[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGX2rh2b5aWBIJ8HkezsmRTr6SpWneAoe-U0FxXMO91s":3,"$fv4YAF1H_2Aav5M2psAitgag-43QBo9JiepZr6ntuTx8":268},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":53,"analysis":154,"fingerprints":237},"anything-order-by-terms","Anything Order by Terms","1.4.0","briarinc","https:\u002F\u002Fprofiles.wordpress.org\u002Fbriarinc\u002F","\u003Cp>This plugin allows you to arrange any post types and terms with simple drag and drop within the builtin list table on administration screen. Save post order for each term.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for any post types and taxonomies.\u003C\u002Fli>\n\u003Cli>Multiple selection is available.\u003C\u002Fli>\n\u003Cli>Capabilities aware. ‘edit_others_posts’ for post. ‘manage_terms’ for taxonomy.\u003C\u002Fli>\n\u003Cli>No additional column in builtin tables.\u003C\u002Fli>\n\u003Cli>No additional table in database.\u003C\u002Fli>\n\u003Cli>Save post order for each term.\u003C\u002Fli>\n\u003Cli>Woocommerce and Polylang compatibility.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to arrange any post types and terms with drag and drop. Save post order for each term.",1000,16659,86,6,"2022-07-06T16:40:00.000Z","6.0.11","5.0","5.6",[20,21,22,23,24],"admin","custom","drag-and-drop","menu_order","order","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fanything-order-by-terms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.4.0.zip",63,1,"2026-01-21 00:00:00","2026-04-06T09:54:40.288Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37,"patch_diff_files":46,"patch_trac_url":37},"CVE-2026-24567","anything-order-by-terms-missing-authorization","Anything Order by Terms \u003C= 1.4.0 - Missing Authorization","The Anything Order by Terms plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with contributor-level access and above, to perform an unauthorized action.",null,"\u003C=1.4.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-01-27 19:11:24",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc5e65bba-e1eb-43b9-b3a6-7b8437692318?source=api-prod",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":11,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},2,82,30,81,"2026-04-06T11:08:35.938Z",[54,75,93,114,132],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":71,"download_link":72,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"anything-order","Anything Order","1.0.3","Pimp My Site","https:\u002F\u002Fprofiles.wordpress.org\u002Fpmwp\u002F","\u003Cp>This plugin allows you to arrange any post types and taxonomies with simple drag and drop within the builtin list table on administration screen.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for any post types and taxonomies.\u003C\u002Fli>\n\u003Cli>Multiple selection is available.\u003C\u002Fli>\n\u003Cli>Capabilities aware. ‘edit_others_posts’ for post. ‘manage_terms’ for taxonomy.\u003C\u002Fli>\n\u003Cli>No additional column in builtin tables.\u003C\u002Fli>\n\u003Cli>No additional table in database.\u003C\u002Fli>\n\u003C\u002Ful>\n","Reorder any post types and taxonomies with drag and drop.",300,10107,98,12,"2014-05-09T08:42:00.000Z","3.9.40","3.8","",[20,21,22,23,24],"http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fanything-order\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order.1.0.3.zip",85,0,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":74,"downloaded":83,"rating":84,"num_ratings":28,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":69,"download_link":92,"security_score":84,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"post-order-manager","Post Order Manager","1.0.1","Hardik Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fhardikhuptechdev\u002F","\u003Cp>\u003Cstrong>Post Order Manager\u003C\u002Fstrong> makes it easy to change the display order of your posts and custom post types from the WordPress admin.\u003C\u002Fp>\n\u003Cp>You can choose which post types are reorderable via the settings, and use a simple drag-and-drop interface to instantly save the new order.\u003C\u002Fp>\n\u003Cp>Ideal for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Custom post types like “Projects”, “Team Members”, “Testimonials”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Manually arranging featured content\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Developers who use \u003Ccode>menu_order\u003C\u002Fcode> for template control\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Reorder posts via drag-and-drop\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Updates the \u003Ccode>menu_order\u003C\u002Fcode> field in real time\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Choose which post types to enable ordering for\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Clean admin UI (under Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Post Order)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Uses AJAX and jQuery UI for instant updates\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Works with built-in and custom post types\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Reorder posts using a simple drag-and-drop interface and update the menu_order field in seconds.",364,100,"2025-07-11T05:24:00.000Z","6.8.5","5.5","7.2",[20,90,22,23,91],"custom-order","post-order","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-order-manager.1.0.1.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":74,"num_ratings":74,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":18,"tags":106,"homepage":112,"download_link":113,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"admin-menu-customizer","Admin Menu Customizer","1.1.4","Bowo","https:\u002F\u002Fprofiles.wordpress.org\u002Fqriouslad\u002F","\u003Cp>\u003Cstrong>Admin Menu Customizer\u003C\u002Fstrong> allows you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change the order of menu items.\u003C\u002Fli>\n\u003Cli>Change the title of menu items added by active plugins and theme.\u003C\u002Fli>\n\u003Cli>Hide menu items on page load, with a “Show All” toggle to reveal them on click.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is useful to keep your admin menu tidy when your site grows more complex and have more menu items than can fit on the screen. It also helps you and site editors, authors and contributors focus on the most relevant menu items, e.g. for managing content.\u003C\u002Fp>\n\u003Cp>The functionality of this plugin is included as part of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-site-enhancements\u002F\" rel=\"ugc\">Admin and Site Enhancements\u003C\u002Fa>, should you prefer a single plugin that does more than one thing.\u003C\u002Fp>\n\u003Ch3>Give Back\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-menu-customizer\u002F#reviews\" rel=\"ugc\">A nice review\u003C\u002Fa> would be great!\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fadmin-menu-customizer\u002F\" rel=\"ugc\">Give feedback\u003C\u002Fa> and help improve future versions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqriouslad\u002Fadmin-menu-customizer\" rel=\"nofollow ugc\">Github repo\u003C\u002Fa> to contribute code.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Fqriouslad\" rel=\"nofollow ugc\">Donate\u003C\u002Fa> and support my work.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Check These Out Too\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-site-enhancements\u002F\" rel=\"ugc\">Admin and Site Enhancements\u003C\u002Fa> helps you to easily enhance various admin workflows and site aspects while replacing multiple plugins doing it.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflexible-scroll-top\u002F\" rel=\"ugc\">Flexible Scroll Top\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffloating-share-button\u002F\" rel=\"ugc\">Floating Share Buttons\u003C\u002Fa> is a lightweight combo with minimalist UI.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsystem-dashboard\u002F\" rel=\"ugc\">System Dashboard\u003C\u002Fa>: Central dashboard to monitor various WordPress components, processes and data, including the server.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-log-manager\u002F\" rel=\"ugc\">Debug Log Manager\u003C\u002Fa>: Log PHP, database and JavaScript errors via WP_DEBUG with one click. Conveniently create, view, filter and clear the debug.log file.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvariable-inspector\u002F\" rel=\"ugc\">Variable Inspector\u003C\u002Fa>: Inspect PHP variables on a central dashboard in wp-admin for convenient debugging.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcode-explorer\u002F\" rel=\"ugc\">Code Explorer\u003C\u002Fa>: Fast directory explorer and file\u002Fcode viewer with syntax highlighting.\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize the order of the admin menu and optionally change menu item titles or hide some items.",10,7218,"2022-12-08T14:49:00.000Z","6.1.10","4.6",[107,108,109,110,111],"admin-menu","custom-menu","hide-menu","menu","menu-order","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-menu-customizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-menu-customizer.1.1.4.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":74,"downloaded":122,"rating":84,"num_ratings":28,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":69,"tags":126,"homepage":130,"download_link":131,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"ajax-admin-menu-editor","AJAX Admin Menu Editor","1.0","Luke Hertzler","https:\u002F\u002Fprofiles.wordpress.org\u002Flhertzler\u002F","\u003Cp>Easily reorder your admin menu items on the user and blog level with simple drag & drop operation.\u003C\u002Fp>\n\u003Cp>Menu ordering is automatically saved in the database by user and site.\u003C\u002Fp>\n\u003Cp>Based on user, the plugin will load their own unique menu preference.\u003C\u002Fp>\n\u003Cp>This plugin is a standalone feature of the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fzeus-admin-theme\u002F\" rel=\"ugc\">Zeus Admin Theme\u003C\u002Fa> plugin.  To bundle this feature as well as ajax admin searching, hide admin menus, improved admin ui, and more download Zeus \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fzeus-admin-theme\u002F\" rel=\"ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n","Easily reorder your admin menu items with simple drag & drop operation",1411,"2019-06-18T18:59:00.000Z","5.2.24","3.0.1",[127,128,129,111,23],"admin-menus","custom-menu-order","custom_menu_order","http:\u002F\u002Flukehertzler.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fajax-admin-menu-editor.1.0.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":64,"num_ratings":142,"last_updated":143,"tested_up_to":144,"requires_at_least":17,"requires_php":69,"tags":145,"homepage":151,"download_link":152,"security_score":153,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"wc-product-customer-list","Product Customer List for WooCommerce","3.1.8","ggwicz","https:\u002F\u002Fprofiles.wordpress.org\u002Fggwicz\u002F","\u003Cp>A plugin that simply displays a list of customers who bought a specific product at the bottom of the WooCommerce product edit page or as a shortcode. You can also send an email to the list of customers, print the list or export it as a CSV, PDF or Excel file. Requires WooCommerce 2.2+ to be installed and activated.\u003C\u002Fp>\n\u003Cp>Great for sending out e-mails or getting a list of customers for courses, for shows or for product recalls.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for variable products\u003C\u002Fli>\n\u003Cli>Options page to select which info columns to display\u003C\u002Fli>\n\u003Cli>Displays customer name, email, phone number, address, order number, order date, shipping method, order total and quantity for each product\u003C\u002Fli>\n\u003Cli>Shortcode to display orders in the front-end. You can select which information to display using attributes\u003C\u002Fli>\n\u003Cli>Button to e-mail all customers for a specific product using your favorite e-mail client (b.c.c.)\u003C\u002Fli>\n\u003Cli>Email selected customers\u003C\u002Fli>\n\u003Cli>Export the customer list to CSV (great for importing into Mailchimp!)\u003C\u002Fli>\n\u003Cli>Export the customer list to Excel\u003C\u002Fli>\n\u003Cli>Export the customer list to PDF (choose your orientation and page size in the settings)\u003C\u002Fli>\n\u003Cli>Copy the customer list to clipboard\u003C\u002Fli>\n\u003Cli>Print the list of customers\u003C\u002Fli>\n\u003Cli>Search any column in the list\u003C\u002Fli>\n\u003Cli>Sort by any column in the list\u003C\u002Fli>\n\u003Cli>Drag and drop columns to reorder them\u003C\u002Fli>\n\u003Cli>Localized and WPML \u002F Polylang ready (.pot file included)\u003C\u002Fli>\n\u003Cli>Included translations: French, French (France), French (Canada), Spanish, Dutch, Dutch (Netherlands), Dutch (Belgium).\u003C\u002Fli>\n\u003Cli>All functions are pluggable\u003C\u002Fli>\n\u003Cli>Performance oriented\u003C\u002Fli>\n\u003Cli>Responsive\u003C\u002Fli>\n\u003Cli>Multisite compatible\u003C\u002Fli>\n\u003Cli>Support for custom statuses\u003C\u002Fli>\n\u003Cli>Support for High Performance Order Storage (HPOS)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium version:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for Custom Fields\u003C\u002Fli>\n\u003Cli>Support for User meta\u003C\u002Fli>\n\u003Cli>Support for WooCommerce Custom Fields (RightPress)\u003C\u002Fli>\n\u003Cli>Support for WooTours\u003C\u002Fli>\n\u003Cli>Support for WooEvents\u003C\u002Fli>\n\u003Cli>Support for YITH WooCommerce Product Add-ons\u003C\u002Fli>\n\u003Cli>Support for Conditional Woo Checkout Field Pro\u003C\u002Fli>\n\u003Cli>Support for Checkout Field Editor for WooCommerce (Themehigh)\u003C\u002Fli>\n\u003Cli>Support for WooCommerce Checkout Field Editor (WooCommerce)\u003C\u002Fli>\n\u003Cli>Support for WooCommerce Product Add-ons\u003C\u002Fli>\n\u003Cli>Support for WooCommerce Subscriptions (WooCommerce)\u003C\u002Fli>\n\u003Cli>Support for WooCommerce Product Bundles (WooCommerce)\u003C\u002Fli>\n\u003Cli>Shortcode by variation ID\u003C\u002Fli>\n\u003Cli>Datatables functionalities for the shortcode (export PDF, export CSV, print, email customers, search, paging, etc…).\u003C\u002Fli>\n\u003Cli>Change default sorting column\u003C\u002Fli>\n\u003Cli>Premium support\u003C\u002Fli>\n\u003Cli>Premium updates\u003C\u002Fli>\n\u003Cli>Much more coming soon!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To upgrade the plugin to the premium version, simply click on “upgrade” under the plugin title in the plugin list page, or \u003Ca href=\"https:\u002F\u002Fcheckout.freemius.com\u002Fmode\u002Fdialog\u002Fplugin\u002F2009\u002Fplan\u002F2994\u002F\" rel=\"nofollow ugc\">purchase it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>Please see documentation \u003Ca href=\"https:\u002F\u002Fwww.kokomoweb.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Contributors:\u003C\u002Fh4>\n\u003Cp>, freemius\u003Cbr \u002F>\n* Support for variable products: \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fbrocheafoin\u002F\" rel=\"nofollow ugc\">Alexandre Simard\u003C\u002Fa>\u003Cbr \u002F>\n* Dutch translation: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fpieterclaesen\" rel=\"ugc\">pieterclaesen\u003C\u002Fa>\u003Cbr \u002F>\n* Portuguese (Brazil) translation: \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmragenciadigital\" rel=\"nofollow ugc\">Marcello Ruoppolo\u003C\u002Fa>\u003C\u002Fp>\n","Display a list of customers who bought a specific product at the bottom of the product edit page in WooCommerce and send them e-mails.",9000,281104,75,"2025-01-27T17:43:00.000Z","6.7.5",[146,147,148,149,150],"admin-order-list","customer-list","product-specific","who-bought","woocommerce","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwc-product-customer-list\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-product-customer-list.3.1.8.zip",92,{"attackSurface":155,"codeSignals":204,"taintFlows":224,"riskAssessment":225,"analyzedAt":236},{"hooks":156,"ajaxHandlers":200,"restRoutes":201,"shortcodes":202,"cronEvents":203,"entryPointCount":74,"unprotectedCount":74},[157,163,168,170,176,180,184,187,190,193,196],{"type":158,"name":159,"callback":160,"file":161,"line":162},"action","plugins_loaded","get_instance","anything-order.php",70,{"type":158,"name":164,"callback":165,"file":166,"line":167},"admin_init","set_current_screen","modules\\base\\class.php",91,{"type":158,"name":169,"callback":169,"file":166,"line":153},"current_screen",{"type":171,"name":172,"callback":173,"file":174,"line":175},"filter","woocommerce_sortable_taxonomies","__return_empty_array","modules\\base\\compatibility.php",18,{"type":171,"name":177,"callback":178,"priority":84,"file":174,"line":179},"admin_enqueue_scripts","woocommerce_assets",21,{"type":158,"name":181,"callback":181,"priority":182,"file":183,"line":50},"parse_tax_query",20,"modules\\post\\class.php",{"type":171,"name":185,"callback":185,"file":183,"line":186},"posts_orderby",48,{"type":171,"name":188,"callback":188,"file":183,"line":189},"posts_fields",51,{"type":171,"name":191,"callback":191,"file":183,"line":192},"posts_join",52,{"type":171,"name":185,"callback":194,"file":183,"line":195},"posts_orderby_term",53,{"type":171,"name":197,"callback":197,"priority":101,"file":198,"line":199},"terms_clauses","modules\\taxonomy\\class.php",22,[],[],[],[],{"dangerousFunctions":205,"sqlUsage":206,"outputEscaping":212,"fileOperations":74,"externalRequests":74,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":223},[],{"prepared":74,"raw":28,"locations":207},[208],{"file":209,"line":210,"context":211},"uninstall.php",17,"$wpdb->get_col() with variable interpolation",{"escaped":213,"rawEcho":214,"locations":215},4,3,[216,219,221],{"file":166,"line":217,"context":218},382,"raw output",{"file":166,"line":220,"context":218},387,{"file":183,"line":222,"context":218},179,[],[],{"summary":226,"deductions":227},"The \"anything-order-by-terms\" v1.4.0 plugin exhibits a mixed security posture.  While static analysis indicates a minimal attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events without authentication or permission checks, and no critical taint analysis findings, there are significant concerns.\n\nThe presence of a single SQL query that is not using prepared statements is a notable weakness, potentially exposing the site to SQL injection vulnerabilities. Furthermore, the output escaping is not consistently applied, with 43% of outputs not being properly escaped, creating an XSS risk. The vulnerability history reveals a concerning pattern, with a medium-severity vulnerability reported and still unpatched. The common vulnerability type being \"Missing Authorization\" is also a red flag, especially given the plugin's limited disclosed entry points.\n\nOverall, while the plugin appears to have a small attack surface and some good practices like nonce and capability checks, the unpatched medium vulnerability, the raw SQL query, and the insufficient output escaping present clear and actionable risks that need to be addressed.",[228,231,234],{"reason":229,"points":230},"Unpatched medium vulnerability",15,{"reason":232,"points":233},"Raw SQL query without prepared statements",7,{"reason":235,"points":14},"Insufficient output escaping (43% not properly escaped)","2026-03-16T19:06:36.008Z",{"wat":238,"direct":253},{"assetPaths":239,"generatorPatterns":245,"scriptPaths":246,"versionParams":247},[240,241,242,243,244],"\u002Fwp-content\u002Fplugins\u002Fanything-order-by-terms\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fanything-order-by-terms\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fanything-order-by-terms\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fanything-order-by-terms\u002Fassets\u002Fjs\u002Fadmin_order.js","\u002Fwp-content\u002Fplugins\u002Fanything-order-by-terms\u002Fassets\u002Fjs\u002Flibs\u002Fjquery\u002Fui.min.js",[],[242,243,244],[248,249,250,251,252],"anything-order-by-terms\u002Fassets\u002Fcss\u002Fadmin.css?ver=","anything-order-by-terms\u002Fassets\u002Fcss\u002Fstyle.css?ver=","anything-order-by-terms\u002Fassets\u002Fjs\u002Fadmin.js?ver=","anything-order-by-terms\u002Fassets\u002Fjs\u002Fadmin_order.js?ver=","anything-order-by-terms\u002Fassets\u002Fjs\u002Flibs\u002Fjquery\u002Fui.min.js?ver=",{"cssClasses":254,"htmlComments":257,"htmlAttributes":258,"restEndpoints":262,"jsGlobals":264,"shortcodeOutput":267},[55,255,256],"anything-order-id","anything-order-order",[],[259,260,261],"data-action","data-id","data-order",[263],"\u002Fwp-json\u002Fanything-order\u002Fv1\u002Fupdate",[265,266],"Anything_Order","anything_order_i18n",[],{"slug":4,"current_version":6,"total_versions":269,"versions":270},16,[271,279,287,295,303,311,319,327,335,343,351,359,367,375,383,391],{"version":6,"download_url":26,"svn_tag_url":272,"released_at":37,"has_diff":273,"diff_files_changed":274,"diff_lines":37,"trac_diff_url":275,"vulnerabilities":276,"is_current":278},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.4.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.10&new_path=%2Fanything-order-by-terms%2Ftags%2F1.4.0",[277],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},true,{"version":280,"download_url":281,"svn_tag_url":282,"released_at":37,"has_diff":273,"diff_files_changed":283,"diff_lines":37,"trac_diff_url":284,"vulnerabilities":285,"is_current":273},"1.3.10","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.10.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.10\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.7&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.10",[286],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":288,"download_url":289,"svn_tag_url":290,"released_at":37,"has_diff":273,"diff_files_changed":291,"diff_lines":37,"trac_diff_url":292,"vulnerabilities":293,"is_current":273},"1.3.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.6&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.7",[294],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":296,"download_url":297,"svn_tag_url":298,"released_at":37,"has_diff":273,"diff_files_changed":299,"diff_lines":37,"trac_diff_url":300,"vulnerabilities":301,"is_current":273},"1.3.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.5&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.6",[302],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":304,"download_url":305,"svn_tag_url":306,"released_at":37,"has_diff":273,"diff_files_changed":307,"diff_lines":37,"trac_diff_url":308,"vulnerabilities":309,"is_current":273},"1.3.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.4&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.5",[310],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":312,"download_url":313,"svn_tag_url":314,"released_at":37,"has_diff":273,"diff_files_changed":315,"diff_lines":37,"trac_diff_url":316,"vulnerabilities":317,"is_current":273},"1.3.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.3&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.4",[318],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":320,"download_url":321,"svn_tag_url":322,"released_at":37,"has_diff":273,"diff_files_changed":323,"diff_lines":37,"trac_diff_url":324,"vulnerabilities":325,"is_current":273},"1.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.2&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.3",[326],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":328,"download_url":329,"svn_tag_url":330,"released_at":37,"has_diff":273,"diff_files_changed":331,"diff_lines":37,"trac_diff_url":332,"vulnerabilities":333,"is_current":273},"1.3.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.1&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.2",[334],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":336,"download_url":337,"svn_tag_url":338,"released_at":37,"has_diff":273,"diff_files_changed":339,"diff_lines":37,"trac_diff_url":340,"vulnerabilities":341,"is_current":273},"1.3.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.3.0&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.1",[342],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":344,"download_url":345,"svn_tag_url":346,"released_at":37,"has_diff":273,"diff_files_changed":347,"diff_lines":37,"trac_diff_url":348,"vulnerabilities":349,"is_current":273},"1.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.2.2&new_path=%2Fanything-order-by-terms%2Ftags%2F1.3.0",[350],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":352,"download_url":353,"svn_tag_url":354,"released_at":37,"has_diff":273,"diff_files_changed":355,"diff_lines":37,"trac_diff_url":356,"vulnerabilities":357,"is_current":273},"1.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.2.1&new_path=%2Fanything-order-by-terms%2Ftags%2F1.2.2",[358],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":360,"download_url":361,"svn_tag_url":362,"released_at":37,"has_diff":273,"diff_files_changed":363,"diff_lines":37,"trac_diff_url":364,"vulnerabilities":365,"is_current":273},"1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.2.0&new_path=%2Fanything-order-by-terms%2Ftags%2F1.2.1",[366],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":368,"download_url":369,"svn_tag_url":370,"released_at":37,"has_diff":273,"diff_files_changed":371,"diff_lines":37,"trac_diff_url":372,"vulnerabilities":373,"is_current":273},"1.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.1.6&new_path=%2Fanything-order-by-terms%2Ftags%2F1.2.0",[374],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":376,"download_url":377,"svn_tag_url":378,"released_at":37,"has_diff":273,"diff_files_changed":379,"diff_lines":37,"trac_diff_url":380,"vulnerabilities":381,"is_current":273},"1.1.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.1.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.1.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.1.5&new_path=%2Fanything-order-by-terms%2Ftags%2F1.1.6",[382],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":384,"download_url":385,"svn_tag_url":386,"released_at":37,"has_diff":273,"diff_files_changed":387,"diff_lines":37,"trac_diff_url":388,"vulnerabilities":389,"is_current":273},"1.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fanything-order-by-terms%2Ftags%2F1.1.0&new_path=%2Fanything-order-by-terms%2Ftags%2F1.1.5",[390],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":392,"download_url":393,"svn_tag_url":394,"released_at":37,"has_diff":273,"diff_files_changed":395,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":396,"is_current":273},"1.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanything-order-by-terms.1.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fanything-order-by-terms\u002Ftags\u002F1.1.0\u002F",[],[397],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37}]