[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJSQVuQ7Pa-X1h2vEn2XDd2ltdT6kF4t81CwMBrsWmzQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":133,"fingerprints":212},"brief","Brief","1.0.1","Andrey Matin","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewmatin\u002F","\u003Cp>Brief is a WordPress plugin to show dashboard widget with development reports, readme, documentation from developer to client.\u003Cbr \u002F>\nThe plugin supports markdown format. Developer can also add brand logo and link into report widget by configuration panel.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Changelog in Markdown format\u003C\u002Fli>\n\u003Cli>Readme in Markdown format\u003C\u002Fli>\n\u003Cli>Brand Logo\u002FLink\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable dashboard widget\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Privacy notices\u003C\u002Fh4>\n\u003Cp>This plugin does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>track users by stealth;\u003C\u002Fli>\n\u003Cli>write any user personal data to the database;\u003C\u002Fli>\n\u003Cli>send any data to external servers;\u003C\u002Fli>\n\u003Cli>use cookies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Vendor JavaScript Libraries\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>jQuery Library \u003Ca href=\"https:\u002F\u002Fjquery.com\u002F\" rel=\"nofollow ugc\">jQuery\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>JavaScript converter Markdown to HTML \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fshowdownjs\u002Fshowdown\" rel=\"nofollow ugc\">showdown.js\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Col>\n\u003Cli>After installation please visit ‘Admin area’ – ‘Settings’ – ‘Brief’\u003C\u002Fli>\n\u003Cli>Check ‘Enable’ on the ‘Brief’ page\u003C\u002Fli>\n\u003Cli>Optionally add Brand logo and fill Developer Profile URL\u003C\u002Fli>\n\u003Cli>Update Changelog textarea in Markdown format\u003C\u002Fli>\n\u003Cli>Update Readme teaxtarea in Markdown format by technical documentation\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Changes will appear at ‘Dashboard’ area ‘Brief’ widget\u003C\u002Fp>\n","Development reports and documentation",0,1020,"2021-08-15T18:08:00.000Z","5.8.13","5.8","",[18,19,20,21,22],"changelog","promotions","readme","report","widget","https:\u002F\u002Fgithub.com\u002Fandreymatin\u002Fwp-brief","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrief.1.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"andrewmatin",1,30,84,"2026-04-04T20:30:18.492Z",[36,62,82,100,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":58,"download_link":59,"security_score":60,"vuln_count":31,"unpatched_count":11,"last_vuln_date":61,"fetched_at":27},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,631204,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5","7.4",[53,54,55,56,57],"admin","administration","dashboard-widget","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":63,"name":64,"version":6,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":16,"tags":76,"homepage":80,"download_link":81,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"report-an-error","Report an error","ortox","https:\u002F\u002Fprofiles.wordpress.org\u002Fortox\u002F","\u003Cp>With this plugin visitors will be able to report typos or mistakes seen on your websites.\u003Cbr \u002F>\nSelect the error and click Ctrl+Enter. Inform your visitors about this ability with widget or shortcode.\u003C\u002Fp>\n\u003Cp>С помощью данного плагина посетители смогут сообщить об опечатках или ошибках, замеченных на ваших сайтах.\u003C\u002Fp>\n\u003Cp>Для того, чтобы отправить сообщение об ошибке, необходимо выделить текст на странице сайта, где замечена ошибка, и нажать сочетание клавиш Ctrl+Enter или специальную ссылку. Появится диалоговое окно, в котором пользователь сможет написать комментарий и отправить сообщение об ошибке.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fsupport.prihod.ru\u002Fdocs\u002Fkonfiguraciya-sajta\u002Fsoobshhit-ob-opechatke\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Requirements:\u003C\u002Fstrong> WordPress 3.3+, PHP5 and higher\u003C\u002Fp>\n","With this plugin visitors will be able to report typos or mistakes seen on your websites.",50,2280,100,2,"2015-11-26T13:27:00.000Z","4.4.34","3.3",[77,78,21,79,22],"%d0%be%d0%bf%d0%b5%d1%87%d0%b0%d1%82%d0%ba%d0%b0","error","typo","http:\u002F\u002Fprihod.ru","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freport-an-error.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":11,"num_ratings":11,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":16,"tags":95,"homepage":98,"download_link":99,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bns-theme-add-ins","BNS Theme Add-Ins","0.7","Edward Caissie","https:\u002F\u002Fprofiles.wordpress.org\u002Fcais\u002F","\u003Cp>A collection of functions and code that can be used to extend the capabilities of WordPress Parent-Themes and Child-Themes.\u003Cbr \u002F>\n* Copyright 2011-2014  Edward Caissie  (email : edward.caissie@gmail.com)\u003C\u002Fp>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify\u003Cbr \u002F>\n  it under the terms of the GNU General Public License version 2,\u003Cbr \u002F>\n  as published by the Free Software Foundation.\u003C\u002Fp>\n\u003Cp>You may NOT assume that you can use any other version of the GPL.\u003C\u002Fp>\n\u003Cp>This program is distributed in the hope that it will be useful,\u003Cbr \u002F>\n  but WITHOUT ANY WARRANTY; without even the implied warranty of\u003Cbr \u002F>\n  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\u003Cbr \u002F>\n  GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License\u003Cbr \u002F>\n  along with this program; if not, write to the Free Software\u003Cbr \u002F>\n  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA\u003C\u002Fp>\n\u003Cp>The license for this software can also likely be found here:\u003Cbr \u002F>\n  http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Please note, support may be available on the WordPress Support forums; but, it may be faster to visit http:\u002F\u002Fbuynowshop.com\u002Fplugins\u002Fbns-theme-add-ins\u002F and leave a comment with the issue you are experiencing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin utilizes three text files if included with the active theme, although these files are not required for the plugin to work correctly they will enhance its functionality if they exist:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>readme.txt\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>changelog.txt\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>support.txt\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Extend the capabilities of WordPress Parent-Themes and Child-Themes",10,3442,"2016-04-10T18:02:00.000Z","4.5.33","3.5",[53,18,96,97,20],"child-themes","login","http:\u002F\u002Fbuynowshop.com\u002Fplugins\u002Fbns-theme-add-ins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbns-theme-add-ins.0.7.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":90,"downloaded":108,"rating":71,"num_ratings":31,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":51,"tags":112,"homepage":16,"download_link":116,"security_score":71,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"js-error-logger","JS Error Logger","1.3.1","JFG Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fjfgmedia\u002F","\u003Cp>The plugin catches most JS errors, logs them, and displays them in a dashboard widget.\u003C\u002Fp>\n\u003Cp>Here are some of its features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\nExcept for the plugin settings, there is no database storage involved. Log is written in a “.log” file.\n\u003C\u002Fli>\n\u003Cli>\nDisplay latest JS errors in a dashboard widget.\n\u003C\u002Fli>\n\u003Cli>\nRefresh errors from the dashboard widget.\n\u003C\u002Fli>\n\u003Cli>\nSee the full error log on a separate page.\n\u003C\u002Fli>\n\u003Cli>\nIgnore errors if the user agent contains a specific string.\n\u003C\u002Fli>\n\u003Cli>\nIgnore errors if the error contains a specific string.\n\u003C\u002Fli>\n\u003Cli>\nIgnore errors if the script url contains a specific string.\n\u003C\u002Fli>\n\u003Cli>\nSee which page and which script triggered the errors.\n\u003C\u002Fli>\n\u003Cli>\nChoose the maximum amount of errors to log per page load.\n\u003C\u002Fli>\n\u003Cli>\nExclude logging errors from specific post types.\n\u003C\u002Fli>\n\u003Cli>\nChoose how ajax calls are made.\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developer hooks and filters\u003C\u002Fh4>\n\u003Cp>The plugin cleans the log every 24 hours, to only keep the last 100 entries.\u003Cbr \u002F>\nYou may use the “jserrlog_max_log_entries” WP filter to enable more or less entries, by returning an integer: \u003Ccode>add_filter('jserrlog_max_log_entries',function(){return 200;})\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Alter error data:\u003Cbr \u002F>\nYou may use the “jserrlog_pre_insert_error” WP filter to modify the error data before it’s inserted into the log file: \u003Ccode>add_filter('jserrlog_pre_insert_error',function($error_data){return $error_data;})\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Trigger integrations:\u003Cbr \u002F>\nYou may use the “jserrlog_after_log” WP hook to trigger an action (Slack notification, etc.) after an error was logged: \u003Ccode>add_action('jserrlog_after_log',function($error_data){\u002F\u002Fdo something})\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Backup old errors:\u003Cbr \u002F>\nYou may use the “jserrlog_before_log_maintenance” WP hook to trigger an action (archive errors, etc.) before old errors are deleted: \u003Ccode>add_action('jserrlog_before_log_maintenance',function($errors){\u002F\u002Fdo something})\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Multisite\u003C\u002Fh4>\n\u003Cp>The plugin works with multisite. There’s one error log per site.\u003C\u002Fp>\n","Logs front-end javascript errors, and displays them in a dashboard widget",1446,"2025-12-11T05:34:00.000Z","6.9.4","5.0",[55,113,56,114,115],"debug","javascript","js","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjs-error-logger.1.3.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":90,"downloaded":125,"rating":71,"num_ratings":72,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":51,"tags":129,"homepage":16,"download_link":132,"security_score":71,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"simple-log-viewer","Simple Log Viewer","1.0.4","Pedro Avelar","https:\u002F\u002Fprofiles.wordpress.org\u002Fpedroasa\u002F","\u003Cp>A simple plugin to log errors in real time in a metabox in the admin panel, too integrated with WP-CLI.\u003C\u002Fp>\n\u003Cp>For the run command with WP-CLI is necessary to activate the plugin and install WP-CLI.\u003C\u002Fp>\n\u003Cp>When running, paste the command \u003Ccode>wp slvpl logs-erros\u003C\u002Fcode> into the terminal, by default the number of lines is 1000 but you can control the number of lines through the \u003Ccode>--num_linhas\u003C\u002Fcode> parameter\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For the example\u003C\u002Fstrong>:  \u003Ccode>wp slvpl logs-erros [--num_linhas=\u003Cnum_linhas>]\u003C\u002Fcode> or\u003Cbr \u002F>\nbetter in the example \u003Ccode>wp slvpl logs-erros --num_linhas=100\u003C\u002Fcode>.\u003C\u002Fp>\n","A simple plugin to log errors in real time in a metabox in the admin panel, too integrated with WP-CLI",1857,"2025-05-26T01:49:00.000Z","6.6.5","5.4",[55,113,56,130,131],"erros","logs","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-log-viewer.1.0.4.zip",{"attackSurface":134,"codeSignals":159,"taintFlows":199,"riskAssessment":200,"analyzedAt":211},{"hooks":135,"ajaxHandlers":155,"restRoutes":156,"shortcodes":157,"cronEvents":158,"entryPointCount":11,"unprotectedCount":11},[136,142,147,150],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_init","brief_add_admin_scripts","includes\\brief-scripts.php",18,{"type":137,"name":143,"callback":144,"file":145,"line":146},"admin_menu","brief_options_menu_link","includes\\brief-settings.php",132,{"type":137,"name":138,"callback":148,"file":145,"line":149},"brief_register_settings",140,{"type":137,"name":151,"callback":152,"file":153,"line":154},"wp_dashboard_setup","brief_dashboard_widgets","includes\\brief-widget.php",141,[],[],[],[],{"dangerousFunctions":160,"sqlUsage":161,"outputEscaping":163,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":198},[],{"prepared":11,"raw":11,"locations":162},[],{"escaped":11,"rawEcho":164,"locations":165},16,[166,169,171,173,175,177,179,181,183,185,187,189,190,192,194,196],{"file":145,"line":167,"context":168},54,"raw output",{"file":145,"line":170,"context":168},55,{"file":145,"line":172,"context":168},58,{"file":145,"line":174,"context":168},59,{"file":145,"line":176,"context":168},68,{"file":145,"line":178,"context":168},79,{"file":145,"line":180,"context":168},91,{"file":145,"line":182,"context":168},103,{"file":145,"line":184,"context":168},115,{"file":145,"line":186,"context":168},129,{"file":153,"line":188,"context":168},47,{"file":153,"line":69,"context":168},{"file":153,"line":191,"context":168},90,{"file":153,"line":193,"context":168},101,{"file":153,"line":195,"context":168},112,{"file":153,"line":197,"context":168},123,[],[],{"summary":201,"deductions":202},"The plugin 'brief' v1.0.1 demonstrates a strong security posture in several key areas based on the provided static analysis. Notably, there are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-value attack surface. This significantly limits the potential entry points for attackers. Furthermore, the code shows no direct SQL queries without prepared statements and reports no file operations or external HTTP requests, which are common vectors for vulnerabilities.\n\nHowever, a significant concern arises from the complete lack of output escaping, with 100% of outputs being unescaped. This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data, if processed and displayed without proper sanitization, could be rendered directly in the browser, leading to malicious script execution. The absence of nonce checks and capability checks also indicates a potential for authorization bypasses if any of the zero entry points were to be implemented in the future without these crucial security measures.\n\nThe plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the absence of dangerous functions and critical\u002Fhigh taint flows, is a positive indicator. However, the lack of these issues could also be attributed to the limited attack surface and potentially simple functionality of the plugin. The primary weakness lies in the unescaped output, which, if exploitable, could lead to severe security consequences. Therefore, while the plugin appears robust in its infrastructure, the handling of output data presents a substantial risk that needs immediate attention.",[203,206,209],{"reason":204,"points":205},"All outputs unescaped",8,{"reason":207,"points":208},"No nonce checks",5,{"reason":210,"points":208},"No capability checks","2026-03-17T06:40:04.692Z",{"wat":213,"direct":224},{"assetPaths":214,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[215,216,217],"\u002Fwp-content\u002Fplugins\u002Fbrief\u002Fassets\u002Fcss\u002Fstyles-admin.css","\u002Fwp-content\u002Fplugins\u002Fbrief\u002Fassets\u002Fjs\u002Fshowdown.js","\u002Fwp-content\u002Fplugins\u002Fbrief\u002Fassets\u002Fjs\u002Fscripts-admin.js",[],[216,217],[221,222,223],"brief\u002Fassets\u002Fcss\u002Fstyles-admin.css?ver=","brief\u002Fassets\u002Fjs\u002Fshowdown.js?ver=","brief\u002Fassets\u002Fjs\u002Fscripts-admin.js?ver=",{"cssClasses":225,"htmlComments":236,"htmlAttributes":241,"restEndpoints":251,"jsGlobals":252,"shortcodeOutput":253},[226,227,228,229,230,231,232,233,234,235],"brief-widget","brief-brand-link","brief-tabs","brief-tabs-list","brief-tabs-items","brief-tabs-links","brief-tabs-card","brief-tabs-card__content","brief-tabs-card__footer","brief-expand",[237,238,239,240],"\u003C!-- Changelog Card -->","\u003C!-- Docs Card -->","\u003C!-- Promotions Card -->","\u003C!-- Emergency Card -->",[242,243,244,245,246,247,248,249,250],"id=\"brief-widget\"","id=\"brief-brand\"","class=\"brief-tabs-list\"","class=\"brief-tabs-items\"","class=\"brief-tabs-links\"","class=\"brief-tabs-card\"","class=\"brief-tabs-card__content\"","class=\"brief-tabs-card__footer\"","class=\"brief-expand\"",[],[],[254,255,256,257],"\u003Cdiv id=\"briefChangelog\" class=\"brief-tabs-card active\">","\u003Cdiv id=\"briefDocs\" class=\"brief-tabs-card\">","\u003Cdiv id=\"briefPromotions\" class=\"brief-tabs-card\">","\u003Cdiv id=\"briefEmergency\" class=\"brief-tabs-card\">"]