[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy60NUEiPqiYFXYU1RFEh1OZgr0M6EdMImHC157-jhVg":3,"$fF8k2_h_81MFwcDSuE4WhUEyS6rTTR5YTgBuaCjOQ_qc":252,"$fglQ4eF78d1oF4ir1yYrJruNingKDe_HSJaTv4MKtqcQ":257},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":39,"analysis":123,"fingerprints":227},"api-log-pro","API Log Pro","1.0.0","Hubbard Labs","https:\u002F\u002Fprofiles.wordpress.org\u002Fhubbardlabs\u002F","\u003Cp>This plugin enables logging of all calls to the WordPress REST API. You can view all logs from the WordPress Admin under \u003Cstrong>API Log Pro\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>WP-CLI Support\u003C\u002Fh3>\n\u003Cp>This plugin offers some basic wp-cli support. You can use the following command to delete all the logs in the db.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp api-log-pro delete\n\u003C\u002Fcode>\u003C\u002Fpre>\n","A simple plugin to log WordPress Rest API Requests.",10,4195,0,"2022-06-24T15:46:00.000Z","6.0.11","4.6","7.0.0",[19,20,21,22,23],"api","json","rest-api","wp-api","wp-rest-api","https:\u002F\u002Fgithub.com\u002Fhubbardlabs\u002Fapi-log-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-log-pro.1.0.0.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"hubbardlabs",4,20,89,30,86,"2026-05-20T09:07:43.875Z",[40,60,80,97,111],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-rest-api-log","REST API Log","1.7.0","Pete Nelson","https:\u002F\u002Fprofiles.wordpress.org\u002Fgungeekatx\u002F","\u003Cp>WordPress plugin to log \u003Ca href=\"http:\u002F\u002Fv2.wp-api.org\u002F\" rel=\"nofollow ugc\">REST API\u003C\u002Fa> requests and responses (for v2 of the API).\u003C\u002Fp>\n\u003Cp>Includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress admin page to view and search log entries\u003C\u002Fli>\n\u003Cli>API endpoint to access log entries via JSON\u003C\u002Fli>\n\u003Cli>Filters to customize logging\u003C\u002Fli>\n\u003Cli>Custom endpoint logging\u003C\u002Fli>\n\u003Cli>ElasticPress logging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Find us on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpetenelson\u002Fwp-rest-api-log\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Roadmap\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Better search capabilities for log entries via the REST API endpoint\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress plugin to log REST API requests and responses",5000,114125,72,24,"2025-01-02T16:29:00.000Z","6.7.5","4.7","",[19,20,21,22,23],"https:\u002F\u002Fgithub.com\u002Fpetenelson\u002Fwp-rest-api-log","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-api-log.1.7.0.zip",92,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":55,"tags":75,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-api-menus","WP API Menus","1.3.2","Fulvio Notarstefano","https:\u002F\u002Fprofiles.wordpress.org\u002Fnekojira\u002F","\u003Cp>This plugin extends the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjson-rest-api\u002F\" rel=\"ugc\">WordPress JSON REST API\u003C\u002Fa> with new routes for WordPress registered menus\u003C\u002Fp>\n\u003Cp>The new routes available will be:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>\u002Fmenus\u003C\u002Fcode> list of every registered menu.\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fmenus\u002F\u003Cid>\u003C\u002Fcode> data for a specific menu.\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fmenu-locations\u003C\u002Fcode> list of all registered theme locations.\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u002Fmenu-locations\u002F\u003Clocation>\u003C\u002Fcode> data for menu in specified menu in theme location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Currently, the \u003Ccode>menu-locations\u002F\u003Clocation>\u003C\u002Fcode> route for individual menus will return a tree with full menu hierarchy, with correct menu item order and listing children for each menu item. The \u003Ccode>menus\u002F\u003Cid>\u003C\u002Fcode> route will output menu details and a flat array of menu items. Item order or if each item has a parent will be indicated in each item attributes, but this route won’t output items as a tree.\u003C\u002Fp>\n\u003Cp>You can alter the data arrangement of each individual menu items and children using the filter hook \u003Ccode>json_menus_format_menu_item\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>An important note on WP API V2:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In V1 the routes are located by default at \u003Ccode>wp-json\u002Fmenus\u002F\u003C\u002Fcode> etc.\u003C\u002Fp>\n\u003Cp>In V2 the routes by default are at \u003Ccode>wp-json\u002Fwp-api-menus\u002Fv2\u002F\u003C\u002Fcode> (e.g. \u003Ccode>wp-json\u002Fwp-api-menus\u002Fv2\u002Fmenus\u002F\u003C\u002Fcode>, etc.) since V2 encourages prefixing and version namespacing.\u003C\u002Fp>\n","Extends WordPress WP REST API with new routes pointing to WordPress menus.",2000,107964,100,8,"2020-08-18T07:21:00.000Z","5.5.0","3.6.0",[20,76,77,22,23],"json-rest-api","menus","https:\u002F\u002Fgithub.com\u002Fnekojira\u002Fwp-api-menus","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-api-menus.1.3.2.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":13,"num_ratings":13,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":95,"download_link":96,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-rest-api-menus","WP-REST-API Menus","1.0","jcdev518","https:\u002F\u002Fprofiles.wordpress.org\u002Fjcdev518\u002F","\u003Cp>This plugin adds “routes” or “endpoints” to WP REST API that allows for retrieval of\u003Cbr \u002F>\nmenu data as JSON.\u003C\u002Fp>\n\u003Cp>Updated port of “WP-REST-API V2 Menus” by Claudio La Barbera (http:\u002F\u002Fwww.claudiolabarbera.com)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get all registered menus:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>GET \u002Fwp-menus\u002Fv1\u002Fmenus\nhttps:\u002F\u002Fyourwpsite.com\u002Fwp-json\u002Fwp-menus\u002Fv1\u002Fmenus\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Get menu data as JSON from menu slug:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>GET \u002Fwp-menus\u002Fv1\u002Fmenus\u002F{slug}\nhttps:\u002F\u002Fyourwpsite.com\u002Fwp-json\u002Fwp-menus\u002Fv1\u002Fmenus\u002F{slug}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Gets the contents of a registered menu by its “slug”.\u003C\u002Fp>\n\u003Cp>When assigning a menu a location in \u002Fwp-admin\u002Fnav-menus.php?action=locations\u003Cbr \u002F>\nthe slug is the name of the menu in lowercase and without any spaces like a post slug.\u003C\u002Fp>\n\u003Cp>If your menu name is Main Menu:\u003Cbr \u002F>\nhttps:\u002F\u002Fyourwpsite.com\u002Fwp-json\u002Fmenus\u002Fv1\u002Fwp-menus\u002Fmain-menu\u003C\u002Fp>\n","Adds menu endpoints to core WP REST API.",70,2461,"2018-03-26T22:33:00.000Z","4.9.29","4.7.0","5.6",[20,76,77,22,23],"https:\u002F\u002Fwww.amorphouswebsolutions.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-api-menus.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":13,"num_ratings":13,"last_updated":106,"tested_up_to":107,"requires_at_least":74,"requires_php":55,"tags":108,"homepage":55,"download_link":110,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-api-v2-woocommerce-endpoints","WP API (V2) WooCommerce endpoints","1.0.2","Oleg Kostin","https:\u002F\u002Fprofiles.wordpress.org\u002Foleg2tor\u002F","\u003Cp>This plugin extends the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frest-api\u002F\" rel=\"ugc\">WordPress JSON REST API\u003C\u002Fa> with new endpoints for WooCommerce (is_shop, is_cart, is_checkout, is_account_page) page functions\u003C\u002Fp>\n","Extends WordPress WP REST API (V2) with new endpoints pointing to WooCommerce page functions (is_shop, is_cart, is_checkout, is_account_page).",1960,"2016-04-26T00:10:00.000Z","4.5.33",[20,76,109,22,23],"woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-api-v2-woocommerce-endpoints.zip",{"slug":112,"name":113,"version":114,"author":101,"author_profile":102,"description":115,"short_description":116,"active_installs":11,"downloaded":117,"rating":70,"num_ratings":118,"last_updated":119,"tested_up_to":107,"requires_at_least":74,"requires_php":55,"tags":120,"homepage":55,"download_link":122,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-rest-api-options","WP API Options","1.0.1","\u003Cp>This plugin extends the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frest-api\u002F\" rel=\"ugc\">WordPress JSON REST API\u003C\u002Fa> with new routes for WordPress options\u003C\u002Fp>\n","Extends WordPress WP REST API with new routes pointing to WordPress options.",2701,1,"2016-05-09T14:08:00.000Z",[20,76,121,22,23],"options","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-api-options.zip",{"attackSurface":124,"codeSignals":195,"taintFlows":215,"riskAssessment":216,"analyzedAt":226},{"hooks":125,"ajaxHandlers":180,"restRoutes":181,"shortcodes":189,"cronEvents":190,"entryPointCount":118,"unprotectedCount":13},[126,132,138,141,145,149,154,157,160,164,169,173,174,176],{"type":127,"name":128,"callback":129,"file":130,"line":131},"action","admin_menu","api_log_pro_menu","admin\\admin-page.php",11,{"type":133,"name":134,"callback":135,"priority":11,"file":136,"line":137},"filter","rest_post_dispatch","log_requests","class-api-log-pro.php",42,{"type":127,"name":139,"callback":139,"file":136,"line":140},"init",47,{"type":127,"name":142,"callback":143,"file":136,"line":144},"api_log_pro_incoming_cleanup_cron","cleanup",48,{"type":127,"name":146,"callback":147,"file":136,"line":148},"admin_init","register_scripts",50,{"type":127,"name":150,"callback":151,"file":152,"line":153},"activated_plugin","create_log_db","includes\\class-api-log-pro-db.php",25,{"type":127,"name":150,"callback":155,"file":152,"line":156},"create_outgoing_log_db",26,{"type":127,"name":150,"callback":158,"file":152,"line":159},"create_log_meta_db",27,{"type":127,"name":161,"callback":162,"file":152,"line":163},"plugins_loaded","register_log_meta_table",28,{"type":133,"name":165,"callback":166,"file":167,"line":168},"http_request_args","start_timer","includes\\class-api-log-pro-outgoing.php",22,{"type":127,"name":170,"callback":171,"priority":11,"file":167,"line":172},"http_api_debug","capture_request",23,{"type":127,"name":139,"callback":139,"file":167,"line":153},{"type":127,"name":175,"callback":143,"file":167,"line":156},"api_log_pro_outgoing_cleanup_cron",{"type":127,"name":177,"callback":178,"file":179,"line":153},"rest_api_init","closure","includes\\class-api-log-pro-rest-api.php",[],[182],{"namespace":183,"route":184,"methods":185,"callback":187,"permissionCallback":188,"file":179,"line":163},"api-log-pro\u002Fv1","logs",[186],"GET","get_api_logs","permission_check",[],[191,193],{"hook":142,"callback":142,"file":136,"line":192},57,{"hook":175,"callback":175,"file":167,"line":194},36,{"dangerousFunctions":196,"sqlUsage":197,"outputEscaping":200,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":118,"bundledLibraries":211},[],{"prepared":198,"raw":13,"locations":199},44,[],{"escaped":201,"rawEcho":202,"locations":203},63,3,[204,207,209],{"file":130,"line":205,"context":206},87,"raw output",{"file":208,"line":168,"context":206},"admin\\settings.php",{"file":208,"line":210,"context":206},32,[212],{"name":213,"version":27,"knownCves":214},"DataTables",[],[],{"summary":217,"deductions":218},"The \"api-log-pro\" v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for all SQL queries, and the high percentage of properly escaped output indicate good coding practices.  Furthermore, the lack of file operations and external HTTP requests limits potential attack vectors. The vulnerability history being entirely clear of CVEs is a positive sign, suggesting a history of responsible development and maintenance.\n\nHowever, there are a few areas that warrant attention. The most significant concern is the absence of nonce checks on AJAX handlers and the lack of permission callbacks on REST API routes. While the analysis shows 0 unprotected entry points currently, this indicates a potential for future vulnerabilities if new AJAX handlers or REST API routes are added without proper authentication and authorization. The presence of a bundled library (DataTables) also introduces a potential risk if it is not kept up-to-date and has known vulnerabilities.\n\nIn conclusion, while \"api-log-pro\" demonstrates several strengths in its security implementation, the lack of explicit nonce checks for AJAX and permission callbacks for REST API routes, coupled with the bundled library, represent areas for improvement to further harden the plugin's security and maintain its clean vulnerability record.",[219,222,224],{"reason":220,"points":221},"Missing nonce checks on AJAX handlers",5,{"reason":223,"points":221},"Missing permission callbacks on REST API routes",{"reason":225,"points":202},"Bundled outdated library (DataTables)","2026-03-17T00:04:26.287Z",{"wat":228,"direct":245},{"assetPaths":229,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[230,231,232,233,234,235],"\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fjs\u002Fjquery.datatables.min.js","\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fjs\u002Flogs-datatables.min.js","\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fjs\u002Flogs-datatables-outgoing.js","\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fjs\u002Fhighlight.pack.js","\u002Fwp-content\u002Fplugins\u002Fapi-log-pro\u002Fassets\u002Fcss\u002Fhighlight-wp-theme.min.css",[],[232,233,234],[239,240,241,242,243,244],"api-log-pro\u002Fassets\u002Fcss\u002Fadmin.css?ver=","api-log-pro\u002Fassets\u002Fjs\u002Fjquery.datatables.min.js?ver=","api-log-pro\u002Fassets\u002Fjs\u002Flogs-datatables.min.js?ver=","api-log-pro\u002Fassets\u002Fjs\u002Flogs-datatables-outgoing.js?ver=","api-log-pro\u002Fassets\u002Fjs\u002Fhighlight.pack.js?ver=","api-log-pro\u002Fassets\u002Fcss\u002Fhighlight-wp-theme.min.css?ver=",{"cssClasses":246,"htmlComments":247,"htmlAttributes":248,"restEndpoints":249,"jsGlobals":250,"shortcodeOutput":251},[],[],[],[],[],[],{"error":253,"url":254,"statusCode":255,"statusMessage":256,"message":256},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fapi-log-pro\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":221,"versions":258},[259,265,272,279,286],{"version":6,"download_url":25,"svn_tag_url":260,"released_at":27,"has_diff":261,"diff_files_changed":262,"diff_lines":27,"trac_diff_url":263,"vulnerabilities":264,"is_current":253},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fapi-log-pro\u002Ftags\u002F1.0.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fapi-log-pro%2Ftags%2F0.0.8&new_path=%2Fapi-log-pro%2Ftags%2F1.0.0",[],{"version":266,"download_url":267,"svn_tag_url":268,"released_at":27,"has_diff":261,"diff_files_changed":269,"diff_lines":27,"trac_diff_url":270,"vulnerabilities":271,"is_current":261},"0.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-log-pro.0.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fapi-log-pro\u002Ftags\u002F0.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fapi-log-pro%2Ftags%2F0.0.7&new_path=%2Fapi-log-pro%2Ftags%2F0.0.8",[],{"version":273,"download_url":274,"svn_tag_url":275,"released_at":27,"has_diff":261,"diff_files_changed":276,"diff_lines":27,"trac_diff_url":277,"vulnerabilities":278,"is_current":261},"0.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-log-pro.0.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fapi-log-pro\u002Ftags\u002F0.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fapi-log-pro%2Ftags%2F0.0.6&new_path=%2Fapi-log-pro%2Ftags%2F0.0.7",[],{"version":280,"download_url":281,"svn_tag_url":282,"released_at":27,"has_diff":261,"diff_files_changed":283,"diff_lines":27,"trac_diff_url":284,"vulnerabilities":285,"is_current":261},"0.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-log-pro.0.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fapi-log-pro\u002Ftags\u002F0.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fapi-log-pro%2Ftags%2F0.0.5&new_path=%2Fapi-log-pro%2Ftags%2F0.0.6",[],{"version":287,"download_url":288,"svn_tag_url":289,"released_at":27,"has_diff":261,"diff_files_changed":290,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":291,"is_current":261},"0.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-log-pro.0.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fapi-log-pro\u002Ftags\u002F0.0.5\u002F",[],[]]