[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frHGNblRo_6A3cQQF3ahFCUXFTX8d2RplCei3R8qWzco":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":134,"fingerprints":272},"advanced-export-for-wp-wpmu","Advanced Export for WP & WPMU","2.9","Ron Rennick","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmuguru\u002F","\u003Cp>\u003Cem>The functionality in this plugin was incorporated into the built in export feature in WordPress 3.0\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Working with a single large export file can be difficult. Use this plugin to create multiple export files that contain sections of your blog. This plugin has been tested on WP  & WPMU versions 2.7 – 2.8.4. The plugin may work on earlier versions of WP\u002FWPMU.\u003C\u002Fp>\n\u003Cp>All restriction options provided in the plugin are \u003Cem>optional\u003C\u002Fem>. If no restrictions are selected, this plugin generates the same export file as the export feature built into WP & WPMU.\u003C\u002Fp>\n\u003Cp>\u003Cem>Features\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Export by any optional combination of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Date Range\u003C\u002Fem> – Start & end month\u002Fyear\u003C\u002Fli>\n\u003Cli>\u003Cem>Author\u003C\u002Fem> – Same as WP\u002FWPMU built-in export\u003C\u002Fli>\n\u003Cli>\u003Cem>Category\u003C\u002Fem> – Export a specific category\u003C\u002Fli>\n\u003Cli>\u003Cem>Content type\u003C\u002Fem> – Choose either posts or pages\u003C\u002Fli>\n\u003Cli>\u003Cem>Post status\u003C\u002Fem> – Choose Draft, Published, Scheduled or Private\u003C\u002Fli>\n\u003Cli>\u003Cem>Blog Tag\u002FCategory Terms\u003C\u002Fem> – Choose whether to include the blog’s complete list of Tags and\u002For Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support can be obtained through:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fadvanced-export-for-wp-wpmu?forum_id=10#postform\" rel=\"ugc\">WordPress Forums\u003C\u002Fa>\u003C\u002Fp>\n","Adds an Advanced Export to the Tools menu which allows selective exporting of pages, posts, specific categories and\u002For post statuses by date.",800,52833,74,3,"2015-08-10T12:29:00.000Z","4.8.28","2.7","",[20,21,22],"export","multisite","wpmu","http:\u002F\u002Fwpmututorials.com\u002Fplugins\u002Fadvanced-export\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-export-for-wp-wpmu.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":25,"computed_at":36},"wpmuguru",10,1220,87,30,"2026-04-04T04:25:31.580Z",[38,57,78,95,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":55,"download_link":56,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"multisite-plugin-manager","Multisite Plugin Manager","3.1.6","Aaron Edwards","https:\u002F\u002Fprofiles.wordpress.org\u002Fuglyrobot\u002F","\u003Cp>Plugin management for WordPress Multisite that supports the native plugins page and the WPMU DEV Pro Sites plugin! Used on thousands of multisite installs across the web.\u003Cbr \u002F>\nPreviously known as \u003Cstrong>WPMU Plugin Manager\u003C\u002Fstrong>, it uses a backend options page to adjust plugin permissions for all the sites in your network.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select what plugins sites have access to\u003C\u002Fli>\n\u003Cli>Choose plugins to Auto-Activate for all new blogs\u003C\u002Fli>\n\u003Cli>Mass activate\u002Fdeactivate a plugin on all sites in your network (Very Handy!)\u003C\u002Fli>\n\u003Cli>Assign special plugin access permissions for specific sites in your network\u003C\u002Fli>\n\u003Cli>And as Super Admin, you can override all these to activate specific plugins on the sites you choose!\u003C\u002Fli>\n\u003Cli>Removes the plugin meta row links (Version, Author, Plugin) and any update messages for blog admins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Also, if you use the excellent \u003Ca href=\"https:\u002F\u002Fpremium.wpmudev.org\u002Fproject\u002Fpro-sites\u002F\" rel=\"nofollow ugc\">Pro Sites plugin from WPMU DEV\u003C\u002Fa> you will be able to charge for access to certain plugins!\u003C\u002Fp>\n\u003Cp>A free plugin by Aaron Edwards of \u003Ca href=\"http:\u002F\u002Fuglyrobot.com\u002F\" rel=\"nofollow ugc\">UglyRobot Web Development\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fuglyrobot\u002Fmultisite-plugin-manager\" rel=\"nofollow ugc\">Contribute on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","The essential plugin for every multisite install! Manage plugin access permissions across your entire multisite network.",200,107575,84,23,"2020-08-18T01:52:00.000Z","4.9.29","3.7.3",[21,54,22],"plugins","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmultisite-plugin-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-plugin-manager.3.1.6.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":18,"tags":72,"homepage":76,"download_link":77,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"multisite-cloner","Multisite Cloner","0.2.2.1","Manuel Razzari","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanuelrazzari\u002F","\u003Cp>In WordPress Multisite, new sites get a boring default template, without any custom settings or starter content.\u003C\u002Fp>\n\u003Cp>This plugin allows you to select a specific blog on your network, a “master” one, that will be cloned every time a new blog is created.\u003C\u002Fp>\n\u003Cp>In this way, new blogs will contain all posts, uploads, theme settings and plugin options from the master blog.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>It uses MySQL \u003Ccode>INSERT INTO ... SELECT\u003C\u002Fcode> to copy \u003Cem>every\u003C\u002Fem> table from the “master” blog into the new one. This is fast!\u003C\u002Fli>\n\u003Cli>Then it does a search and replace on the new blog’s tables, to replace the old URL with the new one.\u003Cbr \u002F>\nThis is done in a way that respects serialized arrays, so your plugin’s settings will be preserved.\u003Cbr \u002F>\n(We used a heavily trimmed down version of Interconnect\u002FIT’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Finterconnectit\u002FSearch-Replace-DB\" rel=\"nofollow ugc\">Search and Replace\u003C\u002Fa> tool for that, so go thank them for this!)\u003C\u002Fli>\n\u003Cli>It proceeds to copy all files from the \u003Ccode>wp-content\u002Fuploads\u003C\u002Fcode> dir of your master blog into the new one’s, so that all assets will work as expected.\u003C\u002Fli>\n\u003Cli>Finally it does some house clean-up, updating the new blog’s title, admin email, and user roles as needed.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Go check the screenshots, it’s really simple and does what it says.\u003Cbr \u002F>\nGive it a try!\u003C\u002Fp>\n\u003Cp>\u003Cem>This plugin was handcrafted with love and ‘yerba mate’ by the team at \u003Ca href=\"http:\u002F\u002Fwww.tipit.net\u002F\" title=\"Sustainable Web development since 1996 in Austin, Texas\" rel=\"nofollow ugc\">Tipit.net\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n","When creating a new blog on WordPress Multisite, copies all the posts, settings and files, from a selected blog into the new one.",100,35036,94,29,"2016-11-18T20:45:00.000Z","4.6.30","3.0",[73,74,75,21,22],"clone","copy","copy-blog","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-cloner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-cloner.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":65,"downloaded":86,"rating":65,"num_ratings":14,"last_updated":87,"tested_up_to":16,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":93,"download_link":94,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"multisite-user-role-manager","Multisite User Role Manager","1.0.7","OzTheGreat","https:\u002F\u002Fprofiles.wordpress.org\u002Fozthegreat\u002F","\u003Cp>For WordPress Multisite (WPMU) installs, allows Super Admins to easily manage each users roles and blogs from one\u003Cbr \u002F>\nscreen in the Network Admin menu.\u003C\u002Fp>\n\u003Cp>You no longer have to go to each blog to change the user’s role. It’s also\u003Cbr \u002F>\nmuch easier to see which sites a user is associated with.\u003C\u002Fp>\n","Manage user roles for each blog from a single screen on multisite (WPMU) setups",30215,"2017-11-07T14:04:00.000Z","4.0",[90,21,91,92,22],"management","roles","users","https:\u002F\u002Fwpartisan.me\u002Fplugins\u002Fmultisite-user-role-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-user-role-manager.1.0.7.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":65,"downloaded":103,"rating":65,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":112,"download_link":113,"security_score":114,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"network-username-restrictions-override","Network Username Restrictions Override","1.3","Daniel Westermann-Clark","https:\u002F\u002Fprofiles.wordpress.org\u002Fdwc\u002F","\u003Cp>By default, WordPress network usernames cannot contain anything but lowercase letters and numbers. This plugin adds network options to let you include hyphens, underscores, or uppercase letters, if desired.\u003C\u002Fp>\n\u003Cp>Furthermore, this plugin gives you the option to allow email addresses as usernames, or to allow all-numeric usernames (e.g. “1234”).\u003C\u002Fp>\n\u003Cp>Finally, this plugin lets you override the minimum length for usernames (which defaults to four characters).\u003C\u002Fp>\n\u003Cp>To follow updates to this plugin, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F\u003C\u002Fp>\n\u003Cp>For help with this version, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F\u003C\u002Fp>\n","Override restrictions on WordPress network usernames.",10464,2,"2024-04-24T14:02:00.000Z","6.5.8","3.4",[109,110,21,111,22],"admin","authentication","network","https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-username-restrictions-override.1.3.zip",92,{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":26,"num_ratings":26,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":132,"download_link":133,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wpms-sidebar-login-widget","WPMS Sidebar Login Widget","1.9.4","Joshua Parker","https:\u002F\u002Fprofiles.wordpress.org\u002Fparkerj\u002F","\u003Cp>If you are running a WPMS (Multisite) blogging network, the issue with most login widgets that you add to the main site’s sidebar is that it doesn’t pull the user’s own blog info. That is why the WPMS Sidebar Login Widget was created. Instead of the user trying to remember the login page of their own site\u002Fblog, when a user logs into your main site, the widget will conveniently contain links to navigate to 3 different pages of the user’s blog: dashboard, new post page, and profile page.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Link to Network Admin page (only shows if user logged in is a super admin)\u003C\u002Fli>\n\u003Cli>Link to user’s dashboard\u003C\u002Fli>\n\u003Cli>Link to user’s new post page\u003C\u002Fli>\n\u003Cli>Link to user’s profile page\u003C\u002Fli>\n\u003Cli>Link to forums page\u003C\u002Fli>\n\u003Cli>Subblog registration detection\u003C\u002Fli>\n\u003Cli>Custom CSS settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To make sure it works, activate the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fuser-switching\u002F\" rel=\"ugc\">User Switching\u003C\u002Fa> plugin on the main site only to switch to a different user.\u003C\u002Fp>\n","Adds a sidebar widget to the main site of a WPMU\u002FWPMS install.",50,22785,"2012-02-19T04:23:00.000Z","3.3.2","2.8",[129,21,130,131,22],"login","widget","wpms","http:\u002F\u002Fwww.7mediaws.org\u002Fblog\u002Fwpms_sidebar_login_widget.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpms-sidebar-login-widget.1.9.4.zip",{"attackSurface":135,"codeSignals":151,"taintFlows":259,"riskAssessment":260,"analyzedAt":271},{"hooks":136,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":26,"unprotectedCount":26},[137,143],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","init","ra_do_export","ra-export.php",31,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_menu","ra_add_export_page",365,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":163,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":104,"bundledLibraries":258},[],{"prepared":32,"raw":14,"locations":154},[155,158,161],{"file":141,"line":156,"context":157},106,"$wpdb->get_col() with variable interpolation",{"file":141,"line":159,"context":160},181,"$wpdb->get_results() with variable interpolation",{"file":141,"line":162,"context":157},294,{"escaped":104,"rawEcho":164,"locations":165},46,[166,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256],{"file":141,"line":167,"context":168},131,"raw output",{"file":141,"line":170,"context":168},162,{"file":141,"line":172,"context":168},164,{"file":141,"line":174,"context":168},166,{"file":141,"line":176,"context":168},169,{"file":141,"line":178,"context":168},172,{"file":141,"line":180,"context":168},185,{"file":141,"line":182,"context":168},187,{"file":141,"line":184,"context":168},188,{"file":141,"line":186,"context":168},193,{"file":141,"line":188,"context":168},194,{"file":141,"line":190,"context":168},195,{"file":141,"line":192,"context":168},196,{"file":141,"line":194,"context":168},197,{"file":141,"line":196,"context":168},198,{"file":141,"line":198,"context":168},199,{"file":141,"line":46,"context":168},{"file":141,"line":201,"context":168},201,{"file":141,"line":203,"context":168},202,{"file":141,"line":205,"context":168},203,{"file":141,"line":207,"context":168},204,{"file":141,"line":209,"context":168},205,{"file":141,"line":211,"context":168},208,{"file":141,"line":213,"context":168},216,{"file":141,"line":215,"context":168},217,{"file":141,"line":217,"context":168},225,{"file":141,"line":219,"context":168},226,{"file":141,"line":221,"context":168},227,{"file":141,"line":223,"context":168},228,{"file":141,"line":225,"context":168},229,{"file":141,"line":227,"context":168},230,{"file":141,"line":229,"context":168},231,{"file":141,"line":231,"context":168},232,{"file":141,"line":233,"context":168},233,{"file":141,"line":235,"context":168},234,{"file":141,"line":237,"context":168},235,{"file":141,"line":239,"context":168},236,{"file":141,"line":241,"context":168},276,{"file":141,"line":243,"context":168},283,{"file":141,"line":245,"context":168},297,{"file":141,"line":247,"context":168},313,{"file":141,"line":249,"context":168},415,{"file":141,"line":251,"context":168},423,{"file":141,"line":253,"context":168},431,{"file":141,"line":255,"context":168},439,{"file":141,"line":257,"context":168},465,[],[],{"summary":261,"deductions":262},"The static analysis of \"advanced-export-for-wp-wpmu\" v2.9 reveals a generally good security posture, particularly regarding its limited attack surface and the absence of dangerous functions or external HTTP requests.  The plugin also shows an effort to use prepared statements for most SQL queries, which is a positive sign for preventing SQL injection vulnerabilities. However, a significant concern is the extremely low rate of proper output escaping (4%), with only 4% of 48 outputs being escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as unsanitized user input rendered on the frontend could be exploited by attackers. The lack of nonce checks is also a weakness, as it could facilitate Cross-Site Request Forgery (CSRF) attacks, especially if any of the functionality were to be exposed through AJAX or other entry points.\n\nThe vulnerability history for this plugin is clean, with no recorded CVEs. This, combined with the limited attack surface and the use of prepared statements, suggests a developer who has historically been mindful of security. However, the historical lack of vulnerabilities should not overshadow the critical weaknesses identified in the current static analysis. The combination of numerous unescaped outputs and missing nonce checks presents a substantial risk, despite the absence of critical taint flows or dangerous functions in this analysis.\n\nIn conclusion, while \"advanced-export-for-wp-wpmu\" v2.9 has strengths in its small attack surface and use of prepared statements, the critical flaw in output escaping presents a significant security risk. The absence of nonce checks further exacerbates this, making the plugin susceptible to XSS and potentially CSRF attacks. The clean vulnerability history is a positive indicator, but it does not negate the immediate dangers identified in the current code.",[263,266,269],{"reason":264,"points":265},"Low output escaping rate",15,{"reason":267,"points":268},"Missing nonce checks",8,{"reason":270,"points":14},"SQL queries not always prepared","2026-03-16T19:20:11.923Z",{"wat":273,"direct":278},{"assetPaths":274,"generatorPatterns":275,"scriptPaths":276,"versionParams":277},[],[],[],[],{"cssClasses":279,"htmlComments":280,"htmlAttributes":295,"restEndpoints":304,"jsGlobals":305,"shortcodeOutput":306},[],[281,282,283,284,285,286,287,288,289,290,291,292,293,294],"This is a WordPress eXtended RSS file generated by WordPress as an export of your blog.","It contains information about your blog's posts, comments, and categories.","You may use this file to transfer that content from one site to another.","This file is not intended to serve as a complete backup of your blog.","To import this information into a WordPress blog follow these steps.","Log into that blog as an administrator.","Go to Tools: Import in the blog's admin panels (or Manage: Import in older versions of WordPress).","Choose \"WordPress\" from the list.","Upload this file using the form provided on that page.","You will first be asked to map the authors in this export file to users","on the blog.  For each author, you may choose to map to an","existing user on the blog or to create a new user","WordPress will then import each of the posts, comments, and categories","contained in this file into your blog",[296,297,298,299,300,301,302,303],"wp:wxr_version","wp:base_site_url","wp:base_blog_url","wp:category","wp:category_nicename","wp:category_parent","wp:tag","wp:tag_slug",[],[],[]]