[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5MXrHPbVX05las995GHrSw-_ynYn5GY13U8U-E3SsDQ":3,"$fGoEWyT3D2msRnOB2wvKmd4etdbzLUxPzN-Bo0tCex9Y":779,"$f6nkbiF8Kfnz6vGZw5w6lfQ9LQmsgAQIDSv-5wd1WLr4":783},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":41,"analysis":144,"fingerprints":726},"chief-editor","Chief Editor","5.4.3","termel","https:\u002F\u002Fprofiles.wordpress.org\u002Fmunger41\u002F","\u003Cp>This plugin is aimed to \u003Cem>help the multisite wordpress editor-in-chief\u003C\u002Fem> in order to plan publication of posts. Both PRINT and WEB workflows.\u003Cbr \u002F>\nMore particularly:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Manage all posts\u003C\u002Fem> across all sites in the network : they are shown with a link to the article for quick reviewing or editing.\u003C\u002Fli>\n\u003Cli>\u003Cem>See all recent comments\u003C\u002Fem> accross the network of a multisite install, a link allow the user to answer directly.\u003C\u002Fli>\n\u003Cli>\u003Cem>Author stats\u003C\u002Fem> tab allow you to compare all authors efficiency accross the network. And give much more stats.\u003C\u002Fli>\n\u003Cli>\u003Cem>One button ready for publication\u003C\u002Fem> notification process in order for authors to receive their post and validate it before publication\u003C\u002Fli>\n\u003Cli>\u003Cem>Calendar\u003C\u002Fem>, allowing for global point of view, is available for chief editor of blog network.\u003C\u002Fli>\n\u003Cli>\u003Cem>Roles aware\u003C\u002Fem> allow editors to manage almost all, and contributors to only see prepared posts.\u003C\u002Fli>\n\u003Cli>\u003Cem>Custom statistics\u003C\u002Fem> for more precise control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Serbo-Croatian : https:\u002F\u002Fwebhostinggeeks.com\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","Helps wordpress multisite \"chief editor\" to manage all drafts, comments, authors and \"ready for publication\" sends across the netw &hellip;",10,3519,80,2,"2020-01-29T16:17:00.000Z","4.9.29","3.5","",[20,21,22,23,24],"author","chief","draft","editor","multisite","http:\u002F\u002Fwww.termel.fr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchief-editor.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":37,"avg_patch_time_days":38,"trust_score":39,"computed_at":40},"munger41",16,810,83,30,82,"2026-05-19T23:28:32.018Z",[42,64,86,107,125],{"slug":43,"name":44,"version":45,"author":46,"author_profile":47,"description":48,"short_description":49,"active_installs":50,"downloaded":51,"rating":52,"num_ratings":53,"last_updated":54,"tested_up_to":55,"requires_at_least":56,"requires_php":57,"tags":58,"homepage":62,"download_link":63,"security_score":52,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"admin-page-notes","Admin Page Notes","2.2.0","Anadar","https:\u002F\u002Fprofiles.wordpress.org\u002Fdlfulle\u002F","\u003Cp>Have you ever created a page template that just aggregated posts of a custom post type? Pretty cool huh?\u003C\u002Fp>\n\u003Cp>Well, your client won’t think it’s that cool 2 months from now when they’re editing their site. They click “edit page” \u003Cem>and it’s blank!\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>Now you can add notes and links on these pages that will give your clients, authors or other editors, clear directions when editing their site. Check out the screenshots to see it in action.\u003C\u002Fp>\n","Gives administrators the ability to add notes to posts of any post type (including pages) that are prominently displayed for users editing the site.",800,10524,100,9,"2026-03-10T20:00:00.000Z","6.9.4","5.7","8.1",[59,20,60,23,61],"admin","collaboration","usability","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-page-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-page-notes.2.2.0.zip",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":13,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":77,"requires_php":18,"tags":78,"homepage":84,"download_link":85,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"author-hreview","Author hReview","1.0","Hesham Zebida","https:\u002F\u002Fprofiles.wordpress.org\u002Fhishaman\u002F","\u003Cp>Add hReview and AggregateRating support based on schema.org, which help you increase search traffic by making SERP results more eye-catching. This plugin supports only the editorial ratings submission (editor\u002Fauthor rating), this means customers and site visitors are not involved in the rating or review process, this means rating reflects only the author’s opinion. This plugin is written by \u003Ca href=\"http:\u002F\u002Fzebida.com\u002F\" rel=\"nofollow ugc\">Hesham Zebida\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Premium Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  There is also a \u003Ca href=\"http:\u002F\u002Fauthorhreview.com\u002Fplugins\u002Fauthor-hreview\u002F\" rel=\"nofollow ugc\">premium version\u003C\u002Fa> of the plugin that gives you more features, templates and control over your reviews.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>More Advanced Plugins\u003C\u002Fstrong>\u003Cbr \u002F>\n  Looking for more functionality? We recommend the all new \u003Ca href=\"https:\u002F\u002Fwprichsnippets.com\u002F\" rel=\"nofollow ugc\">WPRichSnippets\u003C\u002Fa> plugin, more schema.org types plus awesome \u003Ca href=\"https:\u002F\u002Fwprichsnippets.com\u002Faddons\u002F\" rel=\"nofollow ugc\">add-on plugins\u003C\u002Fa> that extends the WPRichSnippets plugin functionality. View the \u003Ca href=\"https:\u002F\u002Fwprichsnippets.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">plugin documentation\u003C\u002Fa> pages and \u003Ca href=\"http:\u002F\u002Fauthorhreview.com\u002Fshowcase\u002F\" rel=\"nofollow ugc\">Showcase Gallery\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>View \u003Ca href=\"http:\u002F\u002Fdemo.wprichsnippets.com\u002Fwprs\u002F\" rel=\"nofollow ugc\">WPRichSnippets Live Demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Why You Should Implement Rich Snippets\u003C\u002Fh4>\n\u003Cp>According to Google, rich snippets “extract and show more useful information from web pages than the preview text that you are used to seeing.” Significantly, Google is using structured data open standards such as microformats and RDFa to power the rich snippets feature. Google is is inviting publishers to mark up their HTML. Webmasters can find more detailed information about Google rich snippets \u003Ca href=\"http:\u002F\u002Fgooglewebmastercentral.blogspot.com\u002F2011\u002F12\u002Frich-snippets-instructional-videos.html\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Google’s Rich Snippets Testing Tool\u003C\u002Fh4>\n\u003Cp>After installing the plugin, and once you publish your first review on your blog, use Google Rich Snippets \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Fstructured-data\u002Ftesting-tool\u002F\" rel=\"nofollow ugc\">Testing Tool\u003C\u002Fa> to check your markup and make sure that Google can extract the structured data from your review. The plugin should validate in the Testing Tool.\u003C\u002Fp>\n\u003Ch4>Spam Reporting For Google Rich Snippets\u003C\u002Fh4>\n\u003Cp>Abusing search engines in not a good practice, especially if this can hurt others, some webmasters fake or fabricate reviews in a try to get more traffic to their sites. You can easily report them to Google. If you see any spam reviews fill this \u003Ca href=\"http:\u002F\u002Fsupport.google.com\u002Fwebmasters\u002Fbin\u002Frequest.py?hl=en&contact_type=rich_snippets_spam\" rel=\"nofollow ugc\">form\u003C\u002Fa> to report it to Google.\u003C\u002Fp>\n","Add Google Rich Snippets for reviews based on schema.org for a better WordPress SEO, customize search results with rating stars for more traffic and c &hellip;",300,73180,21,"2017-10-17T17:38:00.000Z","4.8.28","4.0",[79,80,81,82,83],"aggregate-rating","author-reviews","editor-reviews","hreview","product-reviews","http:\u002F\u002Fauthorhreview.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthor-hreview.zip",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":52,"downloaded":94,"rating":52,"num_ratings":95,"last_updated":96,"tested_up_to":16,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":103,"download_link":104,"security_score":105,"vuln_count":95,"unpatched_count":95,"last_vuln_date":106,"fetched_at":30},"draft-notify","Draft Notify","1.5","TouchOfTech","https:\u002F\u002Fprofiles.wordpress.org\u002Ftouchoftech\u002F","\u003Cp>I run multiple blogs and have the ability for people to sign up and write content for me. I was disappointed that WordPress does not have anything built it to alert me with an email notification when a new author writes something. I don�t log into the sites unless I have to, so new content may sit for a while without being noticed. I did find 1 plugin that would accomplish the email, but it was buggy. So I�ve written my own and am willing to share it with you. Specifically this plugin is designed to email you when an author saves a draft. Now there are some additional settings, but check them out below. As always, suggestions are welcome, just leave them in the comments along with any bugs you might encounter.\u003C\u002Fp>\n\u003Ch4>Draft Notify Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Emails when a Draft is saved.\u003C\u002Fli>\n\u003Cli>Can email a specific email address or all users above a certain access level.\u003C\u002Fli>\n\u003Cli>Can email out whenever a revision is saved, or it can ignore revisions and only email when the first draft is saved.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is designed to send an email notification whenever a draft is saved.",5384,1,"2018-04-05T18:48:00.000Z","3.0.1",[99,100,101,102],"authors","draft-notification","drafts","email-notification","http:\u002F\u002Fwww.touchoftechnology.com\u002Fdraft-notify-wp-plugin-to-send-an-email-when-an-author-saves-a-draft\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdraft-notify.zip",63,"2025-12-21 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":52,"downloaded":115,"rating":28,"num_ratings":28,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":123,"download_link":124,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"theme-companion","Theme Companion","1.0.2","Frumph","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrumph\u002F","\u003Cp>Companion is intended to assist users designing their sites without editing their original style.css files.\u003C\u002Fp>\n\u003Cp>Companion’s features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Editing CSS stylesheets that override the original style.css in the theme.\u003C\u002Fli>\n\u003Cli>Add custom information into the head area of your site\u002Fpage for non-wpmu sites. – Does NOT activate for Multisite\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Please do *not* copy the entire style.css into the editor, the editor is used for placing specific element changes. If you want to change the background of your entire site you do\u003C\u002Fh4>\n\u003Cp>body { background: #333333; }\u003C\u002Fp>\n\u003Cp>333333 being swapped for the color that you want to use.\u003C\u002Fp>\n\u003Cp>Notice that you do \u003Cem>not\u003C\u002Fem> need to replace the entire CSS element but just the portion you want to override \u002F change.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Companion is released under the GNU GPL version 3.0 or later.\u003C\u002Fp>\n","This plugin is used to assist in designing sites without editing the original style.css",4413,"2014-11-03T19:47:00.000Z","4.0.38","3.0",[120,121,23,24,122],"companion","css","theme","http:\u002F\u002Ffrumph.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-companion.zip",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":52,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":97,"requires_php":138,"tags":139,"homepage":18,"download_link":143,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-autosave","Wp-autosave","1.1.1","wpautosave","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpautosave\u002F","\u003Cp>“Wp-autosave” plugin is for automatically saving posts  being written in the Classic Editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin works as an additional module to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-editor\u002F\" rel=\"ugc\">Classic Editor\u003C\u002Fa> plugin by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002Fclassic-editor\u002F\" rel=\"nofollow ugc\">WordPress Contributors\u003C\u002Fa> since \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fwordpress-version\u002Fversion-5-0\u002F\" rel=\"ugc\">WordPress version 5.0+\u003C\u002Fa>, because the original Classic Editor was replaced with a new editor – Gutenberg.\u003Cbr \u002F>\nSo the original Classic Editor plugin is required to work with WP-Autosave plugin for all actual WordPress versions.\u003C\u002Fp>\n\u003Cp>In case of older versions of WordPress (\u003C5.0), the original Classic Editor plugin is not required because Classic Editor is used by default.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Major features of plugin:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Auto-save post to drafts at regular time intervals by multipart requests. \u003Cem>(To check the functionality it’s enough to have the rights to create an entry in the wp-blog (you can test through a user-account) – you will see all requests through the developer tools or some other tools)\u003C\u002Fem>\u003Cbr \u002F>\n– Intellectual immediately auto-save post to drafts when you change the text in the editor\u003Cbr \u002F>\n– You can attach a time-stamp to request through the settings of the plugin (appendix time of saving in the query)\u003Cbr \u002F>\n– You can set your auto-save interval\u003Cbr \u002F>\n– You can choose the type of saving – by time intervals or when content is changed\u003C\u002Fp>\n","\"Wp-autosave\" plugin is for automatically saving posts being written in the Classic Editor",3880,74,3,"2019-12-18T15:57:00.000Z","5.3.21","5.6",[140,22,23,141,142],"autosave","post","save","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-autosave.zip",{"attackSurface":145,"codeSignals":278,"taintFlows":618,"riskAssessment":709,"analyzedAt":725},{"hooks":146,"ajaxHandlers":239,"restRoutes":262,"shortcodes":263,"cronEvents":276,"entryPointCount":53,"unprotectedCount":277},[147,153,156,159,162,166,170,173,176,181,185,189,192,195,199,203,207,212,216,219,221,224,229,232,236],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","admin_init","register_general_settings","admin\u002Fchief-editor-admin.php",158,{"type":148,"name":149,"callback":154,"file":151,"line":155},"register_calendar_tab",163,{"type":148,"name":149,"callback":157,"file":151,"line":158},"register_advanced_settings",167,{"type":148,"name":149,"callback":160,"file":151,"line":161},"register_stats_tab",171,{"type":148,"name":163,"callback":164,"file":151,"line":165},"admin_menu","add_admin_menus",176,{"type":148,"name":167,"callback":168,"file":151,"line":169},"network_admin_menu","chiefed_create_network_menus",199,{"type":148,"name":167,"callback":171,"file":151,"line":172},"update_chiefed_options",203,{"type":148,"name":163,"callback":174,"file":151,"line":175},"chiefed_create_menus",207,{"type":148,"name":177,"callback":178,"file":179,"line":180},"init","register_status","admin\u002Fchiefed_custom_status.php",76,{"type":148,"name":182,"callback":183,"file":179,"line":184},"admin_footer","set_status",77,{"type":148,"name":186,"callback":186,"file":187,"line":188},"add_meta_boxes","admin\u002Fmeta_boxes.php",115,{"type":148,"name":190,"callback":190,"file":187,"line":191},"save_post",119,{"type":148,"name":190,"callback":193,"file":187,"line":194},"save_custom_meta_data",123,{"type":148,"name":196,"callback":197,"file":187,"line":198},"post_edit_form_tag","update_edit_form",127,{"type":148,"name":177,"callback":200,"file":201,"line":202},"predp_custom_post_status","admin\u002Fpre_desktop_publishing.php",32,{"type":148,"name":204,"callback":205,"file":201,"line":206},"admin_footer-post.php","predp_append_post_status_list",36,{"type":208,"name":209,"callback":210,"priority":11,"file":201,"line":211},"filter","wpfc_ajax_post","chiefed_set_item_color",42,{"type":208,"name":213,"callback":214,"file":201,"line":215},"wp_insert_post_data","modify_shot_content",48,{"type":148,"name":177,"callback":217,"file":201,"line":218},"register_cpt_pre_desktop_publishing",79,{"type":148,"name":177,"callback":220,"file":201,"line":37},"chiefed_register_taxonomy_periodical",{"type":148,"name":177,"callback":222,"file":201,"line":223},"register_cpt_periodical_shot",87,{"type":148,"name":225,"callback":226,"file":227,"line":228},"admin_enqueue_scripts","chiefed_admin_scripts","chief-editor.php",51,{"type":148,"name":177,"callback":230,"file":227,"line":231},"chief_editor_load_lang",52,{"type":148,"name":233,"callback":234,"file":227,"line":235},"wp_enqueue_scripts","chiefed_adding_styles",53,{"type":148,"name":233,"callback":237,"file":238,"line":38},"chiefed_load_datatables","chiefed_front_datatable.php",[240,245,249,253,256,260],{"action":241,"nopriv":242,"callback":243,"hasNonce":242,"hasCapCheck":242,"file":151,"line":244},"ce_send_author_std_validation_email",false,"ce_process_ajax",181,{"action":246,"nopriv":242,"callback":247,"hasNonce":242,"hasCapCheck":242,"file":151,"line":248},"ce_send_author_std_validation_email_confirmed","ce_process_ajax_bat_confirm",185,{"action":250,"nopriv":242,"callback":251,"hasNonce":242,"hasCapCheck":242,"file":151,"line":252},"chiefed_get_table_data","chiefed_get_datatables_data",190,{"action":250,"nopriv":254,"callback":251,"hasNonce":242,"hasCapCheck":242,"file":151,"line":255},true,194,{"action":257,"nopriv":242,"callback":258,"hasNonce":242,"hasCapCheck":242,"file":201,"line":259},"chiefed_extract_images_to_gallery","chiefed_extract_all_images_from_source_to_gallery",94,{"action":257,"nopriv":254,"callback":258,"hasNonce":242,"hasCapCheck":242,"file":201,"line":261},98,[],[264,268,272],{"tag":265,"callback":266,"file":151,"line":267},"chiefeditor_post_list","displayPostListWithStatuses_fn",212,{"tag":269,"callback":270,"file":238,"line":271},"chiefed_editor_dashboard","chiefedCreateEditorDashBoard",18,{"tag":273,"callback":274,"file":238,"line":275},"chiefed_shot_single_page","chiefedCreateSingleShotDashBoard",24,[],6,{"dangerousFunctions":279,"sqlUsage":303,"outputEscaping":306,"fileOperations":610,"externalRequests":28,"nonceChecks":611,"capabilityChecks":612,"bundledLibraries":613},[280,285,286,289,292,297,299,302],{"fn":281,"file":282,"line":283,"context":284},"exec","admin\u002Fadmin_settings.php",65,"$cmdOut = exec($cmd, $outputArray);",{"fn":281,"file":282,"line":134,"context":284},{"fn":281,"file":282,"line":287,"context":288},95,"$pythonVersion = exec($pyCmd, $outputArray);",{"fn":281,"file":282,"line":290,"context":291},126,"$pythonVersion = exec($cmd, $outputArray);",{"fn":293,"file":294,"line":295,"context":296},"shell_exec","admin\u002Fchiefed_image_processing.php",61,"$retValue = shell_exec ( $pyCmd );",{"fn":293,"file":294,"line":298,"context":296},66,{"fn":293,"file":294,"line":300,"context":301},71,"$retValue = shell_exec ( $cmd );",{"fn":293,"file":294,"line":27,"context":296},{"prepared":304,"raw":28,"locations":305},17,[],{"escaped":307,"rawEcho":308,"locations":309},118,155,[310,313,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396,398,400,402,404,406,408,409,410,412,414,416,418,420,422,424,425,427,429,431,433,434,436,438,439,441,443,444,446,448,450,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,569,571,573,575,577,579,581,583,585,587,589,591,593,594,595,597,599,601,603,604,606,608],{"file":282,"line":311,"context":312},156,"raw output",{"file":282,"line":152,"context":312},{"file":282,"line":315,"context":312},160,{"file":282,"line":317,"context":312},178,{"file":282,"line":319,"context":312},197,{"file":282,"line":321,"context":312},216,{"file":282,"line":323,"context":312},225,{"file":282,"line":325,"context":312},227,{"file":282,"line":327,"context":312},228,{"file":282,"line":329,"context":312},235,{"file":282,"line":331,"context":312},241,{"file":282,"line":333,"context":312},259,{"file":282,"line":335,"context":312},292,{"file":282,"line":337,"context":312},302,{"file":282,"line":339,"context":312},324,{"file":282,"line":341,"context":312},418,{"file":282,"line":343,"context":312},451,{"file":282,"line":345,"context":312},452,{"file":282,"line":347,"context":312},453,{"file":282,"line":349,"context":312},484,{"file":282,"line":351,"context":312},508,{"file":282,"line":353,"context":312},513,{"file":282,"line":355,"context":312},519,{"file":282,"line":357,"context":312},541,{"file":282,"line":359,"context":312},566,{"file":282,"line":361,"context":312},613,{"file":282,"line":363,"context":312},642,{"file":282,"line":365,"context":312},659,{"file":282,"line":367,"context":312},684,{"file":282,"line":369,"context":312},685,{"file":282,"line":371,"context":312},691,{"file":282,"line":373,"context":312},724,{"file":282,"line":375,"context":312},742,{"file":282,"line":377,"context":312},754,{"file":282,"line":379,"context":312},768,{"file":282,"line":381,"context":312},778,{"file":282,"line":383,"context":312},779,{"file":282,"line":385,"context":312},780,{"file":282,"line":387,"context":312},805,{"file":282,"line":389,"context":312},823,{"file":282,"line":391,"context":312},826,{"file":282,"line":393,"context":312},830,{"file":282,"line":395,"context":312},834,{"file":282,"line":397,"context":312},855,{"file":151,"line":399,"context":312},37,{"file":151,"line":401,"context":312},38,{"file":151,"line":403,"context":312},39,{"file":151,"line":405,"context":312},41,{"file":151,"line":407,"context":312},43,{"file":151,"line":235,"context":312},{"file":151,"line":283,"context":312},{"file":151,"line":411,"context":312},73,{"file":151,"line":413,"context":312},286,{"file":151,"line":415,"context":312},430,{"file":151,"line":417,"context":312},479,{"file":151,"line":419,"context":312},550,{"file":151,"line":421,"context":312},587,{"file":151,"line":423,"context":312},641,{"file":151,"line":363,"context":312},{"file":151,"line":426,"context":312},643,{"file":151,"line":428,"context":312},655,{"file":151,"line":430,"context":312},656,{"file":151,"line":432,"context":312},657,{"file":151,"line":365,"context":312},{"file":151,"line":435,"context":312},660,{"file":151,"line":437,"context":312},662,{"file":151,"line":373,"context":312},{"file":151,"line":440,"context":312},760,{"file":151,"line":442,"context":312},794,{"file":151,"line":387,"context":312},{"file":151,"line":445,"context":312},809,{"file":151,"line":447,"context":312},832,{"file":151,"line":449,"context":312},833,{"file":151,"line":395,"context":312},{"file":151,"line":452,"context":312},848,{"file":151,"line":454,"context":312},850,{"file":151,"line":456,"context":312},851,{"file":151,"line":458,"context":312},859,{"file":151,"line":460,"context":312},869,{"file":151,"line":462,"context":312},870,{"file":151,"line":464,"context":312},871,{"file":151,"line":466,"context":312},893,{"file":151,"line":468,"context":312},903,{"file":151,"line":470,"context":312},904,{"file":151,"line":472,"context":312},919,{"file":151,"line":474,"context":312},920,{"file":151,"line":476,"context":312},938,{"file":151,"line":478,"context":312},940,{"file":151,"line":480,"context":312},1181,{"file":151,"line":482,"context":312},1183,{"file":151,"line":484,"context":312},1185,{"file":151,"line":486,"context":312},1187,{"file":151,"line":488,"context":312},1190,{"file":151,"line":490,"context":312},1257,{"file":151,"line":492,"context":312},1259,{"file":151,"line":494,"context":312},1262,{"file":151,"line":496,"context":312},1321,{"file":151,"line":498,"context":312},1397,{"file":151,"line":500,"context":312},1400,{"file":151,"line":502,"context":312},1412,{"file":151,"line":504,"context":312},1414,{"file":151,"line":506,"context":312},1612,{"file":151,"line":508,"context":312},1617,{"file":151,"line":510,"context":312},1622,{"file":151,"line":512,"context":312},1641,{"file":151,"line":514,"context":312},1788,{"file":151,"line":516,"context":312},1884,{"file":151,"line":518,"context":312},1899,{"file":151,"line":520,"context":312},1976,{"file":151,"line":522,"context":312},1995,{"file":151,"line":524,"context":312},2066,{"file":151,"line":526,"context":312},2074,{"file":151,"line":528,"context":312},2077,{"file":151,"line":530,"context":312},2136,{"file":151,"line":532,"context":312},2146,{"file":151,"line":534,"context":312},2162,{"file":151,"line":536,"context":312},2170,{"file":151,"line":538,"context":312},2174,{"file":151,"line":540,"context":312},2191,{"file":151,"line":542,"context":312},2207,{"file":151,"line":544,"context":312},2212,{"file":151,"line":546,"context":312},2214,{"file":151,"line":548,"context":312},2217,{"file":151,"line":550,"context":312},2220,{"file":151,"line":552,"context":312},2224,{"file":151,"line":554,"context":312},2226,{"file":151,"line":556,"context":312},2229,{"file":151,"line":558,"context":312},2231,{"file":151,"line":560,"context":312},2233,{"file":151,"line":562,"context":312},2241,{"file":151,"line":564,"context":312},2244,{"file":151,"line":566,"context":312},2246,{"file":151,"line":568,"context":312},2247,{"file":151,"line":570,"context":312},2248,{"file":151,"line":572,"context":312},2249,{"file":151,"line":574,"context":312},2251,{"file":151,"line":576,"context":312},2582,{"file":151,"line":578,"context":312},2588,{"file":151,"line":580,"context":312},2591,{"file":151,"line":582,"context":312},2594,{"file":151,"line":584,"context":312},2597,{"file":151,"line":586,"context":312},2615,{"file":151,"line":588,"context":312},2691,{"file":151,"line":590,"context":312},2803,{"file":179,"line":592,"context":312},105,{"file":179,"line":592,"context":312},{"file":179,"line":592,"context":312},{"file":179,"line":596,"context":312},106,{"file":187,"line":598,"context":312},262,{"file":187,"line":600,"context":312},306,{"file":187,"line":602,"context":312},459,{"file":201,"line":175,"context":312},{"file":201,"line":605,"context":312},208,{"file":201,"line":607,"context":312},437,{"file":201,"line":609,"context":312},785,11,8,19,[614],{"name":615,"version":616,"knownCves":617},"DataTables","1.10.16",[],[619,641,652,676,686,700],{"entryPoint":620,"graph":621,"unsanitizedCount":95,"severity":640},"ce_process_ajax_bat_confirm (admin\u002Fchief-editor-admin.php:309)",{"nodes":622,"edges":637},[623,628,632],{"id":624,"type":625,"label":626,"file":151,"line":627},"n0","source","$_POST",318,{"id":629,"type":630,"label":631,"file":151,"line":627},"n1","transform","→ send_notification_email_to_author_of_post()",{"id":633,"type":634,"label":635,"file":151,"line":417,"wp_function":636},"n2","sink","echo() [XSS]","echo",[638,639],{"from":624,"to":629,"sanitized":242},{"from":629,"to":633,"sanitized":242},"medium",{"entryPoint":642,"graph":643,"unsanitizedCount":651,"severity":640},"ce_process_ajax (admin\u002Fchief-editor-admin.php:590)",{"nodes":644,"edges":649},[645,648],{"id":624,"type":625,"label":646,"file":151,"line":647},"$_POST (x7)",595,{"id":629,"type":634,"label":635,"file":151,"line":423,"wp_function":636},[650],{"from":624,"to":629,"sanitized":242},7,{"entryPoint":653,"graph":654,"unsanitizedCount":95,"severity":640},"\u003Cchief-editor-admin> (admin\u002Fchief-editor-admin.php:0)",{"nodes":655,"edges":671},[656,659,660,663,665,667,669],{"id":624,"type":625,"label":657,"file":151,"line":658},"$_POST (x11)",239,{"id":629,"type":634,"label":635,"file":151,"line":417,"wp_function":636},{"id":633,"type":625,"label":661,"file":151,"line":662},"$_GET",845,{"id":664,"type":634,"label":635,"file":151,"line":460,"wp_function":636},"n3",{"id":666,"type":625,"label":626,"file":151,"line":627},"n4",{"id":668,"type":630,"label":631,"file":151,"line":627},"n5",{"id":670,"type":634,"label":635,"file":151,"line":417,"wp_function":636},"n6",[672,673,674,675],{"from":624,"to":629,"sanitized":254},{"from":633,"to":664,"sanitized":254},{"from":666,"to":668,"sanitized":242},{"from":668,"to":670,"sanitized":242},{"entryPoint":677,"graph":678,"unsanitizedCount":14,"severity":640},"chiefed_extract_all_images_from_source_to_gallery (admin\u002Fpre_desktop_publishing.php:185)",{"nodes":679,"edges":684},[680,683],{"id":624,"type":625,"label":681,"file":201,"line":682},"$_POST (x2)",187,{"id":629,"type":634,"label":635,"file":201,"line":175,"wp_function":636},[685],{"from":624,"to":629,"sanitized":242},{"entryPoint":687,"graph":688,"unsanitizedCount":135,"severity":640},"\u003Cpre_desktop_publishing> (admin\u002Fpre_desktop_publishing.php:0)",{"nodes":689,"edges":697},[690,691,692,693],{"id":624,"type":625,"label":681,"file":201,"line":682},{"id":629,"type":634,"label":635,"file":201,"line":175,"wp_function":636},{"id":633,"type":625,"label":626,"file":201,"line":682},{"id":664,"type":634,"label":694,"file":201,"line":695,"wp_function":696},"file_put_contents() [File Write]",1033,"file_put_contents",[698,699],{"from":624,"to":629,"sanitized":242},{"from":633,"to":664,"sanitized":242},{"entryPoint":701,"graph":702,"unsanitizedCount":28,"severity":708},"chief_editor_options_page (admin\u002Fchief-editor-admin.php:843)",{"nodes":703,"edges":706},[704,705],{"id":624,"type":625,"label":661,"file":151,"line":662},{"id":629,"type":634,"label":635,"file":151,"line":460,"wp_function":636},[707],{"from":624,"to":629,"sanitized":254},"low",{"summary":710,"deductions":711},"The \"chief-editor\" plugin version 5.4.3 exhibits a concerning security posture due to a significant number of unprotected AJAX handlers and the presence of dangerous functions like `exec` and `shell_exec` within its code. While the plugin demonstrates good practices in SQL query handling by exclusively using prepared statements and a reasonable number of nonce and capability checks, the high percentage of improperly escaped output (43%) is a notable weakness that could lead to cross-site scripting (XSS) vulnerabilities.  The taint analysis reveals several flows with unsanitized paths, although they are not currently classified as critical or high severity. This suggests a potential for input manipulation issues that could be exploited if combined with other vulnerabilities.\n\nThe plugin's vulnerability history is a strong positive point, with zero recorded CVEs. This indicates a generally well-maintained codebase or at least a lack of publicly disclosed security flaws to date. However, this should not overshadow the immediate risks identified in the static analysis. The combination of unprotected entry points and dangerous functions presents a clear attack vector that warrants immediate attention. The plugin has strengths in data handling and a clean CVE history but significant weaknesses in input validation and output escaping, and an exposed attack surface.",[712,714,717,719,722],{"reason":713,"points":11},"Unprotected AJAX handlers",{"reason":715,"points":716},"Dangerous functions (exec, shell_exec)",15,{"reason":718,"points":651},"Unescaped output percentage is high",{"reason":720,"points":721},"Flows with unsanitized paths",5,{"reason":723,"points":724},"Bundled outdated library (DataTables v1.10.16)",4,"2026-04-16T12:39:18.803Z",{"wat":727,"direct":753},{"assetPaths":728,"generatorPatterns":742,"scriptPaths":743,"versionParams":744},[729,730,731,732,733,734,735,736,737,738,739,740,741],"\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Flibs\u002Fjqueryui\u002F1.12.1\u002Fjquery-ui.min.css","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Flibs\u002Fjqueryui\u002F1.12.1\u002Fjquery-ui.min.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Flibs\u002Fnode_modules\u002Fsweetalert2\u002Fdist\u002Fsweetalert2.min.css","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Flibs\u002Fnode_modules\u002Fsweetalert2\u002Fdist\u002Fsweetalert2.min.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fjs\u002Fchief-editor.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fcss\u002Fchief-editor.css","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fcss\u002Fchief-editor-admin.css","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fjs\u002Fsorttable.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fjs\u002FChartNew.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fjs\u002Fchief-editor-graph.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Flibs\u002Fmoment\u002Fmoment-with-locales.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fjs\u002Fchiefed_print_editor.js","\u002Fwp-content\u002Fplugins\u002Fchief-editor\u002Fcss\u002Fchiefed-shot.css",[],[733,732,736,737,738,739,740],[745,746,747,748,749,750,751,752],"chief-editor\u002Fcss\u002Fchief-editor.css?ver=","chief-editor\u002Fcss\u002Fchief-editor-admin.css?ver=","chief-editor\u002Fjs\u002Fsorttable.js?ver=","chief-editor\u002Fjs\u002FChartNew.js?ver=","chief-editor\u002Fjs\u002Fchief-editor-graph.js?ver=","chief-editor\u002Flibs\u002Fmoment\u002Fmoment-with-locales.js?ver=","chief-editor\u002Fjs\u002Fchiefed_print_editor.js?ver=","chief-editor\u002Fcss\u002Fchiefed-shot.css?ver=",{"cssClasses":754,"htmlComments":766,"htmlAttributes":769,"restEndpoints":774,"jsGlobals":775,"shortcodeOutput":778},[755,756,757,758,759,760,761,762,763,764,765],"chief-editor-main-wrapper","chief-editor-table-wrapper","chief-editor-post-title","chief-editor-post-author","chief-editor-post-date","chief-editor-post-status","chief-editor-post-category","chief-editor-post-tags","chief-editor-search-form","chief-editor-bulk-actions","chief-editor-pagination",[767,768],"\u003C!-- Default to the same capabilities as Contributor -->","\u003C!-- post author does not need to see others posts, only chief editor of blog -->",[770,771,772,773],"data-ce-action","data-ce-post-id","data-ce-user-id","data-ce-confirm-message",[],[776,777],"chiefEditorConfig","swal",[],{"error":254,"url":780,"statusCode":781,"statusMessage":782,"message":782},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fchief-editor\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":784},[]]