[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVhGzGJ2fQ_9G51zS1brQLT7ZDrsZreqBQnn4uNXGuJk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":54,"analysis":163,"fingerprints":306},"backend-designer","Backend Designer","1.4","Daniele De Rosa","https:\u002F\u002Fprofiles.wordpress.org\u002Fbloodspencer\u002F","\u003Cp>The Backend Designer allows you to create your own Color Scheme for your WordPress admin panel with \u003Cstrong>Live-Preview.\u003C\u002Fstrong> Also you can customize the Login screen uploading your own logo and style it with your favorite colors. So helpful to make client projects unique!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>See it in action!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=NZuNEaZnu1M\" rel=\"nofollow ugc\">Backend Designer – Video\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FNZuNEaZnu1M?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create your own design for the WordPress Backend. It´s so easy.\u003C\u002Fli>\n\u003Cli>Customize the WordPress Login screen. Upload your own logo and style it with your favorite colors.\u003C\u002Fli>\n\u003Cli>Upload an awesome background image to your login screen to make it very unique.\u003C\u002Fli>\n\u003Cli>Set your favorite font family for your backend.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live Preview:\u003C\u002Fstrong> You can see the color changes while changing.\u003C\u002Fli>\n\u003Cli>You have the possibility to enable your created color scheme globally for all users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Benefits\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It´s very fast. Style your backend in 2 minutes and make it awesome!\u003C\u002Fli>\n\u003Cli>Preview your changes live before you save them.\u003C\u002Fli>\n\u003Cli>Your WordPress Backend will look very unique. Be creative!\u003C\u002Fli>\n\u003C\u002Ful>\n","Create your own design for the Wordpress Backend with live-preview and customize the Login screen with your own logo and awesome color styles.",1000,13176,100,4,"2024-04-11T09:08:00.000Z","6.5.8","3.0.1","",[20,4,21,22,23],"admin-theme","backend-theme","customize-admin","design-backend","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbackend-designer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbackend-designer.1.4.zip",91,1,0,"2024-04-16 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2024-32591","backend-designer-authenticated-admin-stored-cross-site-scripting","Backend Designer \u003C= 1.3 - Authenticated (Admin+) Stored Cross-Site Scripting","The Backend Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.3","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-04-23 15:48:20",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa0829035-7782-456d-acd5-639051d7ebc3?source=api-prod",8,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":46,"trust_score":52,"computed_at":53},"bloodspencer",5,3160,86,84,"2026-04-04T04:29:31.803Z",[55,75,97,121,143],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":13,"num_ratings":27,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"easybackendstyle","Easy Backend-Style","2.2.4","FARN Labs","https:\u002F\u002Fprofiles.wordpress.org\u002Ffarndesign\u002F","\u003Cp>Seamlessly adjust color schemes, effortlessly transforming the look and feel of your backend interface.\u003Cbr \u002F>\nWith an automated color generation feature from just two base colors, achieving a cohesive design is a breeze.\u003Cbr \u002F>\nDive deeper into customization with advanced fields, allowing precise adjustments to fine-tune your backend’s appearance.\u003Cbr \u002F>\nThis plugin seamlessly integrates with all WordPress backend styles, ensuring a consistent experience across the board.\u003C\u002Fp>\n\u003Cp>** Plugin Demo **\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=82_csWeNwFc\" rel=\"nofollow ugc\">Demo Video\u003C\u002Fa>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F82_csWeNwFc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","This plugin allows you to easily customize the colors in the backend. The changes are easily made via predefined fields.",200,4351,"2025-06-09T15:08:00.000Z","6.8.5","6.0","8.0",[20,21,70,71,72],"color-scheme","customize-design","wordpress-customization","https:\u002F\u002Fgithub.com\u002Ffarndesign\u002FeasyBackendStyle","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasybackendstyle.2.2.4.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":94,"download_link":95,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"ot-admin-theme","OT Admin Theme","1.0","Jobayer Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fjobayer007\u002F","\u003Cp>This is an awesome Plugins to customize color for your WordPress Admin area.\u003C\u002Fp>\n\u003Cp>We are providing you to change your WordPress admin color. It is fully free. No pro version available , fully free.\u003Cbr \u002F>\nThis is plugins is very easy to use . After active the plugin , just go to “OT Admin Theme” from the left menu bar of Admin Area\u003C\u002Fp>\n","OT WordPress Admin theme Plugin will give unlimited color for your WP admin area",10,1691,3,"2015-08-24T10:07:00.000Z","4.3.34","4.2",[90,20,91,92,93],"admin-template","color-admin","wp-backend-template","wp-backend-theme","http:\u002F\u002Forangeit-info.com\u002Fot-wordpress-admin-theme-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fot-admin-theme.zip",85,{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":107,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":117,"download_link":118,"security_score":119,"vuln_count":27,"unpatched_count":28,"last_vuln_date":120,"fetched_at":30},"add-admin-css","Add Admin CSS","2.5.1","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>Ever want to tweak the appearance of the WordPress admin pages by hiding stuff, moving stuff around, changing fonts, colors, sizes, etc? Any modification you may want to do with CSS can easily be done via this plugin.\u003C\u002Fp>\n\u003Cp>Using this plugin you’ll easily be able to define additional CSS (inline and\u002For files by URL) to be added to all administration pages. Hooks are provided to customize the output of the CSS, the CSS files, and if\u002Fwhen the CSS should even be output (see Hooks section).\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fadd-admin-css\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-admin-css\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fadd-admin-css\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Cp>Developer documentation can be found in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fadd-admin-css\u002Fblob\u002Fmaster\u002FDEVELOPER-DOCS.md\" rel=\"nofollow ugc\">DEVELOPER-DOCS.md\u003C\u002Fa>. That documentation covers the hooks provided by the plugin.\u003C\u002Fp>\n\u003Cp>As an overview, these are the hooks provided by the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_add_admin_css\u003C\u002Fcode>             : Filter to customize the CSS that should be added directly to the admin page head.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_add_admin_css_files\u003C\u002Fcode>       : Filter to customize the list of CSS files to enqueue in the admin.\u003C\u002Fli>\n\u003Cli>\u003Ccode>c2c_add_admin_css_disable_css\u003C\u002Fcode> : Filter to customize if the CSS defined via this plugin should be output or not.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily define additional CSS (inline and\u002For by URL) to be added to all administration pages.",10000,139633,98,35,"2025-12-08T22:40:00.000Z","6.9.4","5.5",[113,20,114,115,116],"admin","css","style","stylesheets","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fadd-admin-css\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-admin-css.2.5.1.zip",99,"2024-07-26 13:03:15",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":141,"download_link":142,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"slate-admin-theme","Slate Admin Theme","1.2.4","ryansommers","https:\u002F\u002Fprofiles.wordpress.org\u002Fryansommers\u002F","\u003Cp>Slate provides a clean, simplified design for your WordPress Admin area.\u003C\u002Fp>\n\u003Cp>Our goal was to simplify the visual design with a primary focus on the content writing experience.\u003C\u002Fp>\n\u003Cp>If you like Slate, please consider leaving a review here on WordPress. Thank you!\u003C\u002Fp>\n","A clean, simplified WordPress Admin theme.",6000,140933,94,44,"2022-01-31T18:42:00.000Z","5.9.13","4.0",[137,20,138,139,140],"admin-page","white-label","wordpress-admin-panel","wordpress-admin-theme","http:\u002F\u002Fsevenbold.com\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fslate-admin-theme.1.2.4.zip",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":153,"num_ratings":108,"last_updated":154,"tested_up_to":155,"requires_at_least":135,"requires_php":18,"tags":156,"homepage":161,"download_link":162,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"aquila-admin-theme","Aquila Admin Theme","3.1.1","GuyPrimavera","https:\u002F\u002Fprofiles.wordpress.org\u002Fguyprimavera\u002F","\u003Cp>A Material Design inspired customisable color scheme and re-design for WordPress Admin (v4.0 onwards). Aquila also cleans up the admin area from unnecessary or potentially confusing items for the end-user.\u003C\u002Fp>\n\u003Cp>Many updates have been made to the admin area, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Admin area complete re-design.\u003C\u002Fli>\n\u003Cli>Use your own logo instead of the WordPress logo in the admin area and login screen.\u003C\u002Fli>\n\u003Cli>Customisable color scheme with color picker.\u003C\u002Fli>\n\u003Cli>Roboto typeface to match Material Design guidelines.\u003C\u002Fli>\n\u003Cli>“Posts” renamed to “Blog” (can be changed back in Aquila Settings).\u003C\u002Fli>\n\u003Cli>Dashboard metaboxes removed and cleaned up.\u003C\u002Fli>\n\u003Cli>User “Profile” area cleaned up and simplified.\u003C\u002Fli>\n\u003Cli>New custom icon pack.\u003C\u002Fli>\n\u003Cli>Current user role added as an admin body class.\u003C\u002Fli>\n\u003Cli>Removed “How are you..” from the top-right corner.\u003C\u002Fli>\n\u003Cli>Re-designed login screen.\u003C\u002Fli>\n\u003Cli>Admin bar de-cluttered.\u003C\u002Fli>\n\u003Cli>New dashboard widgets.\u003C\u002Fli>\n\u003Cli>WordPress and plugins support links on dashboard.\u003C\u002Fli>\n\u003Cli>“Update” notifications hidden from Editors.\u003C\u002Fli>\n\u003Cli>“Post Format” removed from posts.\u003C\u002Fli>\n\u003Cli>Multisite support.\u003C\u002Fli>\n\u003Cli>Gutenberg support.\u003C\u002Fli>\n\u003Cli>View server information directly on the dashboard.\u003C\u002Fli>\n\u003Cli>Media Library support for clear PNG images.\u003C\u002Fli>\n\u003Cli>Aquila Settings page to control most of these options.\u003C\u002Fli>\n\u003C\u002Ful>\n","Material Design inspired admin theme with a customisable color scheme. Add your own custom logo to match your website.",4000,69423,88,"2021-05-31T14:29:00.000Z","5.7.15",[20,157,158,159,160],"material-design-admin-theme","material-design-wordpress","material-design-wordpress-admin","material-wordpress","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Faquila-admin-theme\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faquila-admin-theme.3.1.1.zip",{"attackSurface":164,"codeSignals":209,"taintFlows":264,"riskAssessment":291,"analyzedAt":305},{"hooks":165,"ajaxHandlers":205,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":28,"unprotectedCount":28},[166,172,176,180,185,189,194,197,201],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","admin_enqueue_scripts","ddbd_load_styles_scripts","admin\\options.php",7,{"type":167,"name":173,"callback":174,"file":170,"line":175},"admin_menu","ddbd_add_admin_menu",26,{"type":167,"name":177,"callback":178,"file":170,"line":179},"admin_init","ddbd_settings_init",27,{"type":181,"name":182,"callback":183,"file":170,"line":184},"filter","get_user_option_admin_color","closure",391,{"type":167,"name":186,"callback":187,"file":170,"line":188},"admin_footer","ddbd_scripts",403,{"type":167,"name":190,"callback":191,"file":192,"line":193},"plugins_loaded","ddbd_plugin_init_locales","backend-designer.php",30,{"type":167,"name":186,"callback":195,"file":196,"line":85},"ddbd_output_styles","output\\styles.php",{"type":167,"name":198,"callback":199,"file":196,"line":200},"login_enqueue_scripts","ddbd_login_screen_customize",166,{"type":167,"name":202,"callback":203,"file":196,"line":204},"admin_head","backend_designer_font",210,[],[],[],[],{"dangerousFunctions":210,"sqlUsage":211,"outputEscaping":213,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":263},[],{"prepared":28,"raw":28,"locations":212},[],{"escaped":214,"rawEcho":215,"locations":216},2,23,[217,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,255,257,259,261],{"file":170,"line":218,"context":219},184,"raw output",{"file":170,"line":221,"context":219},195,{"file":170,"line":223,"context":219},206,{"file":170,"line":225,"context":219},217,{"file":170,"line":227,"context":219},228,{"file":170,"line":229,"context":219},359,{"file":196,"line":231,"context":219},37,{"file":196,"line":233,"context":219},38,{"file":196,"line":235,"context":219},39,{"file":196,"line":237,"context":219},57,{"file":196,"line":239,"context":219},77,{"file":196,"line":241,"context":219},119,{"file":196,"line":243,"context":219},134,{"file":196,"line":245,"context":219},142,{"file":196,"line":247,"context":219},143,{"file":196,"line":249,"context":219},144,{"file":196,"line":251,"context":219},145,{"file":196,"line":253,"context":219},152,{"file":196,"line":218,"context":219},{"file":196,"line":256,"context":219},192,{"file":196,"line":258,"context":219},193,{"file":196,"line":260,"context":219},199,{"file":196,"line":262,"context":219},227,[],[265,282],{"entryPoint":266,"graph":267,"unsanitizedCount":27,"severity":39},"backend_designer_font (output\\styles.php:211)",{"nodes":268,"edges":279},[269,274],{"id":270,"type":271,"label":272,"file":196,"line":273},"n0","source","$_SERVER",221,{"id":275,"type":276,"label":277,"file":196,"line":262,"wp_function":278},"n1","sink","echo() [XSS]","echo",[280],{"from":270,"to":275,"sanitized":281},false,{"entryPoint":283,"graph":284,"unsanitizedCount":27,"severity":290},"\u003Cstyles> (output\\styles.php:0)",{"nodes":285,"edges":288},[286,287],{"id":270,"type":271,"label":272,"file":196,"line":273},{"id":275,"type":276,"label":277,"file":196,"line":262,"wp_function":278},[289],{"from":270,"to":275,"sanitized":281},"low",{"summary":292,"deductions":293},"The 'backend-designer' plugin exhibits a mixed security posture. While the static analysis reveals a lack of common attack vectors like AJAX handlers, REST API routes, shortcodes, and cron events, indicating a potentially limited attack surface, several concerning signals are present. The very low percentage of properly escaped output (8%) combined with two flows with unsanitized paths, even if not critical or high severity in the taint analysis, suggests a significant risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce and capability checks on any entry points further exacerbates this risk, as any unescaped output could potentially be triggered by an unauthenticated or lower-privileged user. The plugin's vulnerability history, with a recent medium severity XSS vulnerability, reinforces the concern about output sanitization. Although no unpatched CVEs are currently listed, the pattern of XSS vulnerabilities and the static analysis findings point to a need for substantial improvements in output escaping and authorization checks.",[294,297,299,301,303],{"reason":295,"points":296},"Low output escaping percentage",15,{"reason":298,"points":83},"Unsanitized paths in taint flows",{"reason":300,"points":83},"No capability checks",{"reason":302,"points":83},"No nonce checks",{"reason":304,"points":49},"Recent medium severity vulnerability (XSS)","2026-03-16T18:50:33.562Z",{"wat":307,"direct":315},{"assetPaths":308,"generatorPatterns":312,"scriptPaths":313,"versionParams":314},[309,310,311],"\u002Fwp-content\u002Fplugins\u002Fbackend-designer\u002Fadmin\u002Fcss\u002Fspectrum.css","\u002Fwp-content\u002Fplugins\u002Fbackend-designer\u002Fadmin\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fbackend-designer\u002Fadmin\u002Fjs\u002Fspectrum.js",[],[311],[],{"cssClasses":316,"htmlComments":322,"htmlAttributes":323,"restEndpoints":340,"jsGlobals":341,"shortcodeOutput":342},[317,318,319,320,321],"ddbd_options_field_primarycolor","ddbd_options_field_text_primary","ddbd_options_field_secondarycolor","ddbd_options_field_text_secondary","ddbd_options_field_focus_color",[],[324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339],"name='ddbd_settings[primarycolor]'","name='ddbd_settings[text-for-primary]'","name='ddbd_settings[secondarycolor]'","name='ddbd_settings[text-for-secondary]'","name='ddbd_settings[focus-color]'","name='ddbd_settings[custom_font]'","name='ddbd_settings[custom_logo]'","name='ddbd_settings[custom_bg_image]'","name='ddbd_settings[login_bg_color]'","name='ddbd_settings[login_text_color]'","value='Open Sans'","value='Arvo'","value='Bitter'","value='Chivo'","value='Domine'","value='Droid Sans'",[],[],[]]