Beschrijving
Breach Radar via verisizintisi.com
Beschrijving
Breach Radar helps WordPress site owners monitor whether their users’ email addresses appear in known data breaches.
Features:
– Dashboard overview with risk summary and insights
– Manual and scheduled scans (daily)
– Logs with filters (email, found, HTTP, date range)
– Admin notifications on breach count increases (configurable threshold)
– Protection badge shortcode and Theme Customizer integration
– i18n: English and Turkish included; Azerbaijani and Russian supported via PO files
How it works
- Get your API key at get.verisizintisi.com/wordpress and paste it in Settings.
- Start a manual scan or enable the daily scan. The plugin sends, over HTTPS:
- Your site domain (to validate token usage)
- The email addresses selected for scanning
- The API authenticates, rate‑limits, and checks a breach dataset. It returns per‑email status and counts (no breach contents).
- Results are summarized in your dashboard and stored locally as scan logs. Breach contents remain user‑private on verisizintisi.com.
Language & translations
- Text Domain: breach-radar (auto‑loaded from WordPress.org)
- Bundled translations: English, Turkish. PO fallbacks provided for az_AZ and ru_RU under
wordpress/languages/. - Plugin UI language can be forced at Breach Radar Settings Language. Default is “Auto (Site language)”.
- Language: English | Türkçe readme-tr_TR.txt
Data sent to the service
- Site domain (host) to validate token usage
- The email addresses you submit for lookup (transmitted for lookup; not persisted by the API)
- Usage metadata (request time, status code, counters) for rate‑limiting and abuse prevention
Privacy and Terms
- No tracking scripts are added to your WordPress frontend or admin.
- Lookups only run when you initiate them or via your scheduled task. Visitors are not tracked.
- Review: https://verisizintisi.com/privacy and https://verisizintisi.com/terms
Security model
- Admin pages require
manage_optionscapability. - All state‑changing actions use nonces (
check_admin_referer). - Inputs sanitized and validated; outputs escaped (
esc_html,esc_attr,esc_url,wp_kses_post). - HTTP host is derived via a safe helper instead of raw
$_SERVER.
Consent
Depending on your local laws and policies, you may need to inform users and/or obtain consent before checking their email addresses against breach datasets. This plugin provides the tools, but responsibility for lawful use remains with the site owner.
Installatie
From your WordPress admin:
1. Plugins Add New Upload Plugin select the ZIP Install Now Activate
2. Get your API key at get.verisizintisi.com/wordpress
3. Go to Breach Radar Settings and paste your API key
4. (Optional) Configure scan filters, notifications, language
5. Start a manual scan or enable daily scans
FAQ
Does this show breach contents inside WordPress?
No. Breach contents are user‑private on verisizintisi.com. Admins see presence and counts only.
Does the API store my users’ emails?
Emails are transmitted for lookup and not stored in usage logs. The service records minimal metadata for rate‑limiting and abuse prevention.
How often can I call the API?
Default daily limit is 10 requests per token (subject to change by plan). See the dashboard usage card.
How do I add the protection badge?
Use the shortcode:
[verisizintisi_badge size=”medium” theme=”light” align=”left” lang=”auto”]
Or use Appearance Customize Breach Radar Badge.Can I force the plugin language?
Yes. Go to Breach Radar Settings Language. “Auto” follows the site language. You can force Turkish, English, Azerbaijani, or Russian.
Beoordelingen
Er zijn geen beoordelingen voor deze plugin.
Bijdragers & ontwikkelaars
“Breach Radar via verisizintisi.com” is open source software. De volgende personen hebben bijgedragen aan deze plugin.
Bijdragers
“Breach Radar via verisizintisi.com” is vertaald in 1 locale. Dank voor de vertalers voor hun bijdragen.
Vertaal “Breach Radar via verisizintisi.com” in je eigen taal.
Interesse in ontwikkeling?
Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.
Changelog
1.0.2
- Added first‑run Setup Wizard (activation redirect, two‑step flow)
- API key connectivity test with clear status; daily scan toggle
- Admin notice until setup is completed
- Fixed redirects by processing setup via admin‑post to avoid “headers already sent”
- Minor UX copy and layout improvements
1.0.1
- Compliance and security improvements for Plugin Check
- Replaced raw $_SERVER usage with safe
get_site_url_safe() - Escaped flagged outputs (esc_html/esc_attr/esc_url/wp_kses_post)
- Confirmed sanitization/validation of GET/POST data
- Self‑healing scheduling for daily scans and last run tracking
- rand() wp_rand(); parse_url() wp_parse_url(); date() gmdate()
- Always use $wpdb->prepare() with placeholders in Logs queries
- i18n fixes (Text Domain breach-radar), updated POT/PO files
- Removed chart embeds and unused assets
1.0.0
- İlk kararlı sürüm: risk özeti, öngörüler, günlük tarama, kayıt filtreleri, bildirimler, rozet sayfası
