[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjDCNKJjOwDhwMguLmEfPgs7bZXPro1c37iIpD2HIS8Y":3,"$fa73aLg6S-4aTj1DSzXYbaHw3NtArXhvjdk4r-vG_a1I":542,"$f1Fp1ZFVOY1JFsPru4REPB3k-doORQxqKWJd2N9dgpCE":547},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":39,"analysis":145,"fingerprints":527},"admin-user-messages","Admin User Messages","0.1.6","Zaunkoenig","https:\u002F\u002Fprofiles.wordpress.org\u002Fzaunkoenig\u002F","\u003Cp>With this plugin admins are able to communicate with their users. That is useful if you have a website where you don\\’t want your users to talk with each other. Every term of the plugin is customizable, so you can translate it in your own language.\u003C\u002Fp>\n\u003Cp>You will need to create some pages, to put following shortcodes in:\u003C\u002Fp>\n\u003Cp>Inbox-Page: [admin_user_messages_inbox]\u003C\u002Fp>\n\u003Cp>Sent-Messages-Page [admin_user_messages_sent_messages]\u003C\u002Fp>\n\u003Cp>Write-Message-Page: [admin_user_messages_write_message]\u003C\u002Fp>\n\u003Cp>Read-Message-Page [admin_user_read_message]\u003C\u002Fp>\n\u003Cp>Answer-Message-Page [admin_user_answer_message]\u003C\u002Fp>\n\u003Cp>Search-Page [admin_user_messages_search]\u003C\u002Fp>\n\u003Ch3>Update Notice\u003C\u002Fh3>\n\u003Cp>0.1.3\u003C\u002Fp>\n\u003Ch3>Update Notice\u003C\u002Fh3>\n\u003Cp>0.1.4 Secured function if another plugin uses same function, so it don’t has to be redeclared\u003C\u002Fp>\n\u003Ch3>Update Notice\u003C\u002Fh3>\n\u003Cp>0.1.5\u003Cbr \u002F>\n– bugfix mysql error when someone calls sent messages and still no message is sent. See support forum read_message.php Error\u003Cbr \u002F>\n– bugfix set dynamic term page on sent messages page. See support forum read_message.php Error\u003C\u002Fp>\n\u003Ch3>Update Notice\u003C\u002Fh3>\n\u003Cp>0.1.6\u003Cbr \u002F>\nBig update! Now it is possible to search within the messages. That is usefull if you have many messages. It is a full text search in the messages and their subjects.\u003C\u002Fp>\n","Admin User Messages is a simple plugin that allows communication just between Admin and single users, but not a communication between user and user.",10,6408,72,5,"2014-08-11T10:35:00.000Z","3.9.40","3.4.1.","",[20,21,22,23,24],"admin","communication","email","inbox","mail","http:\u002F\u002Fwww.karstenm.de\u002Fwordpress\u002Fplugins\u002Fadmin_user_messages.zip","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"zaunkoenig",1,30,84,"2026-05-19T16:32:54.068Z",[40,63,86,109,127],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"change-admin-email-setting-without-outbound-email","Change Admin Email","5.0","johndeebdd","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohndeebdd\u002F","\u003Cp>This plugin allows an administrator to change the “site admin email”, without sending a confirmation email from the server. This can be useful for testing purposes, localhost setups, or any other situation where outbound email is disabled on the site. A new “feature” of WordPress 4.9 is that the administrator cannot change the site admin email without outgoing email setup on the server. This plugin restores the administrator’s ability to change this setting without sending a confirmation email. Note that the “site admin email” is the global email used for admin purposes on the site. It is the “from” address when the site sends an email. The “site admin email” may be different from the administrator’s personal user email, which is associated with the administrator’s user account.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once activated, an administrator can change the admin email from the Settings >> General page. You can request a test email be sent to the new email address. The test email is sent from our servers. You can view our privacy policy here: at https:\u002F\u002Fgeneralchicken.guru\u002Fprivacy-policy-2\u002F .\u003C\u002Fp>\n","Change the WordPress admin email without requiring email confirmation - perfect for development and testing environments.",50000,414079,96,137,"2026-04-08T12:41:00.000Z","6.9.4","4.9","5.6",[57,58,22,59],"admin_email","change_admin_email","rollback","https:\u002F\u002Fgeneralchicken.guru\u002Fchange-admin-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchange-admin-email-setting-without-outbound-email.5.0.zip",100,{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":62,"num_ratings":73,"last_updated":74,"tested_up_to":53,"requires_at_least":75,"requires_php":76,"tags":77,"homepage":81,"download_link":82,"security_score":83,"vuln_count":84,"unpatched_count":28,"last_vuln_date":85,"fetched_at":30},"smtp2go","SMTP2GO for WordPress – Email Made Easy","1.14.1","SMTP2GO","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmtp2go\u002F","\u003Cp>SMTP2GO’s WordPress plugin replaces the default built in wp_mail() functionality (phpmailer) and sends your email via SMTP2GO’s API and industry leading email delivery platform.\u003C\u002Fp>\n\u003Cp>SMTP2GO provides valuable insights into every aspect of your email’s life cycle, enabling you to track delivery rates, opens, clicks, and bounce rates. Whether your email is transactional, marketing, newsletter, contact form, or notification – we have got you covered.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The main benefits of using the official SMTP2GO plugin:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>We have made our plugin as easy and low maintenance as possible – you can set it up in under ten minutes.\u003C\u002Fli>\n\u003Cli>Take over from the default WordPress email system for more reliable delivery – you can be confident your emails have arrived at their destination inbox successfully.\u003C\u002Fli>\n\u003Cli>Get access to our intuitive real-time reporting tools. You can uncover what is going on behind the scenes with delivery, open rates, click rates, bounce, and unsubscription reports.\u003C\u002Fli>\n\u003Cli>We offer secure worldwide servers with intelligent routing for network redundancy and speedy delivery.\u003C\u002Fli>\n\u003Cli>We handle SPF and DKIM on your behalf. SMTP2GO can even turn your “http” links into “https”.\u003C\u002Fli>\n\u003Cli>Diagnose and resolve delivery issues with our insightful reporting page, or reach out to our award-winning support team who are available almost 24\u002F7 to help address problems in a timely, friendly fashion.\u003C\u002Fli>\n\u003Cli>We have a dedicated Review team who constantly monitor the reputations of our IP’s and we proactively alert members to any suspicious changes in their email regimen.\u003C\u002Fli>\n\u003Cli>Avoid poor reputation and throttling or limitations from over-used shared web hosts and other providers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.smtp2go.com\u002F\" rel=\"nofollow ugc\">Sign up here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you have questions or need assistance then feel free to contact the support team by logging into your \u003Ca href=\"https:\u002F\u002Fapp.smtp2go.com\" rel=\"nofollow ugc\">SMTP2GO dashboard\u003C\u002Fa> and clicking the support icon on the top right navigation bar.\u003C\u002Fp>\n\u003Cp>More information on this plugin is available in our \u003Ca href=\"https:\u002F\u002Fsupport.smtp2go.com\u002Fhc\u002Fen-gb\u002Farticles\u002F900000195666-SMTP2GO-WordPress-Plugin\" rel=\"nofollow ugc\">knowledgebase\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>About SMTP2GO\u003C\u002Fh3>\n\u003Cp>Founded in 2006, SMTP2GO is a fast and scalable world class email service provider for sending transactional and marketing emails. It is developed and supported by a team of delivery experts at the forefront of the email industry, providing a reliable SMTP solution for over 35,000 businesses.\u003C\u002Fp>\n\u003Cp>Complexities such as reputation monitoring, SPF and DKIM are professionally managed for each customer. Native-English speaking support is available worldwide (agents in the USA, EU, UK, Australia, and New Zealand).\u003C\u002Fp>\n\u003Cp>Our data centers are located around the world, meaning lightning-fast connection speeds, network redundancy, and GDPR compliance.\u003C\u002Fp>\n","Resolve email delivery issues, increase inbox placement, track sent email, get 24\u002F7 support, and real-time reporting.",30000,339758,65,"2026-03-04T01:49:00.000Z","6.2","7.4",[78,22,23,79,80],"delivery","smtp","wp_mail","https:\u002F\u002Fgithub.com\u002Fthefold\u002Fsmtp2go-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmtp2go.1.14.1.zip",98,2,"2025-07-16 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":99,"requires_at_least":100,"requires_php":101,"tags":102,"homepage":107,"download_link":108,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-new-user-notifications","Disable New User Notification Emails","2.0.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>This plugin disables WordPress notifications sent during the user registration process. That is all.\u003C\u002Fp>\n\u003Cp>This disables both the user registration and password reset notifications sent during the user registration process.\u003C\u002Fp>\n\u003Cp>Simple and Easy like it should be 🙂\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get More Email Subscribers with the most popular conversion optimization plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – Best Drag & Drop WordPress Form plugin (over 1 million active installs).\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the Stats that Matter and Grow Your Business with Confidence. Best Google Analytics Plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F\" title=\"SeedProd\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Jumpstart your website with the #1 Coming Soon & Maintenance Mode Plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress Tutorials\u003C\u002Fa> and find out about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F\" title=\"Best WordPress Plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin does one thing - disables user registration notification emails.",4000,75541,68,16,"2021-07-19T04:46:00.000Z","5.8.13","4.6","5.3",[103,104,105,106,22],"disable-admin-notifications","disable-notification","disable-user-emails","disable-user-notification-emails","https:\u002F\u002Fthomasgriffin.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-new-user-notifications.2.0.0.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":62,"num_ratings":84,"last_updated":119,"tested_up_to":53,"requires_at_least":101,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":62,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"make-disable-admin-email-verification-prompt","Make Disable Admin Email Verification Prompt| Aims Infosoft","1.0.7","Aims Infosoft","https:\u002F\u002Fprofiles.wordpress.org\u002Faimsinfosofts\u002F","\u003Cp>WordPress 5.3 introduced an admin email verification screen that will be shown to periodically after an admin has logged in.This feature to periodically prompt administrators to verify the site’s administration email address. This plugin disables that prompt.\u003C\u002Fp>\n\u003Cp>**NOTE : This plugin requires WordPress 5.3 or greater.\u003C\u002Fp>\n","Disable Admin Email Verification Prompt with checkbox option in Genearl in Settings.if you want to disable prompt then tick the chekckbox.",2000,7330,"2025-12-29T04:36:00.000Z","7.0",[20,122,123,22,124],"adminemail","disable","verification","https:\u002F\u002Fdeveloper.wordpress.org\u002Fplugins\u002Fmake-disable-admin-email-verification-prompt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmake-disable-admin-email-verification-prompt.1.0.7.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":62,"num_ratings":14,"last_updated":137,"tested_up_to":138,"requires_at_least":54,"requires_php":76,"tags":139,"homepage":142,"download_link":143,"security_score":144,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-user-password-reset-emails","Disable User Password Reset Admin Notifications","1.9","Chris Cook","https:\u002F\u002Fprofiles.wordpress.org\u002Fcccamuseme\u002F","\u003Cp>Disable admin email notifications when a user changes their password. Simply activate the plugin and you will no longer receive a email notification when a user resets their password.\u003C\u002Fp>\n","Disable admin email notifications when a user changes their password.",1000,24937,"2025-04-30T19:17:00.000Z","6.8.5",[20,140,141],"emails","notifications","https:\u002F\u002Fmindspikedesign.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-user-password-reset-emails.1.9.zip",92,{"attackSurface":146,"codeSignals":189,"taintFlows":490,"riskAssessment":517,"analyzedAt":526},{"hooks":147,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":187,"entryPointCount":188,"unprotectedCount":28},[148,153,156],{"type":149,"name":150,"callback":151,"priority":62,"file":152,"line":62},"action","wp_print_styles","add_my_styles2","admin_user_messages.php",{"type":149,"name":154,"callback":151,"file":152,"line":155},"init",105,{"type":149,"name":157,"callback":158,"file":152,"line":159},"admin_menu","mt_add_pages",115,[],[],[163,167,171,175,179,183],{"tag":164,"callback":164,"file":165,"line":166},"admin_user_answer_message","admin_user_messages_answer_message.php",261,{"tag":168,"callback":168,"file":169,"line":170},"admin_user_messages_inbox","admin_user_messages_inbox.php",262,{"tag":172,"callback":172,"file":173,"line":174},"admin_user_read_message","admin_user_messages_read_message.php",151,{"tag":176,"callback":176,"file":177,"line":178},"admin_user_messages_search","admin_user_messages_search.php",112,{"tag":180,"callback":180,"file":181,"line":182},"admin_user_messages_sent_messages","admin_user_messages_sent_messages.php",249,{"tag":184,"callback":184,"file":185,"line":186},"admin_user_messages_write_message","admin_user_messages_write_message.php",271,[],6,{"dangerousFunctions":190,"sqlUsage":191,"outputEscaping":193,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":35,"bundledLibraries":489},[],{"prepared":84,"raw":28,"locations":192},[],{"escaped":28,"rawEcho":194,"locations":195},179,[196,199,201,203,205,207,209,211,213,214,215,216,217,218,219,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,322,323,324,325,326,327,329,331,333,334,336,337,339,341,343,344,346,348,350,352,354,356,358,359,360,362,363,364,366,368,370,372,373,374,375,376,377,378,379,380,382,384,386,387,388,390,392,394,396,398,399,400,401,402,403,404,405,407,409,411,413,415,416,417,418,420,422,423,424,425,426,427,428,430,432,434,435,436,437,438,439,441,443,444,445,447,449,451,453,455,456,457,458,459,461,462,464,465,466,468,470,471,472,473,474,475,476,477,479,481,483,485,487],{"file":165,"line":197,"context":198},39,"raw output",{"file":165,"line":200,"context":198},46,{"file":165,"line":202,"context":198},51,{"file":165,"line":204,"context":198},133,{"file":165,"line":206,"context":198},138,{"file":165,"line":208,"context":198},139,{"file":165,"line":210,"context":198},140,{"file":165,"line":212,"context":198},167,{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":212,"context":198},{"file":165,"line":221,"context":198},192,{"file":165,"line":223,"context":198},202,{"file":165,"line":225,"context":198},203,{"file":165,"line":227,"context":198},208,{"file":165,"line":229,"context":198},211,{"file":165,"line":231,"context":198},212,{"file":165,"line":233,"context":198},221,{"file":165,"line":235,"context":198},223,{"file":165,"line":237,"context":198},225,{"file":165,"line":239,"context":198},226,{"file":165,"line":241,"context":198},227,{"file":165,"line":243,"context":198},229,{"file":165,"line":245,"context":198},230,{"file":165,"line":247,"context":198},231,{"file":165,"line":249,"context":198},233,{"file":165,"line":251,"context":198},235,{"file":253,"line":254,"context":198},"admin_user_messages_functions.php",266,{"file":253,"line":256,"context":198},272,{"file":253,"line":258,"context":198},276,{"file":253,"line":260,"context":198},280,{"file":253,"line":262,"context":198},284,{"file":253,"line":264,"context":198},288,{"file":253,"line":266,"context":198},292,{"file":253,"line":268,"context":198},296,{"file":253,"line":270,"context":198},300,{"file":253,"line":272,"context":198},304,{"file":253,"line":274,"context":198},308,{"file":253,"line":276,"context":198},312,{"file":253,"line":278,"context":198},321,{"file":253,"line":280,"context":198},325,{"file":253,"line":282,"context":198},329,{"file":253,"line":284,"context":198},334,{"file":253,"line":286,"context":198},338,{"file":253,"line":288,"context":198},342,{"file":253,"line":290,"context":198},346,{"file":253,"line":292,"context":198},350,{"file":253,"line":294,"context":198},354,{"file":253,"line":296,"context":198},358,{"file":253,"line":298,"context":198},362,{"file":253,"line":300,"context":198},371,{"file":253,"line":302,"context":198},376,{"file":253,"line":304,"context":198},381,{"file":253,"line":306,"context":198},391,{"file":253,"line":308,"context":198},396,{"file":253,"line":310,"context":198},401,{"file":253,"line":312,"context":198},405,{"file":253,"line":314,"context":198},412,{"file":253,"line":316,"context":198},417,{"file":253,"line":318,"context":198},422,{"file":169,"line":320,"context":198},50,{"file":169,"line":320,"context":198},{"file":169,"line":320,"context":198},{"file":169,"line":320,"context":198},{"file":169,"line":320,"context":198},{"file":169,"line":320,"context":198},{"file":169,"line":320,"context":198},{"file":169,"line":328,"context":198},58,{"file":169,"line":330,"context":198},74,{"file":169,"line":332,"context":198},81,{"file":169,"line":27,"context":198},{"file":169,"line":335,"context":198},87,{"file":169,"line":144,"context":198},{"file":169,"line":338,"context":198},95,{"file":169,"line":340,"context":198},97,{"file":169,"line":342,"context":198},132,{"file":169,"line":174,"context":198},{"file":169,"line":345,"context":198},161,{"file":169,"line":347,"context":198},163,{"file":169,"line":349,"context":198},164,{"file":169,"line":351,"context":198},165,{"file":169,"line":353,"context":198},166,{"file":169,"line":355,"context":198},180,{"file":169,"line":357,"context":198},196,{"file":169,"line":357,"context":198},{"file":169,"line":357,"context":198},{"file":169,"line":361,"context":198},201,{"file":169,"line":361,"context":198},{"file":169,"line":361,"context":198},{"file":169,"line":365,"context":198},210,{"file":169,"line":367,"context":198},214,{"file":173,"line":369,"context":198},42,{"file":173,"line":371,"context":198},48,{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":328,"context":198},{"file":173,"line":381,"context":198},89,{"file":173,"line":383,"context":198},90,{"file":173,"line":385,"context":198},94,{"file":173,"line":340,"context":198},{"file":173,"line":83,"context":198},{"file":173,"line":389,"context":198},101,{"file":173,"line":391,"context":198},103,{"file":173,"line":393,"context":198},107,{"file":173,"line":395,"context":198},116,{"file":173,"line":397,"context":198},122,{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":197,"context":198},{"file":177,"line":406,"context":198},53,{"file":177,"line":408,"context":198},61,{"file":177,"line":410,"context":198},62,{"file":177,"line":412,"context":198},69,{"file":177,"line":414,"context":198},78,{"file":177,"line":37,"context":198},{"file":177,"line":27,"context":198},{"file":177,"line":383,"context":198},{"file":177,"line":419,"context":198},99,{"file":181,"line":421,"context":198},49,{"file":181,"line":421,"context":198},{"file":181,"line":421,"context":198},{"file":181,"line":421,"context":198},{"file":181,"line":421,"context":198},{"file":181,"line":421,"context":198},{"file":181,"line":421,"context":198},{"file":181,"line":429,"context":198},57,{"file":181,"line":431,"context":198},75,{"file":181,"line":433,"context":198},83,{"file":181,"line":335,"context":198},{"file":181,"line":381,"context":198},{"file":181,"line":385,"context":198},{"file":181,"line":340,"context":198},{"file":181,"line":419,"context":198},{"file":181,"line":440,"context":198},134,{"file":181,"line":442,"context":198},153,{"file":181,"line":351,"context":198},{"file":181,"line":212,"context":198},{"file":181,"line":446,"context":198},168,{"file":181,"line":448,"context":198},169,{"file":181,"line":450,"context":198},170,{"file":181,"line":452,"context":198},186,{"file":181,"line":454,"context":198},200,{"file":181,"line":454,"context":198},{"file":181,"line":454,"context":198},{"file":181,"line":227,"context":198},{"file":181,"line":231,"context":198},{"file":185,"line":460,"context":198},31,{"file":185,"line":197,"context":198},{"file":185,"line":463,"context":198},45,{"file":185,"line":342,"context":198},{"file":185,"line":208,"context":198},{"file":185,"line":467,"context":198},146,{"file":185,"line":469,"context":198},171,{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":194,"context":198},{"file":185,"line":478,"context":198},189,{"file":185,"line":480,"context":198},219,{"file":185,"line":482,"context":198},239,{"file":185,"line":484,"context":198},248,{"file":185,"line":486,"context":198},253,{"file":185,"line":488,"context":198},259,[],[491,508],{"entryPoint":492,"graph":493,"unsanitizedCount":35,"severity":507},"admin_user_read_message (admin_user_messages_read_message.php:5)",{"nodes":494,"edges":504},[495,499],{"id":496,"type":497,"label":498,"file":173,"line":97},"n0","source","$_POST",{"id":500,"type":501,"label":502,"file":173,"line":369,"wp_function":503},"n1","sink","echo() [XSS]","echo",[505],{"from":496,"to":500,"sanitized":506},false,"medium",{"entryPoint":509,"graph":510,"unsanitizedCount":35,"severity":516},"\u003Cadmin_user_messages_read_message> (admin_user_messages_read_message.php:0)",{"nodes":511,"edges":514},[512,513],{"id":496,"type":497,"label":498,"file":173,"line":97},{"id":500,"type":501,"label":502,"file":173,"line":369,"wp_function":503},[515],{"from":496,"to":500,"sanitized":506},"low",{"summary":518,"deductions":519},"The 'admin-user-messages' plugin, in version 0.1.6, presents a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all its SQL queries and avoids dangerous functions, file operations, and external HTTP requests. The absence of known vulnerabilities in its history is also a strong indicator of historical diligence. However, significant concerns arise from the static analysis, particularly the complete lack of output escaping. This means that all 179 detected output points are potentially vulnerable to cross-site scripting (XSS) attacks if malicious data is injected into the system. Additionally, the absence of nonce checks across all its entry points, while not explicitly flagged as unprotected due to capability checks being present, still represents a potential weakness for certain types of attacks that could be exploited in conjunction with other vulnerabilities.",[520,523],{"reason":521,"points":522},"100% of outputs are not properly escaped",15,{"reason":524,"points":525},"0 Nonce checks on entry points",8,"2026-03-16T23:16:20.136Z",{"wat":528,"direct":534},{"assetPaths":529,"generatorPatterns":531,"scriptPaths":532,"versionParams":533},[530],"\u002Fwp-content\u002Fplugins\u002Fadmin-user-messages\u002Fcss\u002Fstyle.css",[],[],[],{"cssClasses":535,"htmlComments":537,"htmlAttributes":538,"restEndpoints":539,"jsGlobals":540,"shortcodeOutput":541},[536],"aum_button",[],[],[],[],[],{"error":543,"url":544,"statusCode":545,"statusMessage":546,"message":546},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fadmin-user-messages\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":548,"versions":549},7,[550,556,563,570,577,584,591],{"version":6,"download_url":551,"svn_tag_url":552,"released_at":29,"has_diff":506,"diff_files_changed":553,"diff_lines":29,"trac_diff_url":554,"vulnerabilities":555,"is_current":543},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1.5&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.6",[],{"version":557,"download_url":558,"svn_tag_url":559,"released_at":29,"has_diff":506,"diff_files_changed":560,"diff_lines":29,"trac_diff_url":561,"vulnerabilities":562,"is_current":506},"0.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1.4&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.5",[],{"version":564,"download_url":565,"svn_tag_url":566,"released_at":29,"has_diff":506,"diff_files_changed":567,"diff_lines":29,"trac_diff_url":568,"vulnerabilities":569,"is_current":506},"0.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1.3&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.4",[],{"version":571,"download_url":572,"svn_tag_url":573,"released_at":29,"has_diff":506,"diff_files_changed":574,"diff_lines":29,"trac_diff_url":575,"vulnerabilities":576,"is_current":506},"0.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1.2&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.3",[],{"version":578,"download_url":579,"svn_tag_url":580,"released_at":29,"has_diff":506,"diff_files_changed":581,"diff_lines":29,"trac_diff_url":582,"vulnerabilities":583,"is_current":506},"0.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1.1&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.2",[],{"version":585,"download_url":586,"svn_tag_url":587,"released_at":29,"has_diff":506,"diff_files_changed":588,"diff_lines":29,"trac_diff_url":589,"vulnerabilities":590,"is_current":506},"0.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadmin-user-messages%2Ftags%2F0.1&new_path=%2Fadmin-user-messages%2Ftags%2F0.1.1",[],{"version":592,"download_url":593,"svn_tag_url":594,"released_at":29,"has_diff":506,"diff_files_changed":595,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":596,"is_current":506},"0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-user-messages.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadmin-user-messages\u002Ftags\u002F0.1\u002F",[],[]]