[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$felrKW0SmiaulVrxq00PVOD4njfee-lcqaISlavmUzhg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":124,"fingerprints":176},"current-page-template-viewer","Current Page Template Viewer","1.1.0","Nagaoka Design","https:\u002F\u002Fprofiles.wordpress.org\u002Fnagaokadesign\u002F","\u003Cp>This plugin helps WordPress developers by showing which template files are being used on the current page. It displays the current template file name and directory path in a convenient overlay, making it easy to identify which template is rendering the current page during development.\u003C\u002Fp>\n\u003Cp>The plugin shows a small, unobtrusive display that can be clicked to reveal detailed information about all template files loaded for the current page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Shows current template file name\u003Cbr \u002F>\n* Displays template directory path\u003Cbr \u002F>\n* Click to view all included template files\u003Cbr \u002F>\n* Configurable display position (top-left, top-right, bottom-left, bottom-right)\u003Cbr \u002F>\n* Customizable background and text colors\u003Cbr \u002F>\n* Admin-only display option for security\u003Cbr \u002F>\n* Debug mode option (only shows when WP_DEBUG is enabled)\u003Cbr \u002F>\n* Lightweight and performance-optimized\u003Cbr \u002F>\n* Clean, modern interface\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect for:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Theme developers\u003Cbr \u002F>\n* WordPress developers\u003Cbr \u002F>\n* Site debugging\u003Cbr \u002F>\n* Template hierarchy understanding\u003Cbr \u002F>\n* Development and staging environments\u003C\u002Fp>\n\u003Cp>The plugin is designed to be completely safe and non-intrusive, with options to restrict visibility to administrators only.\u003C\u002Fp>\n","Display current template file and directory name on screen for WordPress development.",10,319,0,"","6.8.5","5.0","7.4",[19,20,21,22,23],"debug","developer","development","template","theme","https:\u002F\u002Fgithub.com\u002Fnagaoka-design\u002Fcurrent-page-template-viewer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurrent-page-template-viewer.1.1.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"nagaokadesign",1,30,94,"2026-04-04T00:38:56.923Z",[37,58,74,91,108],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":26,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":14,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":57},"what-template-am-i-using","What Template Am I Using","0.2.0","webdeveric","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdeveric\u002F","\u003Cp>This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.\u003C\u002Fp>\n\u003Cp>The info is only displayed for users that have the edit_theme_options capability.\u003C\u002Fp>\n\u003Cp>Information displayed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Current template\u003C\u002Fli>\n\u003Cli>General Information (post type, are you on the front page, etc.)\u003C\u002Fli>\n\u003Cli>Additional files used. For example, header.php or footer.php\u003C\u002Fli>\n\u003Cli>What sidebars are being used and what widgets are in them.\u003C\u002Fli>\n\u003Cli>List of enqueued scripts and styles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>This plugin is intended for use by theme developers and it requires a standards compliant browser. This plugin will not work in IE8 or below.\u003C\u002Fstrong>\u003C\u002Fp>\n","This plugin is intended for theme developers to use. It shows the current template being used to render the page, current post type, and much more.",9190,96,13,"2015-12-08T05:17:00.000Z","4.4.0","3.1.0",[19,52,22,53],"server-information","theme-development","http:\u002F\u002Fphplug.in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-template-am-i-using.0.2.0.zip",85,"2026-03-15T15:16:48.613Z",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":17,"tags":70,"homepage":72,"download_link":73,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":57},"current-template-insights","Current Template Insights","1.0.3","macurious","https:\u002F\u002Fprofiles.wordpress.org\u002Fmacurious\u002F","\u003Cp>\u003Cstrong>Displays the current template file and key page details in the WordPress admin bar for logged-in administrators.\u003C\u002Fstrong>\u003Cbr \u002F>\nNo setup required: just install, activate, and see the info bar on any front-end page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Shows “📄 Template: ” in the front-end admin bar\u003Cbr \u002F>\n– Details on hover\u002Fclick: full template path, post ID, post type, slug, theme name & version, locale, body classes, query vars, conditionals, DB query count, memory usage, and more\u003Cbr \u002F>\n– No settings page, no configuration\u003Cbr \u002F>\n– Works with classic and block\u002FFSE themes (special info for block themes)\u003Cbr \u002F>\n– Developer-friendly, lightweight, no bloat\u003C\u002Fp>\n","Quickly view the active template file and important page information directly in your WordPress admin bar.",347,"2025-12-17T16:14:00.000Z","6.9.4","5.5",[71,19,21,22,23],"admin-bar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcurrent-template-insights\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurrent-template-insights.1.0.3.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":26,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":14,"tags":88,"homepage":14,"download_link":90,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":57},"monster-widget","Monster Widget","0.3","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The Monster widget consolidates all 13 core widgets into a single widget enabling theme developers to create multiple instances with ease. It has been created to save time during theme development and review by minimizing the steps needed to populate a sidebar with widgets. The Monster widget is not designed for use in production.\u003C\u002Fp>\n","Provides a quick and easy method of adding all core widgets to a sidebar for testing purposes.",1000,160640,8,"2017-11-10T15:47:00.000Z","4.9.29","3.2.0",[19,53,89],"widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonster-widget.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":82,"downloaded":99,"rating":26,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":14,"tags":104,"homepage":105,"download_link":106,"security_score":107,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":57},"what-template","What Template","0.1","Brian Alexander","https:\u002F\u002Fprofiles.wordpress.org\u002Fironprogrammer\u002F","\u003Cp>Adds the current page’s template name to the admin bar.\u003C\u002Fp>\n\u003Cp>Because this plugin reveals potentially sensitive information about the active theme, it is recommended for development environments only, and should not be enabled on a production site.\u003C\u002Fp>\n","Adds the current page's template name to the admin bar.",22245,3,"2024-07-19T20:49:00.000Z","6.6.5","3.1",[71,19,21,22],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwhat-template\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-template.0.1.2.zip",92,{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":26,"num_ratings":11,"last_updated":118,"tested_up_to":15,"requires_at_least":69,"requires_php":119,"tags":120,"homepage":122,"download_link":123,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":57},"spatie-ray","Ray","1.7.10","freekmurze","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreekmurze\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmyray.app\" rel=\"nofollow ugc\">Ray\u003C\u002Fa> is a beautiful, lightweight desktop app that helps you debug your app. There’s a \u003Ca href=\"https:\u002F\u002Fmyray.app\" rel=\"nofollow ugc\">free demo\u003C\u002Fa> available that can be unlocked with a \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fproducts\u002Fray\" rel=\"nofollow ugc\">license\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>After installing this plugin, you can use the \u003Ccode>ray()\u003C\u002Fcode> function to quickly dump stuff. Any variable(s) that you pass to \u003Ccode>ray()\u003C\u002Fcode> will be displayed.\u003C\u002Fp>\n\u003Cp>Here some examples:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>ray('Hello world');\n\nray(['a' => 1, 'b' => 2])->color('red');\n\nray('multiple', 'arguments', 'are', 'welcome');\n\nray()->showQueries();\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>There are many other helper functions available on Ray that allow you to display things that can help you debug such as \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fframework-agnostic-php-project#measuring-performance-and-memory-usage\" rel=\"nofollow ugc\">runtime and memory usage\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fwordpress#showing-queries\" rel=\"nofollow ugc\">queries that were executed\u003C\u002Fa>, and much more.\u003C\u002Fp>\n\u003Ch3>Full Documentation\u003C\u002Fh3>\n\u003Cp>The extensive documentation can be found \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>It contains the \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Finstallation-in-your-project\u002Fwordpress\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> for WordPress.\u003C\u002Fp>\n\u003Cp>After it is installed you can use any of the \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fframework-agnostic-php-project\" rel=\"nofollow ugc\">framework agnostic\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fspatie.be\u002Fdocs\u002Fray\u002Fv1\u002Fusage\u002Fwordpress\" rel=\"nofollow ugc\">WordPress specific functions\u003C\u002Fa>.\u003C\u002Fp>\n","Easily debug WordPress sites using Ray.",500,34993,"2025-12-10T09:18:00.000Z","8.0",[19,121,20,21],"debugging","https:\u002F\u002Fgithub.com\u002Fspatie\u002Fwordpress-ray","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspatie-ray.1.7.10.zip",{"attackSurface":125,"codeSignals":153,"taintFlows":168,"riskAssessment":169,"analyzedAt":175},{"hooks":126,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":13,"unprotectedCount":13},[127,133,137,141,145],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","admin_menu","currpate_add_admin_menu","current-page-template-viewer.php",55,{"type":128,"name":134,"callback":135,"file":131,"line":136},"admin_init","currpate_register_settings",56,{"type":128,"name":138,"callback":139,"file":131,"line":140},"wp_footer","currpate_display_template_info",57,{"type":128,"name":142,"callback":143,"file":131,"line":144},"wp_enqueue_scripts","currpate_enqueue_scripts",58,{"type":128,"name":146,"callback":147,"file":131,"line":148},"plugins_loaded","currpate_current_page_template_viewer_init",703,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":157,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":32,"bundledLibraries":167},[],{"prepared":13,"raw":13,"locations":156},[],{"escaped":158,"rawEcho":100,"locations":159},36,[160,163,165],{"file":131,"line":161,"context":162},184,"raw output",{"file":131,"line":164,"context":162},663,{"file":131,"line":166,"context":162},676,[],[],{"summary":170,"deductions":171},"The security posture of the \"current-page-template-viewer\" v1.1.0 plugin appears to be generally strong based on the provided static analysis and vulnerability history. The plugin exhibits good practices by not exposing a significant attack surface, with zero AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are all positive indicators. The high percentage of properly escaped output (92%) and the presence of at least one capability check also contribute to a good security foundation.  The lack of any recorded vulnerabilities, including critical or high severity ones, further reinforces this assessment.\n\nHowever, the analysis does highlight a couple of areas for potential concern. The complete absence of nonce checks across all entry points (which are zero in this case) is noteworthy. While there are no entry points to exploit, if functionality were to be added in the future, the lack of a default nonce implementation could lead to vulnerabilities. Similarly, while the plugin has capability checks, the exact nature and implementation of these checks are not detailed. The taint analysis yielding zero flows is excellent, but it's important to remember that this is based on the current code and may not catch all theoretical issues, especially if the code were to change.\n\nIn conclusion, \"current-page-template-viewer\" v1.1.0 presents a low-risk profile. Its minimal attack surface, secure coding practices regarding SQL and output handling, and clean vulnerability history are commendable. The main area for improvement would be to ensure future development includes standard security practices like nonce checks for any added interactive features. The overall impression is that of a well-maintained and secure plugin for its current functionality.",[172],{"reason":173,"points":174},"No nonce checks implemented",5,"2026-03-16T23:14:17.042Z",{"wat":177,"direct":184},{"assetPaths":178,"generatorPatterns":180,"scriptPaths":181,"versionParams":182},[179],"\u002Fwp-content\u002Fplugins\u002Fcurrent-page-template-viewer\u002Fjs\u002Fcurrpate-popup.js",[],[],[183],"current-page-template-viewer\u002Fjs\u002Fcurrpate-popup.js?ver=1.1.0",{"cssClasses":185,"htmlComments":187,"htmlAttributes":188,"restEndpoints":189,"jsGlobals":190,"shortcodeOutput":192},[186],"currpate-template-viewer-wrapper",[],[],[],[191],"currpate_script_vars",[]]