[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fT1z5b8H7d7NpTWoW5T1L6-KnKPPoxhVtt7gxrbBPmWc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":149,"fingerprints":255},"bugherd-dashboard","Bugherd Dashboard","1.0.0","Brandon Lavigne","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrrobotnik\u002F","\u003Cp>Bugherd is an amazingly convenient way for users\u002Fclients to submit issues, or bugs that they’ve found on the website. It is however missing a client facing view for them to see the status of bugs submitted. The BugHerd Dashboard helps solve this.\u003C\u002Fp>\n\u003Ch4>The Dashboard Widget\u003C\u002Fh4>\n\u003Cp>Provides a quick and brief way to check the statuses of all submitted bugs.\u003C\u002Fp>\n","The Bugherd Dashboard provides a client facing interface within WordPress to track the progress of the bugs that have been submitted.",40,5943,100,1,"2014-04-24T19:31:00.000Z","3.9.40","3.5.1","",[20,21,22,23],"bug-tracking","bugherd","dashboard","widget","http:\u002F\u002Fgithub.com\u002Fdrrobotnik\u002Fbugherd-dashboard","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbugherd-dashboard.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"drrobotnik",4,160,89,30,86,"2026-04-04T13:27:22.908Z",[40,64,86,110,129],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":61,"download_link":62,"security_score":13,"vuln_count":14,"unpatched_count":27,"last_vuln_date":63,"fetched_at":29},"dashboard-welcome-for-elementor","Dashboard Welcome for Elementor","1.0.10","IdeaBox Creations","https:\u002F\u002Fprofiles.wordpress.org\u002Fideaboxcreations\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=repo-homepage-link\" title=\"PowerPack Elements\" rel=\"nofollow ugc\">Dashboard Welcome by PowerPack Elements\u003C\u002Fa> gives you full control over the WordPress welcome panel using Elementor. You can personalize the dashboard with content and design built with Elementor. You can add heading, contact information, form, video, images, affiliate links, etc.\u003C\u002Fp>\n\u003Cp>PLUS, you can display a template as per the user role.\u003C\u002Fp>\n\u003Ch4>How this works?\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F2wG1Jb0B7T4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a layout with Elementor.\u003C\u002Fli>\n\u003Cli>Go to plugin settings and select the layout from dropdown for any user role.\u003C\u002Fli>\n\u003Cli>Save the setting. Done!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Our other Elementor addons\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=powerpack-elementor\" title=\"PowerPack for Elementor\" rel=\"nofollow ugc\">PowerPack for Elementor\u003C\u002Fa> – Extend Elementor with 50+ Creative Widgets and build beautiful websites.\u003C\u002Fp>\n","Replaces the default WordPress dashboard welcome panel with custom designed Elementor template.",20000,152714,82,23,"2026-02-23T15:38:00.000Z","6.9.4","6.3","7.4",[22,57,58,59,60],"dashboard-widget","elementor","elementor-addon","elementor-template","https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-welcome-for-elementor.1.0.10.zip","2022-12-16 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":48,"downloaded":72,"rating":37,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":55,"tags":77,"homepage":82,"download_link":83,"security_score":84,"vuln_count":14,"unpatched_count":27,"last_vuln_date":85,"fetched_at":29},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",631204,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5",[78,79,57,80,81],"admin","administration","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":53,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":107,"download_link":108,"security_score":13,"vuln_count":14,"unpatched_count":27,"last_vuln_date":109,"fetched_at":29},"analytics-insights","Analytics Insights – Google Analytics Dashboard for WordPress","6.3.12","Alin Marcu","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeconf\u002F","\u003Cp>Analytics Insights is a free WordPress plugin that enables site tracking using the latest Google Analytics 4 tracking code. It allows you to view key Google Analytics stats in your WordPress Dashboard.\u003C\u002Fp>\n\u003Ch4>Google Analytics Reports, Stats and Insights\u003C\u002Fh4>\n\u003Cp>Analytics Insights displays the reports you need on your dashboard and on the site’s frontend. Audience, acquisition, behavior, engagement and real-time stats are all presented as charts within a dedicated dashboard widget.\u003C\u002Fp>\n\u003Cp>In addition to a set of general Google Analytics stats, insights like in-depth Page reports and in-depth Post reports are available.\u003C\u002Fp>\n\u003Cp>The Google Analytics tracking code is fully customizable through options and hooks, allowing advanced data collection like custom dimensions and events.\u003C\u002Fp>\n\u003Ch4>Google Analytics Real-Time Stats\u003C\u002Fh4>\n\u003Cp>Google Analytics reports, in real-time, in your dashboard screen:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Real-time number of visitors \u003C\u002Fli>\n\u003Cli>Real-time number of visitors per page\u003C\u002Fli>\n\u003Cli>Real-time device category \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Analytics Reports and Insights\u003C\u002Fh4>\n\u003Cp>The Google Analytics insights and reports you need on your dashboard and on the site’s frontend:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sessions, organic searches, page views, bounce rate analytics stats\u003C\u002Fli>\n\u003Cli>Locations, pages, referrers, keywords, 404 errors analytics stats\u003C\u002Fli>\n\u003Cli>Traffic channels, social networks, traffic mediums, search engines analytics stats\u003C\u002Fli>\n\u003Cli>Device categories, browsers, operating systems, screen resolutions, mobile brands analytics stats\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Analytics Tracking\u003C\u002Fh4>\n\u003Cp>Installs the latest Google Analytics tracking code and allows full code customization:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Analytics 4 tracking code\u003C\u002Fli>\n\u003Cli>Accelerated Mobile Pages (AMP) support for Google Analytics\u003C\u002Fli>\n\u003Cli>Cross domain tracking\u003C\u002Fli>\n\u003Cli>Ecommerce support for Google Analytics\u003C\u002Fli>\n\u003Cli>User privacy oriented features and much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>With Analytics Insights you can easily track events like downloads, page scrolling depth, outbound links, emails. In addition, you can track custom event categories, actions, and labels using annotated HTML elements.\u003C\u002Fp>\n\u003Cp>Custom dimensions tracking of authors, publication date, categories, tags is also possible with Analytics Insights.\u003C\u002Fp>\n\u003Ch4>Google Tag Manager Tracking\u003C\u002Fh4>\n\u003Cp>As an alternative to Google Analytics tracking code, you can use Google Tag Manager for tracking:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Tag Manager code\u003C\u002Fli>\n\u003Cli>Data Layer variables: authors, publication date, categories, tags, user type\u003C\u002Fli>\n\u003Cli>Accelerated Mobile Pages (AMP) support for Google Tag Manager\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Accelerated Mobile Pages (AMP) features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Google Tag Manager basic tracking\u003C\u002Fli>\n\u003Cli>Google Analytics basic tracking \u003C\u002Fli>\n\u003Cli>Events tracking, custom dimensions tracking, annotated HTML elements tracking\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Analytics Insights on Multisite\u003C\u002Fh4>\n\u003Cp>This plugin is fully compatible with multisite network installs, allowing three setup modes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Mode 1: network activated using multiple Google Analytics accounts\u003C\u002Fli>\n\u003Cli>Mode 2: network activated using a single Google Analytics account\u003C\u002Fli>\n\u003Cli>Mode 3: network deactivated using multiple Google Analytics accounts\u003C\u002Fli>\n\u003C\u002Ful>\n","A full-featured and entirely free Google Analytics Dashboard plugin for WordPress. Displays stats to help you to better understand your site content.",10000,210282,92,34,"2026-01-04T10:44:00.000Z","3.5","5.6",[102,103,104,105,106],"google-analytics","google-analytics-dashboard","google-analytics-widget","website-analytics","wordpress-analytics","https:\u002F\u002Fdeconf.com\u002Fanalytics-insights-google-analytics-dashboard-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanalytics-insights.6.3.12.zip","2024-01-17 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":94,"downloaded":118,"rating":96,"num_ratings":119,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":125,"download_link":126,"security_score":127,"vuln_count":14,"unpatched_count":14,"last_vuln_date":128,"fetched_at":29},"dashboard-notepad","Dashboard Notepad","1.42","Stephanie Leary","https:\u002F\u002Fprofiles.wordpress.org\u002Fsillybean\u002F","\u003Cp>This dashboard widget provides a simple notepad. The widget settings allow you to choose which roles can edit the notes, and which roles can merely read them. Version 1.30 also adds support for custom roles and integrates with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmembers\u002F\" rel=\"ugc\">Members plugin\u003C\u002Fa> for role settings.\u003C\u002Fp>\n\u003Cp>You can display the contents of your notepad using a template tag and\u002For shortcode. The widget permissions apply to these tags as well: only users with permission to read the notes will see the notes on the front end. You can use \u003Ccode>div#dashboard-notes\u003C\u002Fcode> in your theme’s CSS file to style the notes.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Belorussian (be_BY) by \u003Ca href=\"http:\u002F\u002Ffatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Bulgarian (bg_BG) by \u003Ca href=\"http:\u002F\u002Fwww.siteground.com\u002F\" rel=\"nofollow ugc\">SiteGround\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) by Axel Vanderhaeghen\u003C\u002Fli>\n\u003Cli>German (de_DE) by Guido Kerkewitz\u003C\u002Fli>\n\u003Cli>Italian (it_IT) translation by Francesco Bevivino\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) by Web Hosting Geeks (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Web\u003Cbr \u002F>\nGeek Sciense\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Swedish (se_SV) by \u003Ca href=\"http:\u002F\u002Fwww.rabatt.se\" rel=\"nofollow ugc\">Rabatt\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ukranian (uk_UA) by \u003Ca href=\"http:\u002F\u002Fgetvoip.com\u002Fblog\" rel=\"nofollow ugc\">Michael Yunat\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you would like to send me a translation, please write to me through \u003Ca href=\"http:\u002F\u002Fsillybean.net\u002Fabout\u002Fcontact\u002F\" rel=\"nofollow ugc\">my contact page\u003C\u002Fa>. Let me know which plugin you’ve translated and how you would like to be credited. I will write you back so you can attach the files in your reply.\u003C\u002Fp>\n","The very simplest of notepads for your Dashboard.",92629,12,"2017-11-28T13:39:00.000Z","4.1.42","2.8",[22,124,23],"notes","http:\u002F\u002Fsillybean.net\u002Fcode\u002Fwordpress\u002Fdashboard-notepad\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-notepad.1.42.zip",63,"2025-09-22 00:00:00",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":94,"downloaded":137,"rating":138,"num_ratings":139,"last_updated":140,"tested_up_to":141,"requires_at_least":142,"requires_php":55,"tags":143,"homepage":147,"download_link":148,"security_score":96,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wp-widget-disable","Widget Disable","3.0.1","required","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearerequired\u002F","\u003Cp>This simple plugin allows you to disable any sidebar and dashboard widget for the current WordPress site you are on. It provides a simple user interface available to users with \u003Ccode>edit_theme_options\u003C\u002Fcode> capabilities (usually Administrator role) available under Appearance -> Disable Widgets.\u003Cbr \u002F>\nAfter saving the settings, the sidebar and dashboard widgets are removed from and the user can’t see those widgets anymore.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer? Get to know the hooks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Have a look at the filters we provide:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp_widget_disable_default_sidebar_widgets\u003C\u002Fcode> – Allows you to exclude certain sidebar widgets from being disabled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp_widget_disable_default_dashboard_widgets\u003C\u002Fcode> – Allows you to exclude certain dashboard widgets from being disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Contributions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you would like to contribute to this plugin, report an issue or anything like that, please note that we develop this plugin on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwearerequired\u002FWP-Widget-Disable\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Frequired.com\u002F\" title=\"Team of experienced web professionals from Switzerland & Germany\" rel=\"nofollow ugc\">required\u003C\u002Fa>\u003C\u002Fp>\n","Disable sidebar and dashboard widgets with an easy to use interface.",185111,96,24,"2024-11-18T13:40:00.000Z","6.7.5","6.0",[78,22,144,145,146],"dashboard-widgets","sidebar-widgets","widgets","https:\u002F\u002Frequired.com\u002Fservices\u002Fwordpress-plugins\u002Fwp-widget-disable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-disable.3.0.1.zip",{"attackSurface":150,"codeSignals":193,"taintFlows":222,"riskAssessment":241,"analyzedAt":254},{"hooks":151,"ajaxHandlers":189,"restRoutes":190,"shortcodes":191,"cronEvents":192,"entryPointCount":27,"unprotectedCount":27},[152,157,161,165,170,172,177,181,185,188],{"type":153,"name":154,"callback":155,"file":156,"line":73},"action","admin_enqueue_scripts","enqueue_admin_styles","admin\\class-bugherd-dashboard-admin.php",{"type":153,"name":158,"callback":159,"file":156,"line":160},"wp_dashboard_setup","add_bugherd_dashboard_widget",50,{"type":153,"name":162,"callback":163,"file":156,"line":164},"wp_footer","display_bugherd",52,{"type":153,"name":166,"callback":167,"file":168,"line":169},"plugins_loaded","get_instance","bugherd-dashboard.php",37,{"type":153,"name":166,"callback":167,"file":168,"line":171},46,{"type":153,"name":173,"callback":174,"file":175,"line":176},"init","load_plugin_textdomain","public\\class-bugherd-dashboard.php",54,{"type":153,"name":178,"callback":179,"file":175,"line":180},"wpmu_new_blog","activate_new_site",57,{"type":153,"name":182,"callback":183,"file":175,"line":184},"wp_enqueue_scripts","enqueue_styles",60,{"type":153,"name":182,"callback":186,"file":175,"line":187},"enqueue_scripts",61,{"type":153,"name":162,"callback":163,"file":175,"line":127},[],[],[],[],{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":197,"fileOperations":27,"externalRequests":14,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":221},[],{"prepared":14,"raw":27,"locations":196},[],{"escaped":27,"rawEcho":198,"locations":199},10,[200,203,205,207,209,211,213,215,217,219],{"file":201,"line":139,"context":202},"admin\\views\\dashboard-activity-settings.php","raw output",{"file":201,"line":204,"context":202},29,{"file":201,"line":206,"context":202},33,{"file":208,"line":11,"context":202},"admin\\views\\dashboard-activity.php",{"file":208,"line":210,"context":202},41,{"file":208,"line":212,"context":202},42,{"file":208,"line":214,"context":202},43,{"file":208,"line":216,"context":202},44,{"file":208,"line":218,"context":202},45,{"file":175,"line":220,"context":202},294,[],[223],{"entryPoint":224,"graph":225,"unsanitizedCount":14,"severity":240},"\u003Cdashboard-activity-settings> (admin\\views\\dashboard-activity-settings.php:0)",{"nodes":226,"edges":237},[227,232],{"id":228,"type":229,"label":230,"file":201,"line":231},"n0","source","$_POST['bugherd_settings']",13,{"id":233,"type":234,"label":235,"file":201,"line":231,"wp_function":236},"n1","sink","update_option() [Settings Manipulation]","update_option",[238],{"from":228,"to":233,"sanitized":239},false,"low",{"summary":242,"deductions":243},"The 'bugherd-dashboard' plugin v1.0.0 presents a mixed security posture.  On the positive side, it has a zero attack surface from AJAX handlers, REST API routes, shortcodes, and cron events, with no recorded vulnerabilities (CVEs) or bundled outdated libraries. The static analysis shows no dangerous functions, file operations, or external HTTP requests that are inherently risky.  However, significant concerns arise from the complete lack of capability checks and nonce checks. This means that any functionality exposed, even if currently minimal, is not protected by WordPress's built-in authorization mechanisms.\n\nThe most prominent issue highlighted by the static analysis is the 0% output escaping. This indicates that data displayed to users is not properly sanitized, leaving the plugin vulnerable to Cross-Site Scripting (XSS) attacks. While the taint analysis shows only one flow with unsanitized paths and no critical or high severity issues, the lack of output escaping on all 10 identified outputs is a serious oversight.  The SQL query is prepared, which is a strength, but the lack of authorization checks and proper output sanitization are critical weaknesses that could be exploited.\n\nGiven the absence of past vulnerabilities, it's possible the plugin developers have been diligent or that the plugin's functionality is limited, thus not attracting exploit attempts. However, the current code exhibits fundamental security flaws, particularly concerning output sanitization and authorization, that should be addressed immediately to prevent potential compromises.",[244,247,249,251],{"reason":245,"points":246},"0% output escaping",8,{"reason":248,"points":198},"0 nonce checks",{"reason":250,"points":198},"0 capability checks",{"reason":252,"points":253},"1 flow with unsanitized paths",5,"2026-03-16T22:05:00.493Z",{"wat":256,"direct":263},{"assetPaths":257,"generatorPatterns":259,"scriptPaths":260,"versionParams":261},[258],"\u002Fwp-content\u002Fplugins\u002Fbugherd-dashboard\u002Fassets\u002Fcss\u002Fadmin.css",[],[],[262],"bugherd-dashboard\u002Fassets\u002Fcss\u002Fadmin.css?ver=",{"cssClasses":264,"htmlComments":266,"htmlAttributes":267,"restEndpoints":268,"jsGlobals":269,"shortcodeOutput":270},[265],"dashboard-bugherd-widget",[],[],[],[],[]]