[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fD-4_AUrYHdbs8wzxqvTtnxX8BZ03pcdU4MyfEKebetk":3,"$fDKItcbW4DomRv5ToIrQBJhbc5xZ4ZbturbhVEoqebS4":357,"$fGn2aNGFBZbrGCbwZ7yxETJfjkKM0JmktuTI-iIHWE2c":361},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":163,"fingerprints":337},"blog-copier","Blog Copier","1.0.7","Modern Tribe, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fmoderntribe\u002F","\u003Cp>A simple and effective approach to copying blogs within a multisite network.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Copy a blog including all its widgets, template settings and more.\u003C\u002Fli>\n\u003Cli>Option to copy or not copy files.\u003C\u002Fli>\n\u003Cli>GUIDs and urls in post contents are migrated automatically.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin was derived from Ron Renneck’s awesome WP Replicator (http:\u002F\u002Fwpebooks.com\u002Freplicator\u002F) plugin, although it’s been 90% rewritten. Changes from the original include the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Improved performance on large scale blogs.\u003C\u002Fli>\n\u003Cli>Improved file copy performance and an option in the admin to bypass copying altogether.\u003C\u002Fli>\n\u003Cli>Removed limit of number of blogs that can be used as a copy source.\u003C\u002Fli>\n\u003Cli>Encapsulated the code in a Class and renamed variables to be more readable.\u003C\u002Fli>\n\u003Cli>Revised UI to keep it simple and easy to use.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Sadly the WordPress file management code is not idea for handling the copying of a large folder with subdirectories so we opted to stick with exec(‘cp’). On the flip side, we set up a filter (copy_blog_files_command) so that you can override it with your own custom copy code.\u003C\u002Fp>\n\u003Cp>This plugin is actively supported and we will do our best to help you. In return we simply as 3 things:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Help Out. If you see a question on the forum you can help with or have a great idea and want to code it up and submit a patch, that would be just plain awesome and we will shower your with praise. Might even be a good way to get to know us and lead to some paid work if you freelance.  Also, we are happy to post translations if you provide them.\u003C\u002Fli>\n\u003Cli>Donate – if this is generating enough revenue to support our time it makes all the difference in the world\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=TWM2GF6BQZGSN\u003C\u002Fli>\n\u003Cli>Support us by buying our Premium plugins. In particular, check out our Events Calendar Pro http:\u002F\u002Ftri.be\u002Fwordpress-events-calendar-pro\u002F\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>It’s pretty straight forward. Select the blog you want to copy. Set a new domain or subdomain and a title. Decide if you want to copy the files or just the data. Click “Copy Now”. Done.\u003C\u002Fp>\n\u003Cp>This DOES NOT copy blogs across networks, back up blogs off the network, or copy the master blog. This also does NOT copy users from one blog to another.\u003C\u002Fp>\n","Enables superusers to copy existing sub blogs to new sub blogs.",100,38010,92,14,"2014-09-05T16:37:00.000Z","3.9.40","3.0","",[20,21,22,23,24],"blog","copy","duplicate","replicate","site","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fblog-copier\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.7.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"moderntribe",7,7830,30,84,"2026-05-20T00:51:48.843Z",[41,65,90,107,148],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":63,"unpatched_count":63,"last_vuln_date":64,"fetched_at":30},"multisite-post-duplicator","Multisite Post Duplicator","1.7.6","MagicStick","https:\u002F\u002Fprofiles.wordpress.org\u002Fmagicstick\u002F","\u003Cp>Duplicate\u002FCopy\u002FClone any individual page, post or custom post type from one site on your multisite network to another.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Multisite Post Duplicator can copy the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom fields\u003C\u002Fli>\n\u003Cli>Related post meta\u003C\u002Fli>\n\u003Cli>Custom post types on your network (make sure post type exists in your destination site)\u003C\u002Fli>\n\u003Cli>Featured image\u003C\u002Fli>\n\u003Cli>Images within post content\u003C\u002Fli>\n\u003Cli>Tags\u003C\u002Fli>\n\u003Cli>Categories. (If the category doesn’t exist in the destination site then the category is created and assigned to the post)\u003C\u002Fli>\n\u003Cli>Taxonomy terms. (make sure taxonomy is also registered on your destination site).\u003C\u002Fli>\n\u003Cli>Parent and child relationships (must use batch duplication option to achieve this).\u003C\u002Fli>\n\u003Cli>Site Media files to other sites on your network\u003C\u002Fli>\n\u003Cli>ACF Fields\u003C\u002Fli>\n\u003Cli>ACF Field Groups (sync field groups within your network!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create a duplication link\u002Fsyndication\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If you ever update the source post again it will automatically update the duplicated page and keep them in sync.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Tools\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Batch Duplication\u003C\u002Fli>\n\u003Cli>Metabox control within Post\u002Fpage edit screen\u003C\u002Fli>\n\u003Cli>Activity Log. View information on all duplications performed within your network\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Settings\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Settings page to customise the default behaviour\u003C\u002Fli>\n\u003Cli>Manage you linked duplications. Add\u002FRemove.\u003C\u002Fli>\n\u003Cli>Restrict functionality to only certain sites on your network\u003C\u002Fli>\n\u003Cli>Restrict functionality to users of certain roles\u003C\u002Fli>\n\u003Cli>Select what status you want your new copy of post to be i.e Published, Draft etc\u003C\u002Fli>\n\u003Cli>Specify a prefix for the new post to avoid confusion\u003C\u002Fli>\n\u003Cli>Choose to ignore specific post meta keys in the duplication process\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Developers\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create your own addons! Multisite Post Duplicator is now fully extendable. Create your own functionality. Check out the API \u003Ca href=\"http:\u002F\u002Fwww.wpmaz.uk\u002Fmpddocs\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Check out a list of hooks you can use (http:\u002F\u002Fwww.wpmaz.uk\u002Fmultisite-post-duplicator-actions-and-filters\u002F).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Duplicate\u002FCopy\u002FClone any individual page, post or custom post type from one site on your multisite network to another.",400,97222,94,37,"2018-04-09T17:44:00.000Z","4.8.28","3.7",[21,22,57,58,59],"multi-site","multisite","post","http:\u002F\u002Fwww.wpmaz.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-post-duplicator.zip",63,1,"2016-12-09 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":35,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":18,"tags":79,"homepage":85,"download_link":86,"security_score":87,"vuln_count":88,"unpatched_count":28,"last_vuln_date":89,"fetched_at":30},"local-sync","WP Duplicate – WordPress Migration Plugin","1.1.10","revmakx","https:\u002F\u002Fprofiles.wordpress.org\u002Frevmakx\u002F","\u003Cp>WP Duplicate (Formerly LocalSync) provides you with the easiest and the fastest way to clone or migrate a site from one server to another with the click of a button.\u003Cbr \u002F>\nThe migration process is highly reliable and is proven to migrate bigger sites without any errors.\u003C\u002Fp>\n\u003Ch3>Why WP Duplicate?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Simplest Cloning Tool\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Just install the WP Duplicate plugin on the destination site and the live site and start syncing, no need to enter FTP details.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Incremental Cloning\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Only the changed files are cloned from the source site to the destination site. So the cloning process is faster.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Load Images From Live Site\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With WP Duplicate you can directly load the images of Live site, so that you do not need to copy media files which will save a lot of time during the cloning process.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Clone Live Site To Local Computer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With WP Duplicate you can clone any production site to your Local Computer (MAMP, LAMP, XAMP, etc..).\u003C\u002Fp>\n","Easily migrate or clone your WordPress Site from one host to another.",200,10130,66,"2026-02-06T03:18:00.000Z","6.9.4","3.0.1",[80,81,82,83,84],"clone","copy-site","migrate","wp-duplicate","wpduplicate","https:\u002F\u002Flocalsync.infinitewp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flocal-sync.1.1.10.zip",96,2,"2026-02-05 19:59:16",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":11,"downloaded":98,"rating":51,"num_ratings":99,"last_updated":100,"tested_up_to":101,"requires_at_least":17,"requires_php":18,"tags":102,"homepage":105,"download_link":106,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"multisite-cloner","Multisite Cloner","0.2.2.1","Manuel Razzari","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanuelrazzari\u002F","\u003Cp>In WordPress Multisite, new sites get a boring default template, without any custom settings or starter content.\u003C\u002Fp>\n\u003Cp>This plugin allows you to select a specific blog on your network, a “master” one, that will be cloned every time a new blog is created.\u003C\u002Fp>\n\u003Cp>In this way, new blogs will contain all posts, uploads, theme settings and plugin options from the master blog.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>It uses MySQL \u003Ccode>INSERT INTO ... SELECT\u003C\u002Fcode> to copy \u003Cem>every\u003C\u002Fem> table from the “master” blog into the new one. This is fast!\u003C\u002Fli>\n\u003Cli>Then it does a search and replace on the new blog’s tables, to replace the old URL with the new one.\u003Cbr \u002F>\nThis is done in a way that respects serialized arrays, so your plugin’s settings will be preserved.\u003Cbr \u002F>\n(We used a heavily trimmed down version of Interconnect\u002FIT’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Finterconnectit\u002FSearch-Replace-DB\" rel=\"nofollow ugc\">Search and Replace\u003C\u002Fa> tool for that, so go thank them for this!)\u003C\u002Fli>\n\u003Cli>It proceeds to copy all files from the \u003Ccode>wp-content\u002Fuploads\u003C\u002Fcode> dir of your master blog into the new one’s, so that all assets will work as expected.\u003C\u002Fli>\n\u003Cli>Finally it does some house clean-up, updating the new blog’s title, admin email, and user roles as needed.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Go check the screenshots, it’s really simple and does what it says.\u003Cbr \u002F>\nGive it a try!\u003C\u002Fp>\n\u003Cp>\u003Cem>This plugin was handcrafted with love and ‘yerba mate’ by the team at \u003Ca href=\"http:\u002F\u002Fwww.tipit.net\u002F\" title=\"Sustainable Web development since 1996 in Austin, Texas\" rel=\"nofollow ugc\">Tipit.net\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n","When creating a new blog on WordPress Multisite, copies all the posts, settings and files, from a selected blog into the new one.",35158,29,"2016-11-18T20:45:00.000Z","4.6.30",[80,21,103,58,104],"copy-blog","wpmu","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-cloner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-cloner.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":18,"short_description":113,"active_installs":114,"downloaded":115,"rating":28,"num_ratings":28,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":146,"download_link":147,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"accounting-records-copywriter","Accounting Records Copywriter","1.0.0","Smiling_Hemp","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmiling_hemp\u002F","Упрощение работы администратора с копиратером рерайтером на вашем блоге \u002F Admin’s work simplification with copywriter rewriter for your blog",10,1899,"2015-12-09T14:53:00.000Z","4.4.34","4.3",[120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145],"blogger","content","content-creation","content-optimization","copywriter","copywriting","freelance-writer","freelancer","google","hire-blogger","hire-writer","keywords","optimized-texts","rewriter","search-engine-optimization","seo","seo-content","seo-text","seotext","text","text-creation","text-optimization","unique-content","web-site-content","website-content","yandex","http:\u002F\u002Favkproject.ru\u002Fplugins\u002Faccounting-records-copywriter.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faccounting-records-copywriter.zip",{"slug":149,"name":150,"version":151,"author":152,"author_profile":153,"description":154,"short_description":155,"active_installs":114,"downloaded":156,"rating":28,"num_ratings":28,"last_updated":157,"tested_up_to":77,"requires_at_least":158,"requires_php":159,"tags":160,"homepage":161,"download_link":162,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"network-post-duplicator","Network Post Duplicator","2.0.0","jvelgar","https:\u002F\u002Fprofiles.wordpress.org\u002Fjvelgar\u002F","\u003Cp>Duplicate your posts to all the sites in your network without complications.\u003C\u002Fp>\n\u003Cp>With Network Post Duplicator, you can publish content once and duplicate it across multiple sites in your WordPress multisite. This helps you save time, avoid repetitive tasks, and keep a consistent publishing workflow.\u003C\u002Fp>\n\u003Cp>Simple configuration: From the plugin settings screen, you can select the post types where duplication is enabled and define how you want duplication\u002Fsynchronization to behave.\u003C\u002Fp>\n\u003Cp>Intuitive duplication from the editing screen: Once activated, the plugin adds duplication controls in the post editor so you can choose target sites and duplicate with a few clicks.\u003C\u002Fp>\n\u003Cp>Optimize your workflow: Manage network-wide publishing faster and focus on content quality instead of recreating the same post site by site.\u003C\u002Fp>\n\u003Cp>Post synchronization: Keep duplicated posts aligned when the parent post is updated.\u003C\u002Fp>\n\u003Cp>Free version features:\u003Cbr \u002F>\n1. Duplicate posts across selected sites in your multisite network.\u003Cbr \u002F>\n2. Enable duplication per post type from plugin settings.\u003Cbr \u002F>\n3. Duplicate directly from the post editing screen.\u003Cbr \u002F>\n4. Basic synchronization support for duplicated posts.\u003Cbr \u002F>\n5. Security hardening and multisite-safe blog switching patterns.\u003C\u002Fp>\n\u003Cp>PRO version features:\u003Cbr \u002F>\n1. Parent-child relationship map with sync status (\u003Ccode>npd_children_map\u003C\u002Fcode>).\u003Cbr \u002F>\n2. Selective Sync policy (global and per post override).\u003Cbr \u002F>\n3. Post meta duplication\u002Fsync with blacklist and replace\u002Fmerge mode.\u003Cbr \u002F>\n4. SEO presets for Yoast, RankMath, and AIOSEO.\u003Cbr \u002F>\n5. ACF support for complex field types (image, gallery, file, relationship, post_object).\u003Cbr \u002F>\n6. Advanced media synchronization (featured image mapping, embedded uploads URL rewrite, Gutenberg\u002Fgallery ID remap).\u003Cbr \u002F>\n7. Bulk duplication actions with batch processing.\u003Cbr \u002F>\n8. Child-to-parent quick navigation from the metabox.\u003Cbr \u002F>\n9. Dedicated top-level admin menu and modern settings UI.\u003Cbr \u002F>\n10. Custom capability (\u003Ccode>npd_manage_duplication\u003C\u002Fcode>) and additional nonce\u002Fcapability hardening.\u003C\u002Fp>\n\u003Cp>Use the free version for everyday duplication, and PRO when you need granular control for high-volume multisite operations.\u003C\u002Fp>\n","A simple plugin to duplicate your posts across a WordPress multisite network, with optional PRO tools for advanced synchronization.",2337,"2026-02-25T22:17:00.000Z","4.7","5.6",[80,21,22,58,59],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnetwork-post-duplicator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-post-duplicator.zip",{"attackSurface":164,"codeSignals":181,"taintFlows":210,"riskAssessment":325,"analyzedAt":336},{"hooks":165,"ajaxHandlers":177,"restRoutes":178,"shortcodes":179,"cronEvents":180,"entryPointCount":28,"unprotectedCount":28},[166,172],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","network_admin_menu","ms_add_page","blog-copier.php",50,{"type":173,"name":174,"callback":175,"priority":114,"file":170,"line":176},"filter","manage_sites_action_links","add_site_action",51,[],[],[],[],{"dangerousFunctions":182,"sqlUsage":187,"outputEscaping":190,"fileOperations":28,"externalRequests":28,"nonceChecks":88,"capabilityChecks":63,"bundledLibraries":209},[183],{"fn":184,"file":170,"line":185,"context":186},"exec",374,"exec($command);",{"prepared":188,"raw":28,"locations":189},12,[],{"escaped":88,"rawEcho":191,"locations":192},8,[193,196,198,200,202,204,205,207],{"file":170,"line":194,"context":195},123,"raw output",{"file":170,"line":197,"context":195},126,{"file":170,"line":199,"context":195},139,{"file":170,"line":201,"context":195},146,{"file":170,"line":203,"context":195},155,{"file":170,"line":203,"context":195},{"file":170,"line":206,"context":195},166,{"file":170,"line":208,"context":195},168,[],[211,235],{"entryPoint":212,"graph":213,"unsanitizedCount":28,"severity":234},"admin_page (blog-copier.php:86)",{"nodes":214,"edges":230},[215,220,225,228],{"id":216,"type":217,"label":218,"file":170,"line":219},"n0","source","$_POST (x3)",106,{"id":221,"type":222,"label":223,"file":170,"line":197,"wp_function":224},"n1","sink","echo() [XSS]","echo",{"id":226,"type":217,"label":227,"file":170,"line":87},"n2","$_GET",{"id":229,"type":222,"label":223,"file":170,"line":201,"wp_function":224},"n3",[231,233],{"from":216,"to":221,"sanitized":232},true,{"from":226,"to":229,"sanitized":232},"low",{"entryPoint":236,"graph":237,"unsanitizedCount":63,"severity":324},"\u003Cblog-copier> (blog-copier.php:0)",{"nodes":238,"edges":308},[239,240,241,242,243,247,252,255,260,262,265,268,273,276,280,283,286,289,291,294,297,299,302,305],{"id":216,"type":217,"label":218,"file":170,"line":219},{"id":221,"type":222,"label":223,"file":170,"line":197,"wp_function":224},{"id":226,"type":217,"label":227,"file":170,"line":87},{"id":229,"type":222,"label":223,"file":170,"line":201,"wp_function":224},{"id":244,"type":217,"label":245,"file":170,"line":246},"n4","$_POST",102,{"id":248,"type":222,"label":249,"file":170,"line":250,"wp_function":251},"n5","get_col() [SQLi]",296,"get_col",{"id":253,"type":217,"label":254,"file":170,"line":246},"n6","$_POST (x4)",{"id":256,"type":222,"label":257,"file":170,"line":258,"wp_function":259},"n7","get_results() [SQLi]",304,"get_results",{"id":261,"type":217,"label":245,"file":170,"line":246},"n8",{"id":263,"type":222,"label":264,"file":170,"line":185,"wp_function":184},"n9","exec() [RCE]",{"id":266,"type":217,"label":267,"file":170,"line":246},"n10","$_POST (x2)",{"id":269,"type":222,"label":270,"file":170,"line":271,"wp_function":272},"n11","query() [SQLi]",390,"query",{"id":274,"type":217,"label":245,"file":170,"line":275},"n12",244,{"id":277,"type":278,"label":279,"file":170,"line":275},"n13","transform","→ copy_blog_data()",{"id":281,"type":222,"label":257,"file":170,"line":282,"wp_function":259},"n14",328,{"id":284,"type":217,"label":245,"file":170,"line":285},"n15",248,{"id":287,"type":278,"label":288,"file":170,"line":285},"n16","→ copy_blog_files()",{"id":290,"type":222,"label":264,"file":170,"line":185,"wp_function":184},"n17",{"id":292,"type":217,"label":245,"file":170,"line":293},"n18",249,{"id":295,"type":278,"label":296,"file":170,"line":293},"n19","→ replace_content_urls()",{"id":298,"type":222,"label":270,"file":170,"line":271,"wp_function":272},"n20",{"id":300,"type":217,"label":245,"file":170,"line":301},"n21",342,{"id":303,"type":278,"label":304,"file":170,"line":301},"n22","→ replace_guid_urls()",{"id":306,"type":222,"label":270,"file":170,"line":307,"wp_function":272},"n23",406,[309,310,311,312,313,314,315,317,318,319,320,321,322,323],{"from":216,"to":221,"sanitized":232},{"from":226,"to":229,"sanitized":232},{"from":244,"to":248,"sanitized":232},{"from":253,"to":256,"sanitized":232},{"from":261,"to":263,"sanitized":232},{"from":266,"to":269,"sanitized":232},{"from":274,"to":277,"sanitized":316},false,{"from":277,"to":281,"sanitized":232},{"from":284,"to":287,"sanitized":316},{"from":287,"to":290,"sanitized":316},{"from":292,"to":295,"sanitized":316},{"from":295,"to":298,"sanitized":232},{"from":300,"to":303,"sanitized":316},{"from":303,"to":306,"sanitized":232},"critical",{"summary":326,"deductions":327},"The blog-copier plugin v1.0.7 presents a mixed security profile. On the positive side, it exhibits strong practices by using prepared statements for all SQL queries, avoiding file operations and external HTTP requests, and including a reasonable number of nonce and capability checks relative to its limited attack surface. The absence of any recorded vulnerabilities or CVEs in its history is also a significant strength, suggesting a history of stable and potentially well-maintained code.\n\nHowever, the static analysis reveals some critical areas of concern. The presence of the `exec` function is a red flag, as it can be used to execute arbitrary commands on the server if not handled with extreme care. Compounding this, the taint analysis indicates a flow with an unsanitized path, identified as a critical severity issue. This flow, combined with the `exec` function, could potentially lead to remote code execution if an attacker can control the input to this unsanitized path.\n\nWhile the plugin's attack surface appears small and seemingly protected, the critical taint flow is a significant weakness. The lack of historical vulnerabilities might be due to the limited exposure or a past successful defense against potential exploits. Nevertheless, the critical taint flow and the `exec` function are serious enough to warrant immediate attention and mitigation.",[328,331,333],{"reason":329,"points":330},"Critical severity taint flow with unsanitized path",15,{"reason":332,"points":114},"Use of dangerous function 'exec'",{"reason":334,"points":335},"Low percentage of properly escaped output",6,"2026-03-16T20:42:37.496Z",{"wat":338,"direct":343},{"assetPaths":339,"generatorPatterns":340,"scriptPaths":341,"versionParams":342},[],[],[],[],{"cssClasses":344,"htmlComments":345,"htmlAttributes":346,"restEndpoints":354,"jsGlobals":355,"shortcodeOutput":356},[],[],[347,348,349,350,351,352,353],"name=\"source_blog\"","name=\"blog[domain]\"","name=\"blog[title]\"","name=\"copy_files\"","title=\"Subdomain\"","title=\"Domain\"","title=\"Title\"",[],[],[],{"error":232,"url":358,"statusCode":359,"statusMessage":360,"message":360},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fblog-copier\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":191,"versions":362},[363,368,375,382,389,396,403,410],{"version":6,"download_url":26,"svn_tag_url":364,"released_at":29,"has_diff":316,"diff_files_changed":365,"diff_lines":29,"trac_diff_url":366,"vulnerabilities":367,"is_current":232},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.6&new_path=%2Fblog-copier%2Ftags%2F1.0.7",[],{"version":369,"download_url":370,"svn_tag_url":371,"released_at":29,"has_diff":316,"diff_files_changed":372,"diff_lines":29,"trac_diff_url":373,"vulnerabilities":374,"is_current":316},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.5&new_path=%2Fblog-copier%2Ftags%2F1.0.6",[],{"version":376,"download_url":377,"svn_tag_url":378,"released_at":29,"has_diff":316,"diff_files_changed":379,"diff_lines":29,"trac_diff_url":380,"vulnerabilities":381,"is_current":316},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.4&new_path=%2Fblog-copier%2Ftags%2F1.0.5",[],{"version":383,"download_url":384,"svn_tag_url":385,"released_at":29,"has_diff":316,"diff_files_changed":386,"diff_lines":29,"trac_diff_url":387,"vulnerabilities":388,"is_current":316},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.3&new_path=%2Fblog-copier%2Ftags%2F1.0.4",[],{"version":390,"download_url":391,"svn_tag_url":392,"released_at":29,"has_diff":316,"diff_files_changed":393,"diff_lines":29,"trac_diff_url":394,"vulnerabilities":395,"is_current":316},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.2&new_path=%2Fblog-copier%2Ftags%2F1.0.3",[],{"version":397,"download_url":398,"svn_tag_url":399,"released_at":29,"has_diff":316,"diff_files_changed":400,"diff_lines":29,"trac_diff_url":401,"vulnerabilities":402,"is_current":316},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0.1&new_path=%2Fblog-copier%2Ftags%2F1.0.2",[],{"version":404,"download_url":405,"svn_tag_url":406,"released_at":29,"has_diff":316,"diff_files_changed":407,"diff_lines":29,"trac_diff_url":408,"vulnerabilities":409,"is_current":316},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fblog-copier%2Ftags%2F1.0&new_path=%2Fblog-copier%2Ftags%2F1.0.1",[],{"version":411,"download_url":412,"svn_tag_url":413,"released_at":29,"has_diff":316,"diff_files_changed":414,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":415,"is_current":316},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblog-copier.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fblog-copier\u002Ftags\u002F1.0\u002F",[],[]]