Most Improved Login WordPress Plugins
131 indexed plugins
Plugins
131
Active Installs
6m+
Average Score
55
Audited
131
Most Improved
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | Firebase Authentication | 100 | 0 | 500 | No open findings | |||
| #2 | Shibboleth | 100 | 0 | 3k+ | No open findings | |||
| #3 | aapanel WP Toolkit | 71 | 20 | 18 | 2k+ | wp function not compatible with requires wp | ||
| #4 | Add Logo to Admin | 67 | 14 | 3 | 7k+ | Unsafe printing function | ||
| #5 | Admin login URL Change | 44 | 38 | 11 | 2k+ | Output is not escaped | ||
| #6 | AJAX Login and Registration modal popup + inline form | 28 | 157 | 261 | 3k+ | Output is not escaped | ||
| #7 | Intranet & Private Site – All-In-One Intranet | 82 | 1 | 11 | 4k+ | Input is not sanitized | ||
| #8 | Authenticator | 41 | 59 | 44 | 1k+ | Output is not escaped | ||
| #9 | Authorizer | 65 | 3 | 54 | 5k+ | Nonce verification recommended | ||
| #10 | Auto Login for Sakura Rental Server | 35 | 3 | 3 | 10k+ | Hidden files included | ||
| #11 | Autologin Links | 38 | 73 | 74 | 8k+ | Output is not escaped | ||
| #12 | Change Username | 35 | 7 | 10 | 4k+ | Direct Query | ||
| #13 | All In One Login — Login Page Security and Customization for WordPress with Google reCAPTCHA, Social Login, Temporary Login, 2FA, and more. | 23 | 750 | 1,359 | 60k+ | Non-prefixed global variable | ||
| #14 | Chap Secure Password Login | 72 | 13 | 7 | 600 | Input is not validated | ||
| #15 | Clean Login | 97 | 2 | 13 | 6k+ | Non-prefixed hook name | ||
| #16 | CloudGuard | 41 | 41 | 13 | 1k+ | Output is not escaped | ||
| #17 | Customize Admin | 99 | 8 | 0 | 4k+ | Missing Arg Domain | ||
| #18 | Customize Login Image | 43 | 32 | 9 | 3k+ | Unsafe printing function | ||
| #19 | OpenID Connect Generic Client | 73 | 9 | 59 | 10k+ | Non-prefixed hook name | ||
| #20 | Disable Login Language Selector | 98 | 4 | 0 | 1k+ | Missing direct file access protection | ||
| #21 | Disable Login Language Switcher | 99 | 2 | 0 | 1k+ | Missing direct file access protection | ||
| #22 | Disable User Login | 42 | 25 | 19 | 5k+ | Unsafe printing function | ||
| #23 | Disable Users | 69 | 11 | 9 | 2k+ | Text Domain Mismatch | ||
| #24 | Duo Universal | 80 | 6 | 25 | 2k+ | Nonce verification recommended | ||
| #25 | Duo Two-Factor Authentication | 37 | 44 | 61 | 3k+ | Missing nonce verification | ||
| #26 | Easy Basic Authentication – Add basic auth to site or admin area | 46 | 14 | 28 | 600 | Input is not sanitized | ||
| #27 | Easy Hide Login | 98 | 3 | 12 | 20k+ | Non-prefixed global variable | ||
| #28 | Login & Register Customizer – Popup | Slider | Inline | WooCommerce | 33 | 265 | 230 | 40k+ | Output is not escaped | ||
| #29 | Easy Upload Files During Checkout | 31 | 220 | 208 | 500 | Unsafe printing function | ||
| #30 | Erident Custom Login and Dashboard | 38 | 122 | 28 | 8k+ | Unsafe printing function | ||
| #31 | Expire Passwords | 92 | 7 | 2 | 500 | Missing Translators Comment | ||
| #32 | Expire User Passwords | 35 | 3 | 15 | 3k+ | Nonce verification recommended | ||
| #33 | Force Email Login | 35 | 5 | 0 | 800 | Hidden files included | ||
| #34 | Frontend Reset Password | 35 | 83 | 128 | 10k+ | Text Domain Mismatch | ||
| #35 | Lock Down Admin | 42 | 30 | 20 | 3k+ | Unsafe printing function | ||
| #36 | Login for Google Apps | 27 | 139 | 85 | 10k+ | Exception output is not escaped | ||
| #37 | Google Authenticator | 41 | 39 | 65 | 20k+ | Output is not escaped | ||
| #38 | WP Ghost (Hide My WP Ghost) – Security & Firewall | 85 | 6 | 373 | 100k+ | Non-prefixed global variable | ||
| #39 | hideShowPassword | 92 | 3 | 5 | 400 | trademarked term | ||
| #40 | HTACCESS IP Blocker | 65 | 5 | 14 | 2k+ | Missing nonce verification | ||
| #41 | IndieAuth | 34 | 36 | 109 | 400 | Input is not sanitized | ||
| #42 | IP Based Login | 35 | 179 | 146 | 600 | Output is not escaped | ||
| #43 | IP Geo Block | 23 | 399 | 589 | 9k+ | Output is not escaped | ||
| #44 | My Private Site | 31 | 425 | 190 | 20k+ | Text Domain Mismatch | ||
| #45 | Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms | 24 | 563 | 548 | 4k+ | Text Domain Mismatch | ||
| #46 | Limit Login Attempts | 40 | 81 | 38 | 300k+ | Output is not escaped | ||
| #47 | Loggedin – Limit Concurrent Sessions | 97 | 11 | 7 | 8k+ | Missing direct file access protection | ||
| #48 | Login as User | 36 | 101 | 64 | 30k+ | Output is not escaped | ||
| #49 | Custom Login Page Customizer | 23 | 687 | 1,408 | 90k+ | Non-prefixed global variable | ||
| #50 | Custom Login Page Customizer – Login Designer | 22 | 588 | 1,455 | 30k+ | Non-prefixed global variable |