[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f86IsStnY70Qd2vO103PMEkFbfe6ydG2-QRuGta_KNv4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":146,"fingerprints":240},"autochmod","AutoCHMOD","0.5.2","belinde","https:\u002F\u002Fprofiles.wordpress.org\u002Fbelinde\u002F","\u003Cp>Protect folders and files from unhautorized changes managing filesystem permissions. You can configure the permission mask for file and folders in “protected” and “writeable” status, and with a single click you can switch between them. When you enable writing a cron event is set and the protected status will be applied automatically after 10 minutes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please check carefully the configuration before enabling protection!\u003C\u002Fstrong> If the default permission mask isn’t correct for your server \u003Cstrong>WordPress will stop working\u003C\u002Fstrong>, and you’ll need to restore the correct permission manually.\u003C\u002Fp>\n\u003Cp>Pay attention: the suggested configuration is, obviously, only a suggestion: depending on various system configuration the detection could be suboptimal or erroneous.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in 0.5:\u003C\u002Fstrong> automatic updates should work regularly; the protection will disabled and re-enabled, hopefully without pain. But this feature is still experimental and I can’t debug it untill next minor release of WP.\u003C\u002Fp>\n","Protect folders and files from unhautorized changes managing filesystem permissions.",30,4696,60,3,"2014-04-17T08:20:00.000Z","3.9.40","3.1.0","",[20,21,22,23,24],"chmod","filesystem","folders","permissions","security","http:\u002F\u002Fe2net.it?autochmod","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautochmod.0.5.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},2,40,84,"2026-04-04T16:58:19.446Z",[38,58,84,107,127],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":34,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"permissions-security-audit","Permissions & Security Audit","1.2","Andrew Stewart","https:\u002F\u002Fprofiles.wordpress.org\u002Finnocow\u002F","\u003Cp>Permissions & Security Audit is a plugin that runs a series of tests to check common security issues with the following areas:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>File and folder permissions\u003C\u002Fli>\n\u003Cli>File and folder ownership\u003C\u002Fli>\n\u003Cli>WordPress configuration settings\u003C\u002Fli>\n\u003Cli>Apache\u002FPHP and hosting settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Although this plugin will flag potential issues; it will not resolve these items. You will need to manually resolve them, use the help of a plugin or contact an individual who has the experience to help.\u003C\u002Fp>\n\u003Cp>Ce plugin est disponible en français aussi.\u003C\u002Fp>\n","Permissions & Security Audit is a plugin that runs a series of tests to check common security issues with the following areas:",50,2161,1,"2021-03-04T20:36:00.000Z","5.7.15","5.2","5.4",[54,22,55,23,24],"file","permission","https:\u002F\u002Finnocow.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpermissions-security-audit.1.2.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":79,"download_link":80,"security_score":81,"vuln_count":82,"unpatched_count":28,"last_vuln_date":83,"fetched_at":30},"wpfront-user-role-editor","WPFront User Role Editor","4.2.4","Syam Mohan","https:\u002F\u002Fprofiles.wordpress.org\u002Fsyammohanm\u002F","\u003Cp>WPFront User Role Editor plugin allows you to easily manage WordPress user roles within your site.\u003Cbr \u002F>\nYou can create, edit or delete user roles and manage role capabilities.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create new roles.\u003C\u002Fli>\n\u003Cli>Edit or rename existing roles.\u003C\u002Fli>\n\u003Cli>Clone existing roles.\u003C\u002Fli>\n\u003Cli>Manage capabilities.\u003C\u002Fli>\n\u003Cli>Allows you to add role capabilities.\u003C\u002Fli>\n\u003Cli>Change default user role.\u003C\u002Fli>\n\u003Cli>Add or Remove capabilities.\u003C\u002Fli>\n\u003Cli>Restore role.\u003C\u002Fli>\n\u003Cli>Assign multiple roles.\u003C\u002Fli>\n\u003Cli>Migrate users.\u003C\u002Fli>\n\u003Cli>Navigation menu permissions basic.\u003C\u002Fli>\n\u003Cli>Widget permissions basic.\u003C\u002Fli>\n\u003Cli>Login redirect basic.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fmenu-editor\u002F\" rel=\"nofollow ugc\">Admin menu editor.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fmedia-attachment-file-permissions\u002F\" rel=\"nofollow ugc\">Media library permissions.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fuser-level-permissions\u002F\" rel=\"nofollow ugc\">User level permissions.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fnavigation-menu-permissions\u002F\" rel=\"nofollow ugc\">Navigation menu permissions advanced.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fwidget-permissions\u002F\" rel=\"nofollow ugc\">Widget permissions advanced.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Flogin-redirect\u002F\" rel=\"nofollow ugc\">Login redirect advanced.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fposts-pages-extended-permissions\u002F\" rel=\"nofollow ugc\">Post\u002FPage extended permissions.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fcustom-post-type-permissions\u002F\" rel=\"nofollow ugc\">Custom post type permissions.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fcontent-restriction-shortcodes\u002F\" rel=\"nofollow ugc\">Content restriction shortcodes.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fexport-roles\u002F\" rel=\"nofollow ugc\">Import\u002FExport.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002Fmultisite-sync-roles\u002F\" rel=\"nofollow ugc\">Multisite support.\u003C\u002Fa> [PRO]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Compare \u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fppro\" rel=\"nofollow ugc\">User Role Editor Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Spanish tutorial\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FYRZdWH-uukI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Easily allows you to manage WordPress user roles. You can create, edit, delete and manage capabilities, also copy existing roles.",30000,962618,90,65,"2025-12-02T16:53:00.000Z","6.9.4","5.1","7.0",[75,76,24,77,78],"capability-manager","role-editor","user-access","user-permissions","http:\u002F\u002Fwpfront.com\u002Fuser-role-editor-pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfront-user-role-editor.4.2.4.zip",94,5,"2025-09-26 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":71,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":103,"download_link":104,"security_score":105,"vuln_count":48,"unpatched_count":28,"last_vuln_date":106,"fetched_at":30},"restricted-site-access","Restricted Site Access","7.6.1","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Limit access your site to visitors who are logged in or accessing the site from a set of specified IP addresses. Send restricted visitors to the log in page, redirect them, or display a message or page. A great solution for Extranets, publicly hosted Intranets, or parallel development \u002F staging sites.\u003C\u002Fp>\n\u003Cp>Adds a number of new configuration options to the Reading settings panel as well as the Network Settings panel in multisite. From these panels you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable or disable site restriction\u003C\u002Fli>\n\u003Cli>Change the restriction behavior: send to login, redirect, display a message, display a page\u003C\u002Fli>\n\u003Cli>Add IP addresses to an unrestricted list, including ranges\u003C\u002Fli>\n\u003Cli>Quickly add your current IP to the unrestricted list\u003C\u002Fli>\n\u003Cli>Customize the redirect location, including an option to send them to the same requested path and set the HTTP status code for SEO friendliness\u003C\u002Fli>\n\u003Cli>Define a simple message to show restricted visitors, or select a page to show them – great for “coming soon” teasers!\u003C\u002Fli>\n\u003C\u002Ful>\n","Limit access to visitors who are logged in or allowed by IP addresses. Includes many options for handling blocked visitors.",20000,1120245,96,62,"2026-01-04T21:22:00.000Z","6.6","7.4",[100,23,101,102,24],"limited","privacy","restrict","https:\u002F\u002F10up.com\u002Fplugins\u002Frestricted-site-access-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frestricted-site-access.7.6.1.zip",100,"2022-08-31 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":94,"num_ratings":117,"last_updated":118,"tested_up_to":73,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":105,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"security-header-generator","Security Header Generator","5.4.77","Kevin Pirnie","https:\u002F\u002Fprofiles.wordpress.org\u002Fkevp75\u002F","\u003Cp>This plugin generates the proper security HTTP response headers, attempts to generate a valid Content Security Policy, and sets browser permissions if configured.\u003C\u002Fp>\n","This plugin generates the proper security HTTP response headers to keep your site secured.",500,24333,6,"2026-02-03T14:10:00.000Z","6.0.9","8.2",[122,23,123,24,124],"content-security-policy","permissions-policy","security-headers","https:\u002F\u002Fkevinpirnie.com\u002Fblog\u002F2021\u002F10\u002F13\u002Fwordpress-plugin-security-header-generator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecurity-header-generator.5.4.77.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":94,"num_ratings":137,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":18,"tags":141,"homepage":144,"download_link":145,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-file-permission-check","File Permissions & Size Check","1.0.4","wycks","https:\u002F\u002Fprofiles.wordpress.org\u002Fwycks\u002F","\u003Cp>Will add a little “x” next to any files\u002Ffolders set to 777, since this is inherently insecure. Checks all recursive folders that come with a default WordPress install.\u003C\u002Fp>\n\u003Cp>This plugin can be CPU intensive as it iterates over your whole folder\u002Ffile structure to gather statistics.\u003C\u002Fp>\n\u003Cp>Notes :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Checks root, wp-admin, wp-content, wp-includes and all sub folders\u003C\u002Fli>\n\u003Cli>Includes your plugin and theme folders\u003C\u002Fli>\n\u003Cli>Ignores images, text, CSS , and translation files\u003C\u002Fli>\n\u003Cli>Will exclude the cache folders since they contain to many files to scan.\u003C\u002Fli>\n\u003Cli>Requires PHP 5.1.2 or greater\u003C\u002Fli>\n\u003Cli>Please run this during low traffic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This plugin will not return accurate results under IIS or WAMP stack due to how windows handles file permissions.\u003C\u002Fstrong>\u003C\u002Fp>\n","Simple plugin that checks your WordPress install and shows your file permissions, size, and last modified date.",300,21094,4,"2013-03-13T04:06:00.000Z","3.5.2","2.8",[142,54,22,23,143],"check","size","http:\u002F\u002Fwww.wpsecure.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-file-permission-check.zip",{"attackSurface":147,"codeSignals":194,"taintFlows":228,"riskAssessment":229,"analyzedAt":239},{"hooks":148,"ajaxHandlers":186,"restRoutes":187,"shortcodes":188,"cronEvents":189,"entryPointCount":28,"unprotectedCount":28},[149,154,157,161,165,169,171,176,179,182],{"type":150,"name":151,"callback":151,"file":152,"line":153},"action","init","autochmod.php",34,{"type":150,"name":155,"callback":155,"file":152,"line":156},"plugins_loaded",35,{"type":150,"name":158,"callback":159,"file":152,"line":160},"update_option_auto_updater.lock","update_option_auto_updater_lock",36,{"type":150,"name":162,"callback":163,"file":152,"line":164},"delete_option_auto_updater.lock","delete_option_auto_updater_lock",37,{"type":150,"name":166,"callback":166,"priority":167,"file":152,"line":168},"admin_bar_menu",10000,39,{"type":150,"name":170,"callback":170,"file":152,"line":34},"rimuovi_permessi_scrittura",{"type":172,"name":173,"callback":174,"file":152,"line":175},"filter","plugin_action_links_autochmod\u002Fautochmod.php","plugin_action_links",42,{"type":172,"name":177,"callback":174,"file":152,"line":178},"network_admin_plugin_action_links_autochmod\u002Fautochmod.php",43,{"type":150,"name":180,"callback":180,"file":152,"line":181},"in_admin_footer",46,{"type":150,"name":183,"callback":184,"file":152,"line":185},"admin_head","admin_head_countdown_scripts",49,[],[],[],[190,192],{"hook":170,"callback":170,"file":152,"line":191},69,{"hook":170,"callback":170,"file":152,"line":193},207,{"dangerousFunctions":195,"sqlUsage":196,"outputEscaping":198,"fileOperations":33,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":227},[],{"prepared":28,"raw":28,"locations":197},[],{"escaped":199,"rawEcho":200,"locations":201},14,12,[202,205,207,209,211,213,215,217,219,221,223,225],{"file":152,"line":203,"context":204},277,"raw output",{"file":152,"line":206,"context":204},405,{"file":152,"line":208,"context":204},406,{"file":152,"line":210,"context":204},471,{"file":152,"line":212,"context":204},591,{"file":152,"line":214,"context":204},592,{"file":152,"line":216,"context":204},593,{"file":152,"line":218,"context":204},594,{"file":152,"line":220,"context":204},595,{"file":152,"line":222,"context":204},596,{"file":152,"line":224,"context":204},597,{"file":152,"line":226,"context":204},598,[],[],{"summary":230,"deductions":231},"The autochmod plugin version 0.5.2 exhibits a mixed security posture.  On the positive side, the plugin demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively, and shows no known critical or high-severity vulnerabilities in its history.  The static analysis also indicates no dangerous functions, external HTTP requests, or bundled libraries, which are all positive signs.  However, there are significant areas for concern.  The lack of any nonce checks or capability checks across all identified entry points (cron events in this case) is a major weakness, leaving these functions vulnerable to unauthorized execution.  Furthermore, a substantial portion of the output (46%) is not properly escaped, presenting a risk of Cross-Site Scripting (XSS) vulnerabilities if the unescaped output originates from user-controlled data. The absence of taint analysis results is also notable, as it limits the ability to fully assess risks related to data flow and sanitization.",[232,235,237],{"reason":233,"points":234},"No nonce checks on entry points",15,{"reason":236,"points":234},"No capability checks on entry points",{"reason":238,"points":234},"Significant amount of unescaped output","2026-03-16T22:37:53.245Z",{"wat":241,"direct":248},{"assetPaths":242,"generatorPatterns":245,"scriptPaths":246,"versionParams":247},[243,244],"\u002Fwp-content\u002Fplugins\u002Fautochmod\u002Fgraphic\u002Fopened.png","\u002Fwp-content\u002Fplugins\u002Fautochmod\u002Fgraphic\u002Fclosed.png",[],[],[],{"cssClasses":249,"htmlComments":250,"htmlAttributes":251,"restEndpoints":255,"jsGlobals":256,"shortcodeOutput":258},[],[],[252,253,254],"id=\"autochmod_min\"","id=\"autochmod_sec\"","id=\"autochmodlockicon\"",[],[257],"window.setInterval",[]]