[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZm_Ma4bezzlReEb1sdNZCEPs5FrHUgGYScKjKaRL2W8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":132,"fingerprints":284},"automatic-updates","Automatic Updates","1.3.3","thapa.laxman","https:\u002F\u002Fprofiles.wordpress.org\u002Fthapalaxman\u002F","\u003Ch3>Automatic Updates\u003C\u002Fh3>\n\u003Cp>allows admin to manage the automatic updates of the core wordpress and the plugins.\u003Cbr \u002F>\nThe plugin will also allow admin to toggle email notifications with wordpress updates.\u003C\u002Fp>\n","Automatic Updates allows admin to manage the automatic updates of the core wordpress and the plugins. The plugins also disables core update email noti &hellip;",10,1619,0,"2019-09-23T10:57:00.000Z","5.2.24","4.0.0","",[4,19],"update-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-updates.1.3.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":26,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":28,"avg_security_score":21,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"thapalaxman",3,410,30,84,"2026-04-04T05:49:39.142Z",[33,58,79,97,114],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"webcraftic-updates-manager","Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates","1.3.0","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Disable Updates is a lightweight updates manager that gives you full control over how and when updates run on your site. You can disable all updates, turn off automatic updates, or manage updates individually for WordPress core, plugins, and themes.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>Disable Plugin Updates\u003C\u002Fh4>\n\u003Cp>You can disable plugin updates globally or manage them on a per-plugin basis. This allows you to prevent update notifications for all plugins or selectively disable updates only for specific plugins you want to keep unchanged.\u003C\u002Fp>\n\u003Cp>The plugin also lets you disable automatic plugin updates, giving you full control over which plugins update automatically and which ones require manual approval.\u003C\u002Fp>\n\u003Ch4>Disable Theme Updates\u003C\u002Fh4>\n\u003Cp>You can disable theme updates entirely or control them individually for each theme. This is especially useful if you are using custom themes or child themes where updates could overwrite changes.\u003C\u002Fp>\n\u003Cp>You can also disable automatic theme updates or allow automatic updates only for selected themes, depending on your workflow.\u003C\u002Fp>\n\u003Ch4>Disable WordPress Core Updates\u003C\u002Fh4>\n\u003Cp>Take control of WordPress core updates by disabling them completely or managing how they are applied. You can choose to disable all core updates or fine-tune automatic updates by release type.\u003C\u002Fp>\n\u003Cp>Options include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable WordPress core updates entirely\u003C\u002Fli>\n\u003Cli>Disable automatic core updates\u003C\u002Fli>\n\u003Cli>Allow automatic updates for major releases\u003C\u002Fli>\n\u003Cli>Allow automatic updates for minor releases\u003C\u002Fli>\n\u003Cli>Allow automatic development updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This gives you full control over how WordPress itself updates on your site.\u003C\u002Fp>\n\u003Ch4>Additional Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable translation updates\u003C\u002Fli>\n\u003Cli>Hide update notices for all users except admins\u003C\u002Fli>\n\u003Cli>Get email notifications when updates are available or on successful update\u003C\u002Fli>\n\u003Cli>Disable core update notification emails\u003C\u002Fli>\n\u003Cli>Force automatic updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwebcraftic-updates-manager\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like this plugin, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Our blog is a great place to \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">learn more about WordPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">WordPress YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable updates and automatic updates for WordPress core, plugins, and themes, with the option to disable plugin or theme updates individually.",9000,68184,90,24,"2026-01-12T15:12:00.000Z","6.8.5","5.6","7.4",[50,51,52,53,54],"disable-automatic-updates","disable-core-updates","disable-plugin-updates","disable-updates","updates-manager","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebcraftic-updates-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebcraftic-updates-manager.1.3.0.zip",100,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":11,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":47,"tags":72,"homepage":77,"download_link":78,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"wp-auto-updater","WP Auto Updater","1.7.3","thingsym","https:\u002F\u002Fprofiles.wordpress.org\u002Fthingsym\u002F","\u003Cp>WP Auto Updater plugin enables automatic updates of WordPress Core, Themes, Plugins and Translations. Version control of WordPress Core makes automatic update more safely.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically update WordPress Core\u003C\u002Fli>\n\u003Cli>Automatically updates Themes, Plugins and Translations\u003C\u002Fli>\n\u003Cli>Set up a schedule automatic updates\u003C\u002Fli>\n\u003Cli>Disable automatic updating of each Themes and Plugins\u003C\u002Fli>\n\u003Cli>Record update history\u003C\u002Fli>\n\u003Cli>Update notification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: before updating, please back up your database and files.\u003C\u002Fp>\n\u003Ch4>Auto Update Scenario\u003C\u002Fh4>\n\u003Cp>First of all, we will make an \u003Cstrong>Auto Update Scenario\u003C\u002Fstrong> which decide the policy of WordPress automatic updates.\u003C\u002Fp>\n\u003Cp>You can choose from the following five automatic updates of WordPress Core.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Minor Version Update\u003C\u002Fli>\n\u003Cli>Major Version Update\u003C\u002Fli>\n\u003Cli>Minor Only Version Update\u003C\u002Fli>\n\u003Cli>Previous Generation Version Update\u003C\u002Fli>\n\u003Cli>Manual Update\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Minor Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Minor Version Update\u003C\u002Fstrong> enable minor updates. Minor updates is default behavior in WordPress for security updates. The transition of the version number is as follows: update from 4.8 to 4.8.1, 4.8.2 …\u003C\u002Fp>\n\u003Ch4>Major Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Major Version Update\u003C\u002Fstrong> enable major updates. The transition of the version number is as follows: update from 4.7 to 4.8, 4.9 …\u003C\u002Fp>\n\u003Ch4>Minor Only Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Minor Only Version Update\u003C\u002Fstrong> enable major updates and minor updates \u003Cstrong>except version x.y.0\u003C\u002Fstrong>. It make sense to take a “skip” approach to avoid introducing new vulnerabilities into the latest major version release.\u003C\u002Fp>\n\u003Cp>Update the WordPress Core version (eg. x.y.1 or later) with security fixed. Not automatically update the latest major version of x.y.0. The transition of the version number is as follows: update from 4.7.z to 4.8.z, 4.9.z … skiped 4.7.0, 4.8.0, 4.9.0 …\u003C\u002Fp>\n\u003Ch4>Previous Generation Version Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Previous Generation Version Update\u003C\u002Fstrong> enable major updates and minor updates \u003Cstrong>except the latest major version\u003C\u002Fstrong>. It make sense to take a “wait and see” approach to ensure the latest major version release is stable before.\u003C\u002Fp>\n\u003Cp>With the installed WordPress Core version as 4.6.z. If the latest WordPress Core version released to 4.8.0, automatically update it to version 4.7.z. It will be always automatically updated to the previous generation WordPress Core version with probably security fixed.\u003C\u002Fp>\n\u003Ch4>Manual Update\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Manual Update\u003C\u002Fstrong> disable automatic updates. You update WordPress Core manually on the Dashboard Updates Screen.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic updates\u003C\u002Fstrong> and \u003Cstrong>manual updates\u003C\u002Fstrong> are available for themes, plugins and Translations.\u003Cbr \u002F>\nIt is also possible to disable automatic updating of each Themes and Plugins.\u003C\u002Fp>\n\u003Ch4>Scheduled automatic updates\u003C\u002Fh4>\n\u003Cp>Next we will set up a schedule for automatic updates.\u003Cbr \u002F>\nThe update interval can be selected from the following four.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twice Daily (12 hours interval)\u003C\u002Fli>\n\u003Cli>Daily\u003C\u002Fli>\n\u003Cli>Weekly\u003C\u002Fli>\n\u003Cli>Monthly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also set the day, the day of the week, the hour and the minute of the Update Date.\u003C\u002Fp>\n\u003Cp>At the time of automatic update, Automatically updates WordPress Core, Themes, Plugins and Translations to be updated.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you have any trouble, you can use the forums or report bugs.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forum: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Issues: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribution\u003C\u002Fh4>\n\u003Cp>Small patches and bug reports can be submitted a issue tracker in Github. Forking on Github is another good way. You can send a pull request.\u003C\u002Fp>\n\u003Cp>Translating a plugin takes a lot of time, effort, and patience. I really appreciate the hard work from these contributors.\u003C\u002Fp>\n\u003Cp>If you have created or updated your own language pack, you can send gettext PO and MO files to author. I can bundle it into plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\" rel=\"nofollow ugc\">VCS – GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-auto-updater\u002F\" rel=\"ugc\">Homepage – WordPress Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-auto-updater\" rel=\"nofollow ugc\">Translate WP Auto Updater into your language.\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also contribute by answering issues on the forums.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forum: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-auto-updater\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Issues: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Fissues\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute guidlines\u003C\u002Fh4>\n\u003Cp>If you would like to contribute, here are some notes and guidlines.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>All development happens on the \u003Cstrong>develop\u003C\u002Fstrong> branch, so it is always the most up-to-date\u003C\u002Fli>\n\u003Cli>The \u003Cstrong>master\u003C\u002Fstrong> branch only contains tagged releases\u003C\u002Fli>\n\u003Cli>If you are going to be submitting a pull request, please submit your pull request to the \u003Cstrong>develop\u003C\u002Fstrong> branch\u003C\u002Fli>\n\u003Cli>See about \u003Ca href=\"https:\u002F\u002Fhelp.github.com\u002Farticles\u002Ffork-a-repo\u002F\" rel=\"nofollow ugc\">forking\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fhelp.github.com\u002Farticles\u002Fusing-pull-requests\u002F\" rel=\"nofollow ugc\">pull requests\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Test Matrix\u003C\u002Fh4>\n\u003Cp>For operation compatibility between PHP version and WordPress version, see below \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater\u002Factions\" rel=\"nofollow ugc\">Github Actions\u003C\u002Fa>.\u003C\u002Fp>\n","WP Auto Updater plugin enables automatic updates of WordPress Core, Themes, Plugins and Translations. Version control of WordPress Core makes automati &hellip;",7000,111423,92,"2024-08-23T07:15:00.000Z","6.6.5","4.9",[73,4,74,75,76],"auto-update","background-updates","core-updates","updates","https:\u002F\u002Fgithub.com\u002Fthingsym\u002Fwp-auto-updater","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-auto-updater.1.7.3.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":95,"download_link":96,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"update-control","Update Control","1.5","George Stephanis","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeorgestephanis\u002F","\u003Cp>This plugin adds some options to your Settings > General page, letting you specify how auto-upgrades should function, without the need to specify constants or add filters by hand.\u003C\u002Fp>\n","This adds some options to your Settings > General page that let you tweak auto-updates.",4000,46353,88,17,"2017-11-28T09:31:00.000Z","4.5.33","3.7",[4,76],"http:\u002F\u002Fgithub.com\u002Fchipbennett\u002Fupdate-control\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupdate-control.1.5.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":57,"num_ratings":27,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":17,"tags":110,"homepage":112,"download_link":113,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"wp-disable-automatic-updates","WP Disable Automatic Updates","1.1","Daniele De Rosa","https:\u002F\u002Fprofiles.wordpress.org\u002Fbloodspencer\u002F","\u003Cp>WP Disable Automatic Updates allows you to disable all types of automatic wordpress updates very simply. As a special feature you get a status bar. This bar shows you the recent status of each update type. So you always know which update processes you have to disable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable ALL types of automatic updates with 1 Click!\u003C\u002Fli>\n\u003Cli>If you prefer to disable individually – no problem! You can disable only theme updates, plugin updates or core updates if you want.\u003C\u002Fli>\n\u003Cli>Status notification: The status bar shows you which automatic updates are enabled and disabled. So you can start to customize!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Very fast backend – it´s Ajax.\u003C\u002Fli>\n\u003Cli>It´s a simple 1-Click-Configuration!\u003C\u002Fli>\n\u003Cli>No unnecessary options slows up your website! It´s a slim plugin to disable the automatic updates – That´s it! 😉\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to disable all types of automatic Wordpress Updates very simply with some special features.",2000,18435,"2022-05-30T08:57:00.000Z","6.0.11","3.0.1",[4,50,52,111,53],"disable-theme-updates","http:\u002F\u002Fwww.danielederosa.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-disable-automatic-updates.1.2.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":57,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":93,"requires_php":17,"tags":127,"homepage":130,"download_link":131,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"wp-automatic-updates","WP Automatic Updates","1.1.6","Ankit Singla","https:\u002F\u002Fprofiles.wordpress.org\u002Faksingla\u002F","\u003Cp>An easy-to-use plugin settings panel where you can set automatic updates on or off for themes, plugins, and core updates from plugin options.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>In a matter of few clicks, you will be able to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set Minor\u002FMajor Core Updates\u003C\u002Fli>\n\u003Cli>Set Plugin Updates\u003C\u002Fli>\n\u003Cli>Set Theme Updates\u003C\u002Fli>\n\u003Cli>Set Translations Updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003C\u002Ful>\n","Configure WordPress automatic updates settings through backend options. Just install, setup and forget.",400,27182,2,"2018-08-16T12:22:00.000Z","4.8.28",[4,74,75,128,129],"plugin-updates","translation-updates","http:\u002F\u002Fwww.omaksolutions.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-automatic-updates.1.1.6.zip",{"attackSurface":133,"codeSignals":190,"taintFlows":217,"riskAssessment":273,"analyzedAt":283},{"hooks":134,"ajaxHandlers":173,"restRoutes":187,"shortcodes":188,"cronEvents":189,"entryPointCount":27,"unprotectedCount":27},[135,141,146,150,153,156,158,160,162,164,167,170],{"type":136,"name":137,"callback":138,"file":139,"line":140},"filter","allow_major_auto_core_updates","__return_true","automatic-updates.php",18,{"type":142,"name":143,"callback":144,"file":139,"line":145},"action","admin_menu","closure",31,{"type":136,"name":147,"callback":148,"file":139,"line":149},"auto_core_update_send_email","__return_false",50,{"type":136,"name":151,"callback":138,"file":139,"line":152},"allow_dev_auto_core_updates",57,{"type":136,"name":154,"callback":138,"file":139,"line":155},"allow_minor_auto_core_updates",58,{"type":136,"name":137,"callback":138,"file":139,"line":157},59,{"type":136,"name":151,"callback":148,"file":139,"line":159},63,{"type":136,"name":154,"callback":138,"file":139,"line":161},64,{"type":136,"name":137,"callback":148,"file":139,"line":163},65,{"type":136,"name":165,"callback":138,"file":139,"line":166},"automatic_updater_disabled",69,{"type":136,"name":168,"callback":138,"file":139,"line":169},"auto_update_plugin",75,{"type":136,"name":168,"callback":171,"priority":11,"file":139,"line":172},"laksh_automatic_updates_specific_plugin_handler",80,[174,179,183],{"action":175,"nopriv":176,"callback":177,"hasNonce":176,"hasCapCheck":176,"file":139,"line":178},"laksh_automatic_update_core",false,"laksh_automatic_updates_core_handler",20,{"action":180,"nopriv":176,"callback":181,"hasNonce":176,"hasCapCheck":176,"file":139,"line":182},"laksh_automatic_update_plugin","laksh_automatic_updates_plugin_handler",23,{"action":184,"nopriv":176,"callback":185,"hasNonce":176,"hasCapCheck":176,"file":139,"line":186},"laksh_automatic_update_notification","laksh_automatic_updates_notification_handler",27,[],[],[],{"dangerousFunctions":191,"sqlUsage":192,"outputEscaping":194,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":216},[],{"prepared":13,"raw":13,"locations":193},[],{"escaped":13,"rawEcho":195,"locations":196},9,[197,200,202,205,207,209,210,212,214],{"file":139,"line":198,"context":199},101,"raw output",{"file":139,"line":201,"context":199},118,{"file":203,"line":204,"context":199},"inc\\form.php",11,{"file":203,"line":206,"context":199},12,{"file":203,"line":208,"context":199},42,{"file":203,"line":208,"context":199},{"file":203,"line":211,"context":199},45,{"file":203,"line":213,"context":199},46,{"file":203,"line":215,"context":199},78,[],[218,243,255],{"entryPoint":219,"graph":220,"unsanitizedCount":241,"severity":242},"laksh_automatic_updates_core_handler (automatic-updates.php:94)",{"nodes":221,"edges":238},[222,227,231],{"id":223,"type":224,"label":225,"file":139,"line":226},"n0","source","$_GET",99,{"id":228,"type":229,"label":230,"file":139,"line":226},"n1","transform","→ updateCoreOption()",{"id":232,"type":233,"label":234,"file":235,"line":236,"wp_function":237},"n2","sink","update_option() [Settings Manipulation]","Laksh_Automatic_Updates_Core.php",40,"update_option",[239,240],{"from":223,"to":228,"sanitized":176},{"from":228,"to":232,"sanitized":176},1,"low",{"entryPoint":244,"graph":245,"unsanitizedCount":241,"severity":242},"laksh_automatic_updates_notification_handler (automatic-updates.php:123)",{"nodes":246,"edges":252},[247,249,251],{"id":223,"type":224,"label":225,"file":139,"line":248},129,{"id":228,"type":229,"label":250,"file":139,"line":248},"→ updateNotifications()",{"id":232,"type":233,"label":234,"file":235,"line":211,"wp_function":237},[253,254],{"from":223,"to":228,"sanitized":176},{"from":228,"to":232,"sanitized":176},{"entryPoint":256,"graph":257,"unsanitizedCount":124,"severity":242},"\u003Cautomatic-updates> (automatic-updates.php:0)",{"nodes":258,"edges":268},[259,260,261,262,264,266],{"id":223,"type":224,"label":225,"file":139,"line":226},{"id":228,"type":229,"label":230,"file":139,"line":226},{"id":232,"type":233,"label":234,"file":235,"line":236,"wp_function":237},{"id":263,"type":224,"label":225,"file":139,"line":248},"n3",{"id":265,"type":229,"label":250,"file":139,"line":248},"n4",{"id":267,"type":233,"label":234,"file":235,"line":211,"wp_function":237},"n5",[269,270,271,272],{"from":223,"to":228,"sanitized":176},{"from":228,"to":232,"sanitized":176},{"from":263,"to":265,"sanitized":176},{"from":265,"to":267,"sanitized":176},{"summary":274,"deductions":275},"The \"automatic-updates\" plugin v1.3.3 presents a significant security risk due to its unprotected attack surface. All three identified AJAX handlers lack authentication checks, making them easily accessible to unauthenticated users. Furthermore, the static analysis reveals that 100% of observed outputs are not properly escaped, meaning user-supplied data could be injected into the page, leading to potential Cross-Site Scripting (XSS) vulnerabilities. The taint analysis indicates three flows with unsanitized paths, although they are not classified as critical or high severity, they still represent potential avenues for exploitation if combined with other weaknesses. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign. However, this lack of history does not negate the immediate and evident risks identified in the code analysis. In conclusion, while the plugin avoids common pitfalls like raw SQL queries and has no known vulnerabilities, the absence of authentication on AJAX endpoints and the widespread lack of output escaping are severe deficiencies that require immediate attention.",[276,279,281],{"reason":277,"points":278},"AJAX handlers without authentication",15,{"reason":280,"points":206},"Outputs not properly escaped",{"reason":282,"points":195},"Taint flows with unsanitized paths","2026-03-17T00:01:45.185Z",{"wat":285,"direct":290},{"assetPaths":286,"generatorPatterns":287,"scriptPaths":288,"versionParams":289},[],[],[],[],{"cssClasses":291,"htmlComments":292,"htmlAttributes":293,"restEndpoints":294,"jsGlobals":295,"shortcodeOutput":296},[],[],[],[],[],[]]