bloat – just a simple filter to optionally cu

Admin Columns allows you to manage and organize columns in the posts, users, comments, and media lists tables in the WordPress admin panel. Transform the WordPress admin screens into beautiful, clear overviews.

WP PHPMailer provides a clean and simple way to configure the WordPress-bundled PHPMailer library, allowing you to quickly get started sending mail through a local or cloud based service of your choice.

Jetpack Monorepo This is the Jetpack Monorepo. It contains source code for the Jetpack plugin, the Jetpack composer packages, and other things. How to

EasyEngine v4 EasyEngine makes it greatly easy to manage nginx, a fast web-server software that consumes little memory when handling increasing volume

Boilerplate for Nearly Headless WordPress Themes This is a plugin boilerplate built using Underpin ,Nicholas, and AlpineJS. It will allow you to build

Podlove Podcast Publisher This is the podcast publishing plugin for WordPress. Getting Started & Documentation Podlove Community Latest stable version

PHP-Casbin Documentation | Tutorials | Extensions Breaking News: Laravel-authz is now available, an authorization library for the Laravel framework. P

Brad’s Boilerplate This repo contains one folder that is an example theme, and another folder that is an example block-type plugin. Both folders use t

ItalyStrap Theme Json Generator WordPress Theme Json Generator the OOP way This is a WIP project and still experimental. The idea is to generate a fil

OAuth2 between Laravel projects A package that allows secure communication between two or more projects, focused mainly for use in microservices archi

JObfuscator is a source code obfuscator for the Java programming language. It can protect your Java source code and algorithms from hacking, cracking, reverse engineering, decompilation, and technology theft.

Docker Tutorials and Labs At this time we are not actively adding labs to this repository. Our focus is on training.play-with-docker.com where new lab

The full article is posted on my blog. The video presentation is shared here. The presentation slides are shared here. The exploit codes are shared he

envato-purchase-code-widget Verify purchase codes right on your WordPress dashboard. Install the plugin Go to Settings-EPCW and enter your "Envato AP

Evil Twin - Mark VII Learn how to set up a fake authentication web page on a fake WiFi network. Read the comments in these two files to get a better u

Natural Language Processing Tools for WordPress A toolkit for using self-hosted Natural Language Processing in WordPress This plugin is a Proof of Con

hackigniter Hakkında : Hackigniter php codeigniter üzerinde kodlanmış zafiyetli bir web uygulamasıdır. Uygulama üzerinde bulunan zafiyetler, sızma tes

_s Hi. I'm a starter theme called _s, or underscores, if you like. I'm a theme meant for hacking so don't use me as a Parent Theme. Instead try turnin

PoP PoP is a monorepo containing several projects. The GraphQL API for WordPress plugin GraphQL API for WordPress is a forward-looking and powerful Gr

Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Better WordPress Plugin Boilerplate This is a Hard Fork of the original WordPress Plugin Boilerplate. The Better WordPress Plugin Boilerplate actively

Customify - Intuitive Website Styling for WordPress With Customify, developers can easily create advanced theme-specific options inside the WordPress

Sensei LMS A learning management plugin for WordPress, which provides the smoothest platform for helping you teach anything. Sensei LMS is a commercia

Security Component - Core Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the

WordPlate is simply a wrapper around WordPress. It makes developers life easier. It is just like building any other WordPress website with themes and plugins. Just with sprinkles on top.

CrimeFlare Bypass Hostname Alat untuk melihat IP asli dibalik website yang telah dilindungi CloudFlare. Introduction Alat ini berfungsi untuk melakuka

Re-skinning URL splitter Tool Divide / Split your Wordpress Blog visitors into 4 links by using Re-skinning URL splitter Re-skinning URL Splitter Feat

A minimal boilerplate theme for WordPress using TailwindCSS, with PostCSS and Laravel Mix.

Pronamic WordPress Documentor is a tool to automatically extract data about the actions and filters of your WordPress theme or plugin.

psalm-plugin-drupal A Drupal integration for Psalm focused on security scanning (SAST) taint analysis. Features Stubs for sinks, sources, and sanitize

WC Vendors 2.0 is a major update. This has a brand new settings system that is not backwards compatible with the existing one. This means all extensions and plugins that interact with WC Vendors will need to be updated to support this new system.

GraphQL API for WordPress Transform your WordPress site into a modern GraphQL server: graphql-api.com. This plugin is the implementation for WordPress

A (unofficial) WordPress plugin to report PHP and JavaScript errors to Sentry.

WordPress boilerplate with modern development tools, easier configuration, and an improved folder structure

WordPress starter theme with a modern development workflow

Wordpress Plugin to show a small amount of events in an easy to use calender/schedule

Pods Framework Pods is a development framework for creating, extending, managing, and deploying customized content types in WordPress. Description Che

Wrapping all composer vendor packages inside your own namespace. Intended for WordPress plugins.

Based on Sam Thomas' findings concerning insecure deserialization in combination with obfuscation strategies allowing to hide Phar files inside valid image resources, the TYPO3 project decided back then to introduce a PharStreamWrapper to intercept invocations of the phar:// stream in PHP and only allow usage for defined locations in the file system.

Current version: 1.3.5 PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted a

Imposter Plugin Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins. Built with ♥ by Typ

Timber helps you create fully-customized WordPress themes faster with more sustainable code. With Timber, you write your HTML using the Twig Template Engine separate from your PHP files.

一、小程序介绍 酱茄企业官网小程序，酱茄专为中小企业开发的轻量级企业建站小程序（基于uni-app + wordpress），后台操作简单，维护方便，无需过多配置就能搭建一个企业小程序。

Orig User Avatar This WordPress plugin is a fork of the popular wp-user-avatar plugin, before it became ProfilePress. Compatibility with wp-user-avata

Custom User Avatar WordPress currently only allows you to use custom avatars that are uploaded through Gravatar. Custom User Avatar enables you to use

Laravel Qcloud Content Security T-Sec 天御内容安全服务使用了深度学习技术，识别文本/图片中出现的可能令人反感、不安全或不适宜内容，支持用户配置词库/图片黑名单，识别自定义的识别类型。

Static 404 A WordPress plugin to quickly send a 404 for missing static files. Quickly output a 404 for static files that aren't found, rather than loa

Really Rich Results - JSON-LD Structured Data (Google Rich Results) for WordPress Search engines are putting more weight on structured data than ever

dotenv A WordPress plugin to set WordPress options from a .env file. Any WPENV_ prefixed variables in the .env will be used to override the WordPress

b5st – A Bootstrap 5 Starter Theme, for WordPress Version 1.1 https://github.com/SimonPadbury/b5st b5st is a simple, Gutenberg-compatible WordPress st

Valeyard IRC-SQL-GateWay A bot written in PHP which attempts to link IRC with SQL database, allowing for integration between platforms. This bot is mo

MyMeta Basket is the world's first plug-and-play Wordpress/Enjin/Ethereum integration that allows you to start selling blockchain assets through your website within minutes. All you need is Wordpress, MyMeta Basket, and an Enjin subscription.

=== Classic Widgets === Contributors: wordpressdotorg, hellofromtonya, azaozz Tags: gutenberg, disable, disable gutenberg, editor, classic widgets Req

Disable FLoC by WP Munich A simple zero-config plugin to opt-out of Google FLoC. This plugin is made with love and brought to you by the folks of WP M

vPOS - WooCommerce The number #1 payment solution in Angola This plugin currently works for the solutions listed below: EMIS GPO (Multicaixa Express)

WordPress Tiny Snippets [+] :: Info/Инфо: [ 🇺🇸 ] Collection of tiny snippets for WordPress CMS.

Persistent Dismissible A class for encapsulating the logic required to maintain a relationship between the database, a dismissible UI element (with an

WordPress static site generator for security, performance and cost benefits

A Simple and Lightweight WordPress Option Framework for Themes and Plugins. Built in Object Oriented Programming paradigm with high number of custom fields and tons of options. Allows you to bring custom admin, metabox, taxonomy and customize settings to all of your pages, posts and categories. It's highly modern and advanced framework.

deployer-extended-wordpress What does it do? Should I use "deployer-extended-wordpress" or "deployer-extended-wordpress-composer"? Dependencies Instal

User Switching Stable tag: 1.5.7 Requires at least: 3.7 Tested up to: 5.7 Requires PHP: 5.3 License: GPL v2 or later Tags: users, profiles, user switc

Disciple Tools Disciple.Tools software boosts collaboration, clarity, and accountability for disciple and church multiplication movements. Description

Lando A Liberating Dev Tool For All Your Projects The local development and DevOps tool trusted by professional developers across the galaxy. Free you

Full PHP development environment based on Docker. Use Docker First - Learn About It Later! Join Us Awesome People Laradock is an MIT-licensed open sou

Secure Headers Add security related headers to HTTP response. The package includes Service Providers for easy Laravel integration. Version Installatio

Laravel Ban Introduction Laravel Ban simplify management of Eloquent model's ban. Make any model bannable in a minutes! Use case is not limited to Use

Captcha for Laravel 5/6/7 A simple Laravel 5/6 service provider for including the Captcha for Laravel. for Laravel 4 Captcha for Laravel Laravel 4 Pre

Bouncer Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. Table of Contents Click

About SecLists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected i

Matomo (formerly Piwik) - matomo.org Code Status Description Matomo is the leading Free/Libre open analytics platform. Matomo is a full-featured PHP M

Captcha Installation With composer : { ... "require": { "gregwar/captcha": "1.*" } } Usage You can create a captcha with the Captc

Psalm Psalm is a static analysis tool for finding errors in PHP applications. Installation To get started, check out the installation guide. Live Demo

Latte: amazing template engine for PHP Introduction Latte is a template engine for PHP which eases your work and ensures the output is protected again

SecurityMultiTool A multitool library offering access to recommended security related libraries, standardised implementations of security defences, an

What is CIDRAM? CIDRAM (Classless Inter-Domain Routing Access Manager) is a PHP script designed to protect websites by blocking requests originating f

scheb/two-factor-bundle ⚠ Outdated version. Please use versions ≥ 5 from scheb/2fa. This bundle provides two-factor authentication for your Symfony ap

PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Scanner for PHP.ini The Iniscan is a tool designed to scan the given php.ini file for common security practices and report back results. Currently it

PHP Security Advisories Database The PHP Security Advisories Database references known security vulnerabilities in various PHP projects and libraries.

OWASP ZAP The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated internatio

CakePHP Utility Classes This library provides a range of utility classes that are used throughout the CakePHP framework What's in the toolbox? Hash A

DMS Filter Component This library provides a service that can be used to filter object values based on annotations Install Use composer to add DMS\Fil

What is phpMussel? An ideal solution for shared hosting environments, where it's often not possible to utilise or install conventional anti-virus prot

PHP library for Two Factor Authentication PHP library for two-factor (or multi-factor) authentication using TOTP and QR-codes. Inspired by, based on b

Lock - Acl for PHP 5.4+ I'm sad to say that Lock is currently not maintained. I won't be able to offer support or accept new contributions for the cur

Sentinel Sentinel is a PHP 7.3+ framework agnostic fully-featured authentication & authorization system. It also provides additional features such as