[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYbdNx-RjhXUje518iXypppPBD9ocoxrX733t7UE9riY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":34,"analysis":133,"fingerprints":225},"collab-notes","Collab Notes","1.3","psartorio","https:\u002F\u002Fprofiles.wordpress.org\u002Fpsartorio\u002F","\u003Cp>Collab Notes is a simple and effective plugin to manage private notes for pages and posts directly in the WordPress admin area.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Add private notes to any page or post.\u003Cbr \u002F>\n– Notes are visible only in the WordPress admin area.\u003Cbr \u002F>\n– Customize which user roles can add, edit, or view notes.\u003Cbr \u002F>\n– An icon is displayed in the post\u002Fpage list for content with notes, making it easy to identify.\u003Cbr \u002F>\n– Lightweight and easy to use, with no impact on site performance.\u003C\u002Fp>\n\u003Cp>This plugin is perfect for teams and administrators who want to keep internal notes, reminders, or task lists linked to specific content.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later. See https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html for details.\u003C\u002Fp>\n","Collab Notes allows administrators to add private notes to pages and posts, with customizable user role permissions.",30,733,0,"2025-02-05T09:41:00.000Z","6.7.5","5.6","7.2",[19,20,21,22,23],"admin","collaboration","notes","private-notes","wordpress","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcollab-notes.1.3.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":11,"trust_score":32,"computed_at":33},1,88,"2026-04-04T11:00:48.151Z",[35,59,83,102,117],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":26,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":24,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":13,"last_vuln_date":58,"fetched_at":28},"wp-dashboard-notes","WP Dashboard Notes","1.0.13","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Colored notes\u003C\u002Fli>\n\u003Cli>List notes or regular notes\u003C\u002Fli>\n\u003Cli>Public or private notes\u003C\u002Fli>\n\u003Cli>Edit on dashboard\u003C\u002Fli>\n\u003Cli>Add as many notes as you like\u003C\u002Fli>\n\u003Cli>Drag & drop list items\u003C\u002Fli>\n\u003Cli>No save button needed!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Feature requests, ratings and donations are welcome and appreciated!\u003C\u002Fstrong>\u003C\u002Fp>\n","Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user  …",20000,248966,109,"2024-08-27T08:39:00.000Z","6.4.8","4.0",[50,51,52,21,53],"admin-note","dashboard-notes","note","wordpress-notes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-dashboard-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-dashboard-notes.1.0.13.zip",90,3,"2024-08-09 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":24,"tags":74,"homepage":78,"download_link":79,"security_score":80,"vuln_count":81,"unpatched_count":13,"last_vuln_date":82,"fetched_at":28},"user-notes","User Notes","1.0.4","cartpauj","https:\u002F\u002Fprofiles.wordpress.org\u002Fcartpauj\u002F","\u003Cp>This plugin adds a text editor area to each User Profile in the dashboard for Administrators to keep private notes about each User. The notes are ONLY visible to Administrators — that’s the whole point! It also adds a column to the “All Users” list where you can quickly see the note for the user without having to even open their profile.\u003C\u002Fp>\n\u003Cp>It is especially handy for \u003Ca href=\"http:\u002F\u002Fwww.memberpress.com\u002F?aff=20\" title=\"Best membership plugin for WordPress\" rel=\"nofollow ugc\">Membership Sites\u003C\u002Fa> where you may have thousands of members to deal with and need to remember special circumstances for them.\u003C\u002Fp>\n","Keep private notes about each of your users that only Administrators can see.",900,14556,96,15,"2025-11-28T17:01:00.000Z","6.8.5","6.0",[75,52,22,76,77],"admin-notes","secure-notes","user","http:\u002F\u002Fcartpauj.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-notes.1.0.4.zip",98,2,"2025-09-26 00:00:00",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":24,"tags":98,"homepage":99,"download_link":100,"security_score":101,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lh-dashboard-notes","LH Dashboard Notes","1.09","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>LH Dashboard Notes allow you to insert noes on your wp-admin dashboard for your users using the post editor interface. If this plugin is network activated the insertion and editing of these dashboard notes is centralised on the main site of your multisite install. Allowing you to set Dashboard notes that are viewed throughout your multisite network.\u003C\u002Fp>\n","Allows you to create and edit notes that appear on the admin dashboard",500,9928,100,10,"2018-05-09T02:44:00.000Z","4.9.29","3.6",[50,51,52,21,53],"https:\u002F\u002Flhero.org\u002Fplugins\u002Flh-dashboard-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-dashboard-notes.zip",85,{"slug":21,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":13,"num_ratings":13,"last_updated":111,"tested_up_to":112,"requires_at_least":48,"requires_php":24,"tags":113,"homepage":115,"download_link":116,"security_score":101,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"Notes","1.1.0","seosbg","https:\u002F\u002Fprofiles.wordpress.org\u002Fseosbg\u002F","\u003Cp>Displays notes on the WordPress dashboard. When the date of the event has occurred, the note is colored red.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays notes on the WordPress dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIKjj479J5B0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>1.1.0 January 01 2020\u003C\u002Fh4>\n\u003Cp>*FIXED: Date Issue\u003C\u002Fp>\n\u003Ch4>1.0.0\u003C\u002Fh4>\n\u003Cp>\u003Cem>Initial release of plugin – 30 December 2019\u003C\u002Fem>\u003C\u002Fp>\n","Displays notes on the WordPress dashboard. When the date of the event has occurred, the note is colored red.",70,1863,"2020-01-01T15:25:00.000Z","5.3.21",[75,52,21,114,53],"wordpress-note","https:\u002F\u002Fseosthemes.com\u002Fnotes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnotes.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":13,"downloaded":125,"rating":93,"num_ratings":31,"last_updated":126,"tested_up_to":96,"requires_at_least":127,"requires_php":24,"tags":128,"homepage":24,"download_link":132,"security_score":101,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"admin-sticky-notes","ASN(Admin Sticky Notes)","1.0.0","fgirach09","https:\u002F\u002Fprofiles.wordpress.org\u002Ffgirach09\u002F","\u003Cp>ASN(Admin Sticky Notes) is use for creating notes during your admin side work. it help you to remember pending works.\u003C\u002Fp>\n","ASN(Admin Sticky Notes) is use for creating notes during your admin side work. it help you to remember pending works.",1523,"2018-01-09T03:28:00.000Z","4.9",[19,21,129,130,131],"sticky","sticky-notes","wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-sticky-notes.zip",{"attackSurface":134,"codeSignals":169,"taintFlows":182,"riskAssessment":219,"analyzedAt":224},{"hooks":135,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":13,"unprotectedCount":13},[136,142,146,151,154,158,161],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","add_meta_boxes","collab_notes_add_metabox","collab-notes.php",27,{"type":137,"name":143,"callback":144,"file":140,"line":145},"save_post","collab_notes_save_post",64,{"type":147,"name":148,"callback":149,"file":140,"line":150},"filter","manage_posts_columns","collab_notes_add_column",71,{"type":147,"name":152,"callback":149,"file":140,"line":153},"manage_pages_columns",72,{"type":137,"name":155,"callback":156,"priority":94,"file":140,"line":157},"manage_posts_custom_column","collab_notes_populate_column",83,{"type":137,"name":159,"callback":156,"priority":94,"file":140,"line":160},"manage_pages_custom_column",84,{"type":137,"name":162,"callback":163,"file":140,"line":164},"admin_menu","collab_notes_register_menu",108,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":171,"outputEscaping":173,"fileOperations":13,"externalRequests":13,"nonceChecks":81,"capabilityChecks":180,"bundledLibraries":181},[],{"prepared":13,"raw":13,"locations":172},[],{"escaped":70,"rawEcho":81,"locations":174},[175,178],{"file":140,"line":176,"context":177},186,"raw output",{"file":140,"line":179,"context":177},198,4,[],[183,202],{"entryPoint":184,"graph":185,"unsanitizedCount":13,"severity":201},"collab_notes_render_settings_page (collab-notes.php:159)",{"nodes":186,"edges":198},[187,192],{"id":188,"type":189,"label":190,"file":140,"line":191},"n0","source","$_POST (x2)",165,{"id":193,"type":194,"label":195,"file":140,"line":196,"wp_function":197},"n1","sink","update_option() [Settings Manipulation]",168,"update_option",[199],{"from":188,"to":193,"sanitized":200},true,"low",{"entryPoint":203,"graph":204,"unsanitizedCount":13,"severity":201},"\u003Ccollab-notes> (collab-notes.php:0)",{"nodes":205,"edges":216},[206,208,212,214],{"id":188,"type":189,"label":190,"file":140,"line":207},48,{"id":193,"type":194,"label":209,"file":140,"line":210,"wp_function":211},"echo() [XSS]",79,"echo",{"id":213,"type":189,"label":190,"file":140,"line":191},"n2",{"id":215,"type":194,"label":195,"file":140,"line":196,"wp_function":197},"n3",[217,218],{"from":188,"to":193,"sanitized":200},{"from":213,"to":215,"sanitized":200},{"summary":220,"deductions":221},"The collab-notes plugin v1.3 demonstrates a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface.  The code analysis further indicates good development practices, with no dangerous functions, all SQL queries using prepared statements, and a high percentage of output correctly escaped.  The presence of nonce and capability checks, although limited in number, is also a positive sign.  The taint analysis showing zero unsanitized paths further reinforces the impression of secure code.  The plugin's vulnerability history is exceptionally clean, with no recorded CVEs, which suggests a history of secure development and maintenance.  Overall, this plugin appears to be well-developed and secure. The main area for potential minor concern would be the percentage of unescaped output, but at 12%, it's still within a reasonable range for a plugin of this nature, especially given the lack of other identified vulnerabilities.",[222],{"reason":223,"points":180},"Unescaped output exists","2026-03-16T22:32:14.859Z",{"wat":226,"direct":231},{"assetPaths":227,"generatorPatterns":228,"scriptPaths":229,"versionParams":230},[],[],[],[],{"cssClasses":232,"htmlComments":233,"htmlAttributes":234,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":238},[],[],[235],"data-collab-note",[],[],[]]