[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpQe5uq--srFrB1-WObHTBVBwACuCy5kNQDjiT9EnVkQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":16,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":130,"fingerprints":186},"badge-for-glotpress","Badge for GlotPress","1.0.2","Bastien Ho","https:\u002F\u002Fprofiles.wordpress.org\u002Fbastho\u002F","\u003Cp>Generate SVG badges of translation statuses in your projects. This plugin requires GlotPress to be installed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Badges:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Project badges:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>translation_sets\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>sub_projects\u003C\u002Fcode> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Translation sets badges:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>all_count\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>untranslated_count\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>percent_translated\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>waiting_count\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>warnings_count\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>\u003Ccode>fuzzy_count\u003C\u002Fcode> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Example:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fexample.com\u002Fglotpress\u002Fbadge\u002Fpath\u002Fof\u002Fthe\u002Fproject\u002Fpercent_translated-fr.svg\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For basic URLs scheme, use this format:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fexample.com\u002F?gp_badge=true&project_path=the\u002Fproject\u002Fpath\u002F&locale=fr&info=percent_translated\u003C\u002Fli>\n\u003C\u002Ful>\n","Generate badges for GloPress in your projects",0,1421,"2025-12-10T07:09:00.000Z","6.9.4","5.0","",[18,19,20,21,22],"badge","git","glotpress","translation","version","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbadge-for-glotpress.1.0.2.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"bastho",12,2150,88,15,86,"2026-04-04T15:37:51.503Z",[37,58,81,99,114],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":14,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"gitium","Gitium","1.2.2","Presslabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fpresslabs\u002F","\u003Cp>Automatic git version control and deployment for your plugins and themes integrated into wp-admin.\u003C\u002Fp>\n\u003Ch3>About the makers\u003C\u002Fh3>\n\u003Cp>This plugin was developed by the crafty people at Presslabs—the Smart Managed WordPress Hosting Platform. Here we bring high-performance hosting and business intelligence for WordPress sites. In our spare time, we contribute to the global open-source community with our code.\u003C\u002Fp>\n\u003Cp>We’ve built Gitium back in 2013 to provide our clients a more simple and error-free method to integrate a new git version control into their code management flow.\u003C\u002Fp>\n\u003Ch3>What is Gitium?\u003C\u002Fh3>\n\u003Cp>This plugin enables continuous deployment for WordPress, integrating with tools such as Github, Bitbucket or Travis-CI. Theme or plugin updates, installs and removals are all automatically versioned. Ninja code edits from the WordPress editor are also tracked by the version control system.\u003C\u002Fp>\n\u003Ch3>Why is Gitium?\u003C\u002Fh3>\n\u003Cp>Gitium is designed with responsible development environments in mind, allowing staging and production to follow different branches of the same repository. You can also deploy code by simply using git push.\u003C\u002Fp>\n\u003Cp>Gitium requires git command line tool with a minimum version of 1.7 installed on the server and the proc_open PHP function enabled.\u003C\u002Fp>\n\u003Ch3>Gitium features:\u003C\u002Fh3>\n\u003Cp>-preserves the WordPress behavior\u003Cbr \u002F>\n-accountability for code changes\u003Cbr \u002F>\n-safe code storage—gets all code edits in Git\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>For more details about Gitium, head here: http:\u002F\u002Fdocs.presslabs.com\u002Fgitium\u002Fusage\u002F\u003C\u002Fp>\n\u003Ch3>Receiving is nicer when giving\u003C\u002Fh3>\n\u003Cp>We’ve built this to make our lives easier and we’re happy to do that for other developers, too. We’d really appreciate it if you could contribute with code, tests, documentation or just share your experience with Gitium.\u003C\u002Fp>\n\u003Cp>Development of Gitium happens at http:\u002F\u002Fgithub.com\u002FPressLabs\u002Fgitium\u003Cbr \u002F>\nIssues are tracked at http:\u002F\u002Fgithub.com\u002FPressLabs\u002Fgitium\u002Fissues\u003Cbr \u002F>\nThis WordPress plugin can be found at https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgitium\u002F\u003C\u002Fp>\n","Automatic git version control and deployment for your plugins and themes integrated into wp-admin.",400,21917,82,10,"2025-12-10T10:26:00.000Z","4.7","7.4",[19,38,53,54,55],"presslabs","revision","version-control","https:\u002F\u002Fwww.presslabs.com\u002Fgitium\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgitium.1.2.2.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":16,"tags":73,"homepage":78,"download_link":79,"security_score":80,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"localize","Localize WordPress","0.4","S","https:\u002F\u002Fprofiles.wordpress.org\u002Fsushkov\u002F","\u003Cp>This plugin allows you to switch your WordPress installation to use any of the\u003Cbr \u002F>\nlanguages available on \u003Ca href=\"http:\u002F\u002Ftranslate.wordpress.org\" rel=\"nofollow ugc\">GlotPress\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Some of the features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No gettext compiler required!\u003C\u002Fli>\n\u003Cli>Does all the dirty work from editing \u003Ccode>wp-config.php\u003C\u002Fcode> to downloading the right files\u003C\u002Fli>\n\u003Cli>Can switch between versions. Available: stable and dev\u003C\u002Fli>\n\u003Cli>Uses GlotPress api!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F19433386\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n","Easily switch to any localization from GlotPress",200,23338,90,2,"2011-07-06T00:08:00.000Z","3.2.1","2.9",[20,74,75,76,77],"locale","localization","switch","translations","https:\u002F\u002Fgithub.com\u002Fstas\u002Flocalize","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flocalize.0.4.zip",85,{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":24,"downloaded":89,"rating":24,"num_ratings":69,"last_updated":90,"tested_up_to":14,"requires_at_least":15,"requires_php":91,"tags":92,"homepage":16,"download_link":98,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"badges-woo","Badges Woo","1.2.1","DanielRiera","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielriera\u002F","\u003Cp>Badges Woo lets you display custom badges over WooCommerce product images without editing the original image.\u003C\u002Fp>\n\u003Cp>You can create badges manually per product, assign reusable presets, or apply presets automatically when products match specific rules such as sale, featured, out of stock, or new.\u003C\u002Fp>\n\u003Cp>The plugin is designed to work on shop loops, category archives, tag archives, and single product pages.\u003C\u002Fp>\n\u003Ch4>Main features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manual product badges with custom text\u003C\u002Fli>\n\u003Cli>Automatic badge rules:\n\u003Cul>\n\u003Cli>\u003Ccode>sale\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>featured\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>outofstock\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>new\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Global presets that can be assigned to products\u003C\u002Fli>\n\u003Cli>Automatic global presets that apply when product rules match\u003C\u002Fli>\n\u003Cli>Product badge priority over preset badges\u003C\u002Fli>\n\u003Cli>Optional display on the single product page\u003C\u002Fli>\n\u003Cli>Optional setting to hide the default WooCommerce sale badge when a custom badge exists\u003C\u002Fli>\n\u003Cli>Multiple positions:\n\u003Cul>\n\u003Cli>\u003Ccode>top\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>bottom\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>left\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>right\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>center\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>left-top\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>right-top\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>left-bottom\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>right-bottom\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>top-left\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>top-right\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>bottom-left\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>bottom-right\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>center-left\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>center-right\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Multiple shapes:\n\u003Cul>\n\u003Cli>\u003Ccode>default\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>rounded\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>pill\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>circle\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>diamond\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>star\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>hexagon\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>ticket\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>bookmark\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>burst\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Adjustable colors, opacity, font size, font weight, and single product zoom\u003C\u002Fli>\n\u003Cli>Emoji support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Badge priority\u003C\u002Fh4>\n\u003Cp>Badge output is resolved in this order:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Product badge\u003C\u002Fli>\n\u003Cli>Selected product preset\u003C\u002Fli>\n\u003Cli>Global auto-apply preset\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If an automatic rule is active and no custom text is defined, the plugin uses the default rule label such as \u003Ccode>Sale\u003C\u002Fcode>, \u003Ccode>Featured\u003C\u002Fcode>, \u003Ccode>Out of stock\u003C\u002Fcode>, or \u003Ccode>New\u003C\u002Fcode>.\u003C\u002Fp>\n","Badges Woo lets you display custom badges over WooCommerce product images without editing the original image.",12151,"2026-03-14T23:14:00.000Z","8.0",[93,94,95,96,97],"badges","conversion","product-badges","sales","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbadges-woo.1.2.1.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":24,"downloaded":107,"rating":11,"num_ratings":11,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":16,"tags":111,"homepage":112,"download_link":113,"security_score":80,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"wp-translation","WP Translation Status","0.1","Pascal Casier","https:\u002F\u002Fprofiles.wordpress.org\u002Fcasiepa\u002F","\u003Cp>Let admins have a direct way to the translation of a plugin with an action link on the plugins page.\u003C\u002Fp>\n\u003Cp>Current features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It verifies the local site language and points you to the plugins central translation on GlotPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","Make a link to GlotPress centralised translation so contributor can help translating the plugin that do not have yet a translation in the local site l &hellip;",843,"2016-09-05T07:58:00.000Z","4.6.30","4.0",[20,21],"http:\u002F\u002Fcasier.eu\u002Fwp-dev","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-translation.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":11,"num_ratings":11,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":16,"tags":127,"homepage":128,"download_link":129,"security_score":80,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"gp-removed-powered-by","GP Remove Powered By","1.0","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>A plugin for \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGlotPress\u002FGlotPress-WP\" rel=\"nofollow ugc\">GlotPress as a WordPress plugin\u003C\u002Fa> that removes the “Powered By” in the footer.\u003C\u002Fp>\n","A plugin for GlotPress as a WordPress plugin that removes the \"Powered By\" in the footer.",80,6393,"2023-12-03T02:50:00.000Z","6.4.8","4.4",[20,21],"http:\u002F\u002Fglot-o-matic.com\u002Fgp-remove-powered-by","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-removed-powered-by.1.0.zip",{"attackSurface":131,"codeSignals":160,"taintFlows":172,"riskAssessment":173,"analyzedAt":185},{"hooks":132,"ajaxHandlers":148,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":69,"unprotectedCount":69},[133,139,144],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","init","Badge4GlotPress_rewrites_init","gp-badge.php",18,{"type":140,"name":141,"callback":142,"file":137,"line":143},"filter","query_vars","Badge4GlotPress_query_var",19,{"type":134,"name":145,"callback":146,"file":137,"line":147},"wp","Badge4GlotPress_check_query",20,[149,154],{"action":150,"nopriv":151,"callback":152,"hasNonce":151,"hasCapCheck":151,"file":137,"line":153},"badge4glotpress",false,"Badge4GlotPress",16,{"action":150,"nopriv":155,"callback":152,"hasNonce":151,"hasCapCheck":151,"file":137,"line":156},true,17,[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":165,"externalRequests":165,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":171},[],{"prepared":11,"raw":11,"locations":163},[],{"escaped":165,"rawEcho":165,"locations":166},1,[167],{"file":168,"line":169,"context":170},"Badge.php",224,"raw output",[],[],{"summary":174,"deductions":175},"The \"badge-for-glotpress\" plugin exhibits several concerning security weaknesses despite a lack of known historical vulnerabilities. The static analysis reveals a significant attack surface, with two AJAX handlers identified as entry points, both of which lack proper authentication checks. This absence of authorization on AJAX endpoints represents a critical risk, as it allows any unauthenticated user to trigger these functions, potentially leading to unauthorized actions or information disclosure.\n\nWhile the plugin demonstrates good practices by using prepared statements for all SQL queries and not bundling external libraries, the unescaped output on 50% of its outputs is a notable concern. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not properly sanitized before being displayed. The lack of nonce checks on AJAX handlers exacerbates this risk, as malicious scripts could be injected and executed without any validation. The absence of capability checks further compounds the authorization issue.\n\nGiven the absence of past CVEs, the plugin might appear secure, but this can also indicate that vulnerabilities have simply not been discovered or reported yet. The current static analysis findings, particularly the unprotected AJAX endpoints and unescaped output, point to a fragile security posture that requires immediate attention. The plugin's strengths lie in its SQL query handling and absence of bundled libraries, but these are overshadowed by the critical lack of authentication and authorization on its primary entry points.",[176,178,180,183],{"reason":177,"points":48},"AJAX handlers without authentication checks",{"reason":179,"points":48},"AJAX handlers without capability checks",{"reason":181,"points":182},"Unescaped output on 50% of outputs",4,{"reason":184,"points":48},"AJAX handlers without nonce checks","2026-03-17T06:24:26.168Z",{"wat":187,"direct":192},{"assetPaths":188,"generatorPatterns":189,"scriptPaths":190,"versionParams":191},[],[],[],[],{"cssClasses":193,"htmlComments":194,"htmlAttributes":195,"restEndpoints":196,"jsGlobals":198,"shortcodeOutput":199},[],[],[],[197],"\u002Fglotpress\u002Fapi\u002Fprojects\u002F(.*)",[],[]]