[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-T7n0xFF8wl_ynC4N8iQBOwk5cDyIEznEBpOR42MW8M":3,"$f24IdJxeGqQ9J3yjqvkHwYrjPlQpZF0IW19e0_kKUl8Y":266,"$fnOUfh3gKMCsBz7y-lXXppVMiCLJGviFc2gbH6i90_8M":270},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":130,"fingerprints":249},"content-revalidation-tracker","Content Revalidation Tracker","2.0.0","Dropndot Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fdropndot\u002F","\u003Cp>The \u003Cstrong>Content Revalidation Tracker\u003C\u002Fstrong> plugin seamlessly connects your WordPress site with your frontend framework (such as \u003Cstrong>Next.js\u003C\u002Fstrong>, \u003Cstrong>Nuxt\u003C\u002Fstrong>, or \u003Cstrong>Gatsby\u003C\u002Fstrong>) to trigger revalidation via a secure API endpoint every time content changes — ensuring your site always serves the most up-to-date pages.\u003C\u002Fp>\n\u003Cp>This plugin is ideal for \u003Cstrong>headless WordPress\u003C\u002Fstrong> setups that use static site generation or incremental static regeneration. Whenever you update, publish, or delete posts, pages, or taxonomies, the plugin automatically sends a secure API call to your frontend to revalidate the affected pages.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Revalidation\u003C\u002Fstrong> – Triggers a revalidation request whenever a post, user, or taxonomy is created, updated, trashed, or deleted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Prefix Mapping (New in v2)\u003C\u002Fstrong> – Define custom URL prefixes for your post types and taxonomies to match your frontend routing structure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Configuration\u003C\u002Fstrong> – Choose which post types and taxonomies are revalidated via filters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure API Communication\u003C\u002Fstrong> – Use a secret key and domain configuration to ensure authorized revalidation requests.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Test Tool (New in v2)\u003C\u002Fstrong> – Test revalidation manually from the settings page to confirm configuration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – Includes hooks and filters for advanced customization.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ideal For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress sites powered by \u003Cstrong>Next.js\u003C\u002Fstrong>, \u003Cstrong>Nuxt\u003C\u002Fstrong>, or other static\u002Fhybrid frameworks.\u003C\u002Fli>\n\u003Cli>Developers who want \u003Cstrong>automated page revalidation\u003C\u002Fstrong> after content changes.\u003C\u002Fli>\n\u003Cli>Headless WordPress sites that require fast and fresh content delivery.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support and troubleshooting, please visit \u003Ca href=\"https:\u002F\u002Fdropndot.com\" rel=\"nofollow ugc\">Dropndot Solutions\u003C\u002Fa>.\u003C\u002Fp>\n","Auto-triggers frontend revalidation on post, page, user, or taxonomy updates. Ideal for Next.js and headless WordPress setups.",10,1040,100,2,"2025-11-03T11:01:00.000Z","6.8.5","6.3","7.4",[20,21,22,23,24],"api","headless","nextjs","revalidation","static","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontent-revalidation-tracker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-revalidation-tracker.2.0.0.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"dropndot",4,120,98,30,93,"2026-05-19T21:01:03.476Z",[41,61,79,96,114],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":59,"download_link":60,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wpgraphql-acf","WPGraphQL for ACF","2.5.2","Jason Bahl","https:\u002F\u002Fprofiles.wordpress.org\u002Fjasonbahl\u002F","\u003Cp>WPGraphQL for Advanced Custom Fields is a free, open-source WordPress plugin that adds ACF Fields and Field Groups to the WPGraphQL Schema.\u003C\u002Fp>\n\u003Ch4>Create ACF Field Groups\u003C\u002Fh4>\n\u003Cp>Create ACF Field Groups and Fields using the ACF User Interface, register them with PHP, or leverage ACF local JSON. Each field group and the fields within it can be configured to “Show in GraphQL.”\u003C\u002Fp>\n\u003Ch4>Query your fields with GraphQL\u003C\u002Fh4>\n\u003Cp>Once your field groups and fields are configured to “Show in GraphQL,” they become available in the GraphQL Schema for querying.\u003C\u002Fp>\n\u003Ch4>Supported Field Types\u003C\u002Fh4>\n\u003Cp>WPGraphQL for ACF provides support for most built-in field types of ACF (free & PRO) and extends support to most field types from ACF Extended (free & PRO).\u003C\u002Fp>\n\u003Ch3>Updating\u003C\u002Fh3>\n\u003Cp>If you are updating from WPGraphQL for ACF v0.6.* or older, check out the \u003Ca href=\"https:\u002F\u002Facf.wpgraphql.com\u002Fupgrade-guide\" rel=\"nofollow ugc\">Upgrade Guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For non-major version updates, automatic updates usually should work smoothly, but we still recommend you back up your site and test on a staging site.\u003C\u002Fp>\n\u003Cp>Before updating WPGraphQL for ACF, review the release notes on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwpgraphql-acf\u002Freleases\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>We follow Semantic Versioning (Semver) for meaningful releases:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>MAJOR\u003C\u002Fem> version for incompatible API changes,\u003C\u002Fli>\n\u003Cli>\u003Cem>MINOR\u003C\u002Fem> version for backwards-compatible functionality additions,\u003C\u002Fli>\n\u003Cli>\u003Cem>PATCH\u003C\u002Fem> version for backwards-compatible bug fixes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about Semver at \u003Ca href=\"https:\u002F\u002Fsemver.org\" rel=\"nofollow ugc\">semver.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Fdiscussions\" rel=\"nofollow ugc\">General Help Requests\u003C\u002Fa>: For general questions and help requests, create a new topic in Github Discussions\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpgraphql.com\u002Fdiscord\" rel=\"nofollow ugc\">Discord Community\u003C\u002Fa>: The WPGraphQL Discord is a great place to communicate in real-time. Ask questions, discuss features, get to know other folks using WPGraphQL.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Fissues\u002Fnew?assignees=&labels=&projects=&template=bug_report.yml\" rel=\"nofollow ugc\">Bug Reports\u003C\u002Fa>: Report a bug in WPGraphQL\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Fissues\u002Fnew?assignees=&labels=&projects=&template=feature_request.yml\" rel=\"nofollow ugc\">Feature Requests\u003C\u002Fa>: Suggest an idea, feature, or enhancement for WPGraphQL.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Fsecurity\u002Fadvisories\u002Fnew\" rel=\"nofollow ugc\">Report a Security Vulnerability\u003C\u002Fa>: Report a security vulnerability.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>FAQs\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Does this work with ACF Extended?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Yes! WPGraphQL for ACF allows you to query for (most) fields created with ACF Extended.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Can I filter and sort queries by ACF Fields using WPGraphQL for ACF?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>At this time WPGraphQL for ACF does not support filtering or sorting queries by ACF Fields. “Meta Queries” are often very expensive to execute, so we currently do not support filtering by ACF fields out of the box, but are exploring options for supporting it without the performance penalty.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>I think I found a bug, where do I report it?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you think you found a bug, please open an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwpgraphql-acf\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. The more details you provide in the issue, and the more clear your steps to reproduce are, the higher chances we will be able to help.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Can I use ACF Free or Pro with WPGraphQL for ACF?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Yes! WPGraphQL for ACF works great with ACF Free and Pro. The Pro version of ACF has some additional features, such as Flexible Content Fields, Repeater Fields and Options Pages that are supported by WPGraphQL for ACF.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Do I have to use Faust.js to use WPGraphQL for ACF?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>No! While \u003Ca href=\"https:\u002F\u002Fwww.wpgraphql.com\" rel=\"nofollow ugc\">wpgraphql.com\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Facf.wpgraphql.com\" rel=\"nofollow ugc\">acf.wpgraphql.com\u003C\u002Fa> are built using \u003Ca href=\"https:\u002F\u002Ffaustjs.org\u002F\" rel=\"nofollow ugc\">Faust.js\u003C\u002Fa> and Next.js, you can use WPGraphQL for ACF with any GraphQL client, including Apollo, Relay, Urql, etc.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>I have an ACF Extension that adds a new field type, will it work with WPGraphQL for ACF?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WPGraphQL for ACF supports the field types that come with ACF (Free and PRO) as well as the field types in ACF Extended (Free and PRO). Support for additional field types can be added by using the “register_graphql_acf_field_type” API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Do I need WPGraphQL and ACF to be active to use this?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is a “bridge” plugin that brings functionality of ACF to WPGraphQL. Both WPGraphQL and ACF need to be installed and active in your WordPress installation for this plugin to work.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How much does WPGraphQL for ACF cost?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WPGraphQL for ACF is a FREE open-source plugin. The development is sponsored by \u003Ca href=\"https:\u002F\u002Fwpengine.com\u002Fatlas\" rel=\"nofollow ugc\">WP Engine Atlas\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Does WPGraphQL for ACF support GraphQL Mutations?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>GraphQL Mutations are not yet supported. We are working on adding support for Mutations in the future. We are waiting for the GraphQL “@oneOf” directive to be merged into the GraphQL spec before we add support for Mutations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Does this work with Field Groups registered in PHP or JSON?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Yes! You can register ACF Field Groups and Fields using the Admin UI, PHP or JSON. WPGraphQL for ACF will detect the Field Groups and Fields and add them to the GraphQL Schema. If using PHP or JSON, you will need to set the “show_in_graphql” setting to “true” to expose the Field Group and Fields to the GraphQL Schema. There might be other settings that need attention at the field group or field level that might impact the schema or field resolution.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>WPGraphQL for Advanced Custom Fields uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect telemetry data upon user confirmation, helping us troubleshoot problems and improve the product.\u003C\u002Fp>\n\u003Cp>The Appsero SDK \u003Cstrong>doesn’t collect data by default\u003C\u002Fstrong> and only starts gathering basic telemetry data when a user allows it via the admin notice. No data is collected without user consent.\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses data\u003C\u002Fa>.\u003C\u002Fp>\n","WPGraphQL for ACF seamlessly integrates Advanced Custom Fields with WPGraphQL.",10000,97095,1,"2026-04-09T21:07:00.000Z","6.5.8","5.9","7.3",[57,20,58,21,22],"acf","graphql","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpgraphql-acf.2.5.2.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":27,"downloaded":69,"rating":27,"num_ratings":27,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":77,"download_link":78,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"metronyx-headless-cms-connector","Metronyx Headless CMS Connector","1.0.4","ariellejphoenix","https:\u002F\u002Fprofiles.wordpress.org\u002Fariellejphoenix\u002F","\u003Cp>\u003Cstrong>Metronyx Headless CMS Connector\u003C\u002Fstrong> provides a clean, secure REST API to connect your WordPress content with any frontend framework. Perfect for developers building modern web applications with Next.js, React, Vue, Angular, or any other frontend technology.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Clean REST API\u003C\u002Fstrong> – Simple endpoints for posts, pages, and content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Content Delivery\u003C\u002Fstrong> – Optimized for modern headless CMS implementations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CORS Support\u003C\u002Fstrong> – Configured for secure frontend framework connections\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Framework Agnostic\u003C\u002Fstrong> – Works with Next.js, React, Vue, Angular, and any frontend\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Optimized\u003C\u002Fstrong> – Built-in meta fields and structured data for better search performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enterprise Security\u003C\u002Fstrong> – Built-in security features, input validation, and rate limiting\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Complete Documentation\u003C\u002Fstrong> – Built-in API docs and usage examples\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Features\u003C\u002Fh4>\n\u003Cp>This plugin has been thoroughly audited and includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Input validation and sanitization\u003C\u002Fli>\n\u003Cli>CSRF protection with nonce verification\u003C\u002Fli>\n\u003Cli>XSS prevention with output escaping\u003C\u002Fli>\n\u003Cli>Rate limiting and pagination limits\u003C\u002Fli>\n\u003Cli>CORS security with strict origin validation\u003C\u002Fli>\n\u003Cli>Path traversal protection\u003C\u002Fli>\n\u003Cli>Proper capability checks for admin functions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>API Endpoints\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Posts & Pages:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fposts\u003C\u002Fcode> – All posts with pagination\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fposts\u002F{slug}\u003C\u002Fcode> – Single post by slug\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fposts\u002Ffeatured\u003C\u002Fcode> – Featured posts only\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fpages\u003C\u002Fcode> – All pages\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fpages\u002F{slug}\u003C\u002Fcode> – Single page by slug\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Categories & Tags:\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fcategories\u003C\u002Fcode> – All categories\u003Cbr \u002F>\n* \u003Ccode>GET \u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Ftags\u003C\u002Fcode> – All tags\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Coming Soon:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Advanced e-commerce endpoints (future releases)\u003Cbr \u002F>\n* Enhanced content filtering and search\u003Cbr \u002F>\n* Multi-site headless architecture support\u003C\u002Fp>\n\u003Ch4>Data Structure\u003C\u002Fh4>\n\u003Cp>Each post\u002Fpage includes:\u003Cbr \u002F>\n* Basic content (title, slug, content, excerpt)\u003Cbr \u002F>\n* SEO metadata (title, description, canonical URL)\u003Cbr \u002F>\n* Featured images with multiple sizes\u003Cbr \u002F>\n* Categories and tags\u003Cbr \u002F>\n* Author information\u003Cbr \u002F>\n* Custom meta fields\u003C\u002Fp>\n\u003Cp>Future releases will include:\u003Cbr \u002F>\n* Advanced content filtering and search capabilities\u003Cbr \u002F>\n* Enhanced SEO metadata and structured data\u003Cbr \u002F>\n* Multi-language content support\u003Cbr \u002F>\n* Custom post type integration\u003Cbr \u002F>\n* Performance analytics and insights\u003C\u002Fp>\n\u003Ch4>Usage Example\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002F Fetch all posts\nconst posts = await fetch('\u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fposts')\n  .then(res => res.json());\n\n\u002F\u002F Fetch single post\nconst post = await fetch('\u002Fwp-json\u002Fmetronyx-connector\u002Fv1\u002Fposts\u002Fyour-post-slug')\n  .then(res => res.json());\n\n\u002F\u002F Next.js example\nexport async function getStaticProps({ params }) {\n  const post = await fetch(`${process.env.WORDPRESS_API_URL}posts\u002F${params.slug}`)\n    .then(res => res.json());\n\n  return { props: { post } };\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Professional Services\u003C\u002Fh3>\n\u003Cp>Running a headless WordPress setup means your SEO, performance, and content pipeline all need to work together. Metronyx specializes in WordPress-powered businesses and can help with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Headless CMS Architecture\u003C\u002Fstrong> – Custom REST API design, frontend-backend decoupling, and deployment pipelines for Next.js, React, or Vue\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI SEO & Answer Engine Optimization (AEO)\u003C\u002Fstrong> – Get your WordPress content surfaced in AI search results from ChatGPT, Perplexity, and Google AI Overviews\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance & Caching\u003C\u002Fstrong> – Server-side rendering optimization, CDN configuration, and API response caching for sub-second page loads\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom API Development\u003C\u002Fstrong> – Bespoke endpoints for WooCommerce, ACF, custom post types, and third-party integrations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO for Headless WordPress\u003C\u002Fstrong> – Structured data, meta tag management, sitemap generation, and crawl optimization for decoupled sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-site & Enterprise\u003C\u002Fstrong> – Manage multiple headless WordPress properties from a single admin with shared content APIs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more at \u003Ca href=\"https:\u002F\u002Fmetronyx.co.uk\" rel=\"nofollow ugc\">metronyx.co.uk\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fmetronyx.co.uk\u002Ffree-tools\" rel=\"nofollow ugc\">get a free SEO audit\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Developer\u003C\u002Fh3>\n\u003Cp>Built and maintained by \u003Cstrong>Arielle Phoenix\u003C\u002Fstrong> (\u003Ca href=\"https:\u002F\u002Fariellephoenix.com\" rel=\"nofollow ugc\">ariellephoenix.com\u003C\u002Fa>).\u003Cbr \u002F>\nAI SEO and headless WordPress solutions by \u003Cstrong>Metronyx\u003C\u002Fstrong> (\u003Ca href=\"https:\u002F\u002Fmetronyx.co.uk\" rel=\"nofollow ugc\">metronyx.co.uk\u003C\u002Fa>).\u003C\u002Fp>\n","Transform your WordPress site into a powerful headless CMS for modern frontend frameworks like Next.js, React, Vue, and more.",200,"2026-03-01T15:26:00.000Z","6.9.4","5.0",[74,21,22,75,76],"decoupled","react","rest-api","https:\u002F\u002Fmetronyx.co.uk","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmetronyx-headless-cms-connector.1.0.4.zip",{"slug":80,"name":81,"version":82,"author":45,"author_profile":46,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":36,"num_ratings":87,"last_updated":88,"tested_up_to":71,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":91,"download_link":92,"security_score":93,"vuln_count":94,"unpatched_count":27,"last_vuln_date":95,"fetched_at":29},"wp-graphql","WPGraphQL","2.11.2","\u003Cp>WPGraphQL is a free, open-source WordPress plugin that provides an extendable GraphQL schema and API for any WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get Started\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install WPGraphQL: \u003Ccode>wp plugin install wp-graphql --activate\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Try it out: \u003Ca href=\"https:\u002F\u002Frepl.wpgraphql.com\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Read the \u003Ca href=\"https:\u002F\u002Fwpgraphql.com\u002Fdocs\u002Fquick-start\" rel=\"nofollow ugc\">Quick Start Guide\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Join the \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FAGVBqqyaUY\" rel=\"nofollow ugc\">Community on Discord\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\" rel=\"nofollow ugc\">Star the Repo\u003C\u002Fa>!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Flexible API\u003C\u002Fstrong>: Query posts, pages, custom post types, taxonomies, users, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extendable Schema\u003C\u002Fstrong>: Easily add functionality with WPGraphQL’s API, enabling custom integrations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatible with Modern Frameworks\u003C\u002Fstrong>: Works seamlessly with \u003Ca href=\"https:\u002F\u002Fvercel.com\u002Fguides\u002Fwordpress-with-vercel\" rel=\"nofollow ugc\">Next.js\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fdocs.astro.build\u002Fen\u002Fguides\u002Fcms\u002Fwordpress\u002F\" rel=\"nofollow ugc\">Astro\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.okupter.com\u002Fblog\u002Fheadless-wordpress-graphql-sveltekit\" rel=\"nofollow ugc\">SvelteKit\u003C\u002Fa>, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized Performance\u003C\u002Fstrong>: Fetch exactly the data you need in a single query. Boost performance with \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Ftree\u002Fmain\u002Fplugins\u002Fwp-graphql-smart-cache\" rel=\"nofollow ugc\">WPGraphQL Smart Cache\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WPGraphQL is becoming a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fnews\u002F2024\u002F10\u002Fwpgraphql\u002F\" rel=\"ugc\">Canonical Plugin\u003C\u002Fa> on WordPress.org, ensuring long-term support and a growing community of users and contributors.\u003C\u002Fp>\n\u003Ch4>Upgrading\u003C\u002Fh4>\n\u003Cp>It is recommended that anytime you want to update WPGraphQL that you get familiar with what’s changed in the release.\u003C\u002Fp>\n\u003Cp>WPGraphQL publishes \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql\u002Freleases\" rel=\"nofollow ugc\">release notes on Github\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>WPGraphQL has been following Semver practices for a few years. We will continue to follow Semver and let version numbers communicate meaning. The summary of Semver versioning is as follows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>MAJOR\u003C\u002Fem> version when you make incompatible API changes,\u003C\u002Fli>\n\u003Cli>\u003Cem>MINOR\u003C\u002Fem> version when you add functionality in a backwards compatible manner, and\u003C\u002Fli>\n\u003Cli>\u003Cem>PATCH\u003C\u002Fem> version when you make backwards compatible bug fixes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can read more about the details of Semver at semver.org\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>WPGraphQL uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster and make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK starts gathering basic telemetry data \u003Cstrong>only when a user allows it via the admin notice\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","WPGraphQL adds a flexible and powerful GraphQL API to WordPress, enabling efficient querying and interaction with your site's data.",30000,1430860,48,"2026-04-13T18:05:00.000Z","6.0",[74,58,21,75,76],"https:\u002F\u002Fgithub.com\u002Fwp-graphql\u002Fwp-graphql","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-graphql.2.11.2.zip",80,9,"2026-05-07 00:00:00",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":13,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":72,"requires_php":59,"tags":109,"homepage":59,"download_link":112,"security_score":113,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"headless-mode","Headless Mode","0.4.0","Ben Meredith","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenmeredithgmailcom\u002F","\u003Cp>Headless mode sets up a redirect for all users trying to access the site. The only requests that are granted admission are ones that are either trying to access the REST API, the WP GraphQL API, or any logged-in user looking to access the headless install to edit or create posts.\u003C\u002Fp>\n","Once you take the head off of WordPress, nobody needs to see it. This plugin hides the front end by redirecting to the shiny static (etc) site.",2000,33338,6,"2024-07-18T15:41:00.000Z","6.6.5",[110,21,111,24],"gatsby","jamstack","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheadless-mode.0.4.0.zip",92,{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":27,"num_ratings":27,"last_updated":124,"tested_up_to":71,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":59,"download_link":129,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"babylovegrowth-integration","BabyLoveGrowth Integration","1.0.15","BabyLoveGrowth","https:\u002F\u002Fprofiles.wordpress.org\u002Fmeetcpatel8850\u002F","\u003Cp>BabyLoveGrowth Integration adds a secure REST API endpoint to your WordPress site so BabyLoveGrowth.ai can publish or update posts remotely. It uses an API key you control in WordPress settings, and supports featured images and HTML\u002FMarkdown content.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Improved Authorization\u003C\u002Fli>\n\u003Cli>Endpoints: \u003Ccode>GET \u002Fwp-json\u002Fbabylovegrowth\u002Fv1\u002Fping\u003C\u002Fcode>, \u003Ccode>POST \u002Fwp-json\u002Fbabylovegrowth\u002Fv1\u002Fpublish\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Accepts \u003Ccode>title\u003C\u002Fcode>, \u003Ccode>slug\u003C\u002Fcode>, \u003Ccode>content_html\u003C\u002Fcode> or \u003Ccode>content_markdown\u003C\u002Fcode>, optional \u003Ccode>metaDescription\u003C\u002Fcode>, \u003Ccode>heroImageUrl\u003C\u002Fcode>, \u003Ccode>status\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Sets\u002Fupdates posts by slug; supports \u003Ccode>publish\u003C\u002Fcode>, \u003Ccode>draft\u003C\u002Fcode>, \u003Ccode>pending\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure REST endpoint to publish posts from BabyLoveGrowth.ai backend via API key.",1000,3838,"2026-04-15T16:53:00.000Z","5.6",[21,127,76,128],"publishing","webhook","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbabylovegrowth-integration.1.0.15.zip",{"attackSurface":131,"codeSignals":188,"taintFlows":202,"riskAssessment":241,"analyzedAt":248},{"hooks":132,"ajaxHandlers":184,"restRoutes":185,"shortcodes":186,"cronEvents":187,"entryPointCount":27,"unprotectedCount":27},[133,139,141,146,150,154,158,161,165,169,172,176,180],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","admin_notices","closure","content-revalidation-tracker.php",274,{"type":134,"name":135,"callback":136,"file":137,"line":140},346,{"type":134,"name":142,"callback":143,"priority":144,"file":137,"line":145},"save_post","content_revalidation_tracker_on_post_save",999,387,{"type":134,"name":147,"callback":148,"priority":11,"file":137,"line":149},"wp_trash_post","content_revalidation_tracker_on_post_trash",402,{"type":134,"name":151,"callback":152,"priority":11,"file":137,"line":153},"before_delete_post","content_revalidation_tracker_on_post_delete",417,{"type":134,"name":155,"callback":156,"file":137,"line":157},"profile_update","content_revalidation_tracker_on_user_update",430,{"type":134,"name":159,"callback":156,"file":137,"line":160},"user_register",431,{"type":134,"name":162,"callback":163,"file":137,"line":164},"delete_user","content_revalidation_tracker_on_user_delete",442,{"type":134,"name":166,"callback":167,"priority":11,"file":137,"line":168},"created_term","content_revalidation_tracker_on_term_update",457,{"type":134,"name":170,"callback":167,"priority":11,"file":137,"line":171},"edited_term",458,{"type":134,"name":173,"callback":174,"priority":11,"file":137,"line":175},"delete_term","content_revalidation_tracker_on_term_delete",471,{"type":134,"name":177,"callback":178,"file":137,"line":179},"admin_menu","content_revalidation_tracker_menu",489,{"type":134,"name":181,"callback":182,"file":137,"line":183},"admin_init","content_revalidation_tracker_settings_init",1042,[],[],[],[],{"dangerousFunctions":189,"sqlUsage":190,"outputEscaping":192,"fileOperations":27,"externalRequests":14,"nonceChecks":34,"capabilityChecks":200,"bundledLibraries":201},[],{"prepared":27,"raw":27,"locations":191},[],{"escaped":193,"rawEcho":14,"locations":194},129,[195,198],{"file":137,"line":196,"context":197},565,"raw output",{"file":137,"line":199,"context":197},610,3,[],[203,230],{"entryPoint":204,"graph":205,"unsanitizedCount":27,"severity":229},"content_revalidation_tracker_settings_page (content-revalidation-tracker.php:496)",{"nodes":206,"edges":225},[207,212,218,221],{"id":208,"type":209,"label":210,"file":137,"line":211},"n0","source","$_POST",555,{"id":213,"type":214,"label":215,"file":137,"line":216,"wp_function":217},"n1","sink","update_option() [Settings Manipulation]",563,"update_option",{"id":219,"type":209,"label":220,"file":137,"line":211},"n2","$_POST (x2)",{"id":222,"type":214,"label":223,"file":137,"line":196,"wp_function":224},"n3","echo() [XSS]","echo",[226,228],{"from":208,"to":213,"sanitized":227},true,{"from":219,"to":222,"sanitized":227},"low",{"entryPoint":231,"graph":232,"unsanitizedCount":27,"severity":229},"\u003Ccontent-revalidation-tracker> (content-revalidation-tracker.php:0)",{"nodes":233,"edges":238},[234,235,236,237],{"id":208,"type":209,"label":210,"file":137,"line":211},{"id":213,"type":214,"label":215,"file":137,"line":216,"wp_function":217},{"id":219,"type":209,"label":220,"file":137,"line":211},{"id":222,"type":214,"label":223,"file":137,"line":196,"wp_function":224},[239,240],{"from":208,"to":213,"sanitized":227},{"from":219,"to":222,"sanitized":227},{"summary":242,"deductions":243},"The 'content-revalidation-tracker' plugin version 2.0.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified attack surface points, such as unprotected AJAX handlers, REST API routes, shortcodes, or cron events, is a significant strength. Furthermore, the code signals indicate a good adherence to secure coding practices, with no dangerous functions, all SQL queries utilizing prepared statements, and a very high percentage of output properly escaped.  The presence of nonce and capability checks, although limited, is also a positive indicator.  The plugin's vulnerability history is clean, with zero known CVEs, which suggests either a lack of historical vulnerabilities or a consistent effort in maintaining security.\n\nHowever, there are minor areas for attention. The plugin makes two external HTTP requests, which, while not inherently insecure, represent potential attack vectors if not handled with proper validation and sanitization on the receiving end, especially if the data is user-controlled. Taint analysis shows only two flows analyzed, which is a very small sample size. While no critical or high severity issues were found in these flows, a more comprehensive taint analysis would provide greater assurance. The absence of any identified vulnerabilities in the past is excellent, but it's important to remain vigilant as new vulnerabilities can emerge. Overall, this plugin appears to be well-secured, with its primary potential weaknesses lying in the handling of external HTTP requests and the limited scope of the taint analysis.",[244,246],{"reason":245,"points":200},"External HTTP requests made by the plugin",{"reason":247,"points":14},"Limited scope of taint analysis flows","2026-04-16T12:25:24.956Z",{"wat":250,"direct":259},{"assetPaths":251,"generatorPatterns":254,"scriptPaths":255,"versionParams":256},[252,253],"\u002Fwp-content\u002Fplugins\u002Fcontent-revalidation-tracker\u002Fpublic\u002Fcss\u002Fcrt-public.css","\u002Fwp-content\u002Fplugins\u002Fcontent-revalidation-tracker\u002Fpublic\u002Fjs\u002Fcrt-public.js",[],[253],[257,258],"content-revalidation-tracker\u002Fpublic\u002Fcss\u002Fcrt-public.css?ver=","content-revalidation-tracker\u002Fpublic\u002Fjs\u002Fcrt-public.js?ver=",{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":263,"jsGlobals":264,"shortcodeOutput":265},[],[],[],[],[],[],{"error":227,"url":267,"statusCode":268,"statusMessage":269,"message":269},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcontent-revalidation-tracker\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":200,"versions":271},[272,278,285],{"version":6,"download_url":26,"svn_tag_url":273,"released_at":28,"has_diff":274,"diff_files_changed":275,"diff_lines":28,"trac_diff_url":276,"vulnerabilities":277,"is_current":227},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcontent-revalidation-tracker\u002Ftags\u002F2.0.0\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcontent-revalidation-tracker%2Ftags%2F1.0.1&new_path=%2Fcontent-revalidation-tracker%2Ftags%2F2.0.0",[],{"version":279,"download_url":280,"svn_tag_url":281,"released_at":28,"has_diff":274,"diff_files_changed":282,"diff_lines":28,"trac_diff_url":283,"vulnerabilities":284,"is_current":274},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-revalidation-tracker.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcontent-revalidation-tracker\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcontent-revalidation-tracker%2Ftags%2F1.0.0&new_path=%2Fcontent-revalidation-tracker%2Ftags%2F1.0.1",[],{"version":286,"download_url":287,"svn_tag_url":288,"released_at":28,"has_diff":274,"diff_files_changed":289,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":290,"is_current":274},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-revalidation-tracker.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcontent-revalidation-tracker\u002Ftags\u002F1.0.0\u002F",[],[]]