[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffzugowbdVJF2FCaDBB20Aejg3xiBtP6dOKU4tFeCe90":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":50,"analysis":150,"fingerprints":289},"custom-team-manager","Custom Team Manager","2.4.2","Ibnul H.","https:\u002F\u002Fprofiles.wordpress.org\u002Fibnul\u002F","\u003Cp>This plugin will display team members of your company using shortcode on your post or page. You just need to post members details same way as you add a new post. And everything will be there automatically. Use Team Management menu to add new member and see team-members page. It’s shortcode enabled, responsive and easy to use. You can change to Gridview display of members from Settings page. There are few other options too.\u003C\u002Fp>\n\u003Ch4>Recommended Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-types-order\u002F\" rel=\"ugc\">Post Types Order\u003C\u002Fa> – With Post Types Order, you can reorder your team members easily, it’s just drag and drop.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can add\u002Fedit member detail same way as post add\u002Fedit.\u003C\u002Fli>\n\u003Cli>Responsive layout.\u003C\u002Fli>\n\u003Cli>Shortcode enabled.\u003C\u002Fli>\n\u003Cli>Settings page with Ajax save.\u003C\u002Fli>\n\u003Cli>Members pagination with ajax loading.\u003C\u002Fli>\n\u003Cli>Excellent CSS3 modern effects.\u003C\u002Fli>\n\u003Cli>Easy to customize (if needed).\u003C\u002Fli>\n\u003Cli>Automatic members page creation.\u003C\u002Fli>\n\u003Cli>Option to specify number of team members to display.\u003C\u002Fli>\n\u003Cli>Custom CSS option. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How To Use\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install \u002F Activate the plugin\u003C\u002Fli>\n\u003Cli>Add Team Members from \u003Ccode>Management Team\u003C\u002Fcode> menu on Dashboard.\u003C\u002Fli>\n\u003Cli>See Team Members page.\u003C\u002Fli>\n\u003Cli>Use Settings page to changes settings and custom CSS\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>[cmt-content]\u003C\u002Fcode>your content here\u003Ccode>[\u002Fcmt-content]\u003C\u002Fcode> to show some content before or after shortcode \u003Ccode>[team-members]\u003C\u002Fcode> or \u003Ccode>[team-members-profile]\u003C\u002Fcode> – it’ll position the content correctly.\u003C\u002Fli>\n\u003Cli>If you use single profile on single page and get \u003Ccode>404 Not Found\u003C\u002Fcode> for single full profile page, you need to flush permalink. Just go to Dashboard->Settings->Permalink , then click on Save button. You don’t need anything to change.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>THAT’S ALL ! ENJOY !\u003C\u002Fh4>\n","This plugin will display team members using shortcode on your page. You just need to post members details same way as you add a new post.",100,14544,94,16,"2022-08-24T10:13:00.000Z","6.0.11","3.5","",[20,21,4,22,23],"add-team-member","custom-team-management","team-management","team-manager","https:\u002F\u002Fmywpstudios.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-team-manager.zip",63,1,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-58840","custom-team-manager-authenticated-contributor-stored-cross-site-scripting","Custom Team Manager \u003C= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Custom Team Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.4.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-09 22:35:15",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe7a96a64-4df2-462c-a48b-215a2e19edab?source=api-prod",{"slug":46,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},"ibnul",30,68,"2026-04-04T06:15:23.344Z",[51,71,90,110,130],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":18,"tags":66,"homepage":67,"download_link":68,"security_score":69,"vuln_count":70,"unpatched_count":70,"last_vuln_date":36,"fetched_at":29},"awesome-team-showcase","Awesome Team Showcase","1.0.0","Cynob IT Consultancy","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetattingo-technologies\u002F","\u003Cp>This plugin provides to show awesome team showcase to you post or pages just using shortcode.\u003C\u002Fp>\n\u003Cp>use shortcode to show all members in page or post.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[team-members]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To Show members by category, use shortcode.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[team-members category=\"category name\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Where ‘category name’ is category of member group which to be list.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can add\u002Fedit member detail same way as post add\u002Fedit.\u003C\u002Fli>\n\u003Cli>Responsive layout.\u003C\u002Fli>\n\u003Cli>Shortcode enabled.\u003C\u002Fli>\n\u003Cli>Easy to customize\u003C\u002Fli>\n\u003Cli>Easy to use.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin provides to show awesome team showcase to you post or pages just using shortcode.",80,6660,82,9,"2016-08-20T05:07:00.000Z","4.6.30","3.5.0",[4,22,23],"http:\u002F\u002Fwww.netattingo.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawesome-team-showcase.zip",85,0,{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":11,"num_ratings":81,"last_updated":82,"tested_up_to":16,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":88,"download_link":89,"security_score":69,"vuln_count":70,"unpatched_count":70,"last_vuln_date":36,"fetched_at":29},"wp-roster","WP Roster","2.30","Northern Beaches Websites","https:\u002F\u002Fprofiles.wordpress.org\u002Fnorthernbeacheswebsites\u002F","\u003Cp>WP Roster is a unique roster plugin designed for WordPress. WP Roster comes with a fully-fledged application interface and is designed to take up the whole window of your site – the plugin comes with a custom page template to make this easily achievable so you can still maintain the existing look on your other pages. However, for most use cases, and what I recommend, is using the plugin on a barebones WordPress install on a subdomain. The plugin has been tested with the free Twenty Sixteen theme so for best results it is recommended to use this theme as otherwise additional CSS work may be required.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fwp-roster\u002F\" rel=\"nofollow ugc\">Check out WP Roster in action (pro version)\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>WP Roster has been designed specifically for church service rostering however the plugin can be used for a wide range of team and event applications. Maybe if you run an event company this could be handy or perhaps you have a team or business that has daily\u002Fweekly\u002Fmonthly tasks or roles.\u003C\u002Fp>\n\u003Cp>The plugin takes a table approach to presenting data as oppose to the more traditional calendar interface. This might not work for you but for certain contexts where each event has a bit going on this table view makes a lot more sense. With WP Roster you can create multiple dates, teams, members and lists and then on your main roster page allocate members to dates and teams with ease.\u003C\u002Fp>\n\u003Cp>For churches and other organisations, WP Roster creates a great middle-ground option which sits between having a full-blown CRM system which can be clunky and can require a lot of resources to maintain – and not to mention typically high ongoing fees and not having true ownership of your data; and DIY Excel spreadsheets which are hard to share, don’t look and work too great and aren’t the best solution to organise teams and events. Although WP Roster isn’t a full CRM system, it does use the built-in WordPress user system so you could extend the plugin however you want to! For example, it would be very easy to install a WordPress MailChimp user sync plugin to add all your members to MailChimp for ongoing emails etc.\u003C\u002Fp>\n\u003Cp>Every aspect of the plugin has been meticulously designed to present a truly beautiful and simple frontend and backend interface which is mobile friendly.\u003C\u002Fp>\n\u003Cp>Creating and deploying rosters is incredibly fast and easy. The plugin also comes with a setting restoration page so if you make a mistake you can easily roll back changes. The plugin has been made translation friendly except for popups – which I will make translatable based on demand.\u003C\u002Fp>\n\u003Ch4>Upgrade to pro\u003C\u002Fh4>\n\u003Cp>WP Roster is great but it is very limited compared to WP Roster Pro – in many respects this free version should be considered as a taster for those that need a really great roster system. WP Roster Pro comes with the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ability to create multiple rosters\u003C\u002Fli>\n\u003Cli>Ability to send conditional and dynamic automated notifications including SMS and email notifications (SMS charges are not included)\u003C\u002Fli>\n\u003Cli>Ability to upload members from a CSV file\u003C\u002Fli>\n\u003Cli>Add multiple dates with a click of a button\u003C\u002Fli>\n\u003Cli>Unavailable rows so users can add in their unavailability for those creating the roster with roster clash highlighting\u003C\u002Fli>\n\u003Cli>A dynamic run sheet template for each roster\u003C\u002Fli>\n\u003Cli>Take attendance of groups and rosters\u002Fservices\u003C\u002Fli>\n\u003Cli>Custom member fields\u003C\u002Fli>\n\u003Cli>Super awesome support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For most teams and organisations these are must-have features so \u003Ca href=\"https:\u002F\u002Fnorthernbeacheswebsites.com.au\u002Fwp-roster-pro\u002F\" rel=\"nofollow ugc\">upgrade to pro today\u003C\u002Fa>\u003C\u002Fp>\n","WP Roster is a robust roster system for WordPress",10,3136,2,"2022-09-29T09:30:00.000Z","4.0","5.2.4",[86,87,22],"roster","roster-system","https:\u002F\u002Fwww.northernbeacheswebsites.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-roster.2.30.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":70,"downloaded":98,"rating":70,"num_ratings":70,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":108,"download_link":109,"security_score":11,"vuln_count":70,"unpatched_count":70,"last_vuln_date":36,"fetched_at":29},"buddyclients-lite","BuddyClients Lite","1.0.35","Victoria Griffin","https:\u002F\u002Fprofiles.wordpress.org\u002Fvictoriagrif7\u002F","\u003Cp>BuddyClients is a flexible and comprehensive platform for any service-based business. This free version includes core functionality.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbuddyclients.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbuddyclients.com\u002Fhelp\u002F\" rel=\"nofollow ugc\">User Guides\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbuddyclients.com\u002Froadmap\u002F\" rel=\"nofollow ugc\">Roadmap\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSmokiesScribe\u002Fbuddyclients-lite\" rel=\"nofollow ugc\">Source Code on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbuddyclients.com\u002Fbuddyclients-lite-terms\u002F\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>The BuddyClients Lite plugin connects to external services to protect forms from spam. These services are optional and disabled by default.\u003C\u002Fp>\n\u003Ch3>Google reCAPTCHA Integration (Optional)\u003C\u002Fh3>\n\u003Cp>If enabled, Google reCAPTCHA is used to protect forms within the plugin from spam and abuse. When reCAPTCHA is active:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The user’s IP address and browser information are transmitted to Google for validation.\u003C\u002Fli>\n\u003Cli>Google may set cookies or track user interactions as outlined in their \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>reCAPTCHA is used only for form security and does not collect additional user data beyond what is required for spam prevention.\u003C\u002Fli>\n\u003Cli>Users can enable or disable the reCAPTCHA integration through the plugin settings. When disabled, no data is transmitted to Google.\u003C\u002Fli>\n\u003Cli>The reCAPTCHA integration is disabled by default.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details, please review our \u003Ca href=\"https:\u002F\u002Fbuddyclients.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>To run BuddyClients, we recommend your host supports:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PHP version 7.2 or greater.\u003C\u002Fli>\n\u003Cli>MySQL version 5.6 or greater, or, MariaDB version 10.0 or greater.\u003C\u002Fli>\n\u003Cli>HTTPS support.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Banner\u003C\u002Fh3>\n\u003Cp>The banner image used for the plugin page:\u003Cbr \u002F>\nBanner URL: \u002Fassets\u002Fmedia\u002Fbanner-772×250\u002Fbanner.png\u003C\u002Fp>\n\u003Ch3>*==+–==+*#%%%%%###=++===*##%##@%*+*\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>               %%%@+=++*+-:-##=++==++=-:=**%%#%%****           \n            --    #=-++++-:=#**#*==++---+###%*+***++           \n             *#%#*-:-===++=+#*==+*%%*---==-+*+*##+::           \n              %%%#=--+#%%+:=*+*###%%*-=+++***++*#+=+           \n               %%#=::+#%#+-+##%%%####+**####*++#%#**           \n                 **++**#*--=**#%%#*#%#*+*##***###%#            \n                    #*##*==+++#######%%%######%#%%%            \n    @%%**%@              ###+=+#*#%#%##%%#**#%%#%              \n  %%%%%**%@%#              %#+**+*#%%##%%*+*%#*##              \n%##%%%%  @%##%@@@            +*###%%%#%%%#+*%%%%%@             \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>@@#\u003Cem>#       @@@@@@@                     %%%%%%%%%##\u003Cbr \u002F>\n   @@%#        %%@@@@@@         %#%%%@%%%@  %%#\u003C\u002Fem>##%%@%#\u003Cbr \u002F>\n   @@@@         @@@@@@@@@    ####%%%##%@@%%% #\u003Cem>+\u003C\u002Fem>%%%@%#\u003Cbr \u002F>\n   @@@@@           @@@@   @@%%%%%#@%##%@@@%%@ ++#%%@@%%%\u003Cbr \u002F>\n   @%%@@@              @#%%@@@@%%@@%%%@@@%%%@  %%%%@@@%%%\u003Cbr \u002F>\n    %%%%@@@         %%%@%%@@@@%%%@@@@@@@@@@@@   @%#%@@@@@\u003Cbr \u002F>\n     @%%@@@@@@%%%%%@##%@@@@@%%%%@@@@@@@@@@@@     %%%@@@@@@\u003Cbr \u002F>\n       @@@@@@@%%#%%@%#%@@@@%%@@@@@@@@@@@@%        @@@@@@@@\u003Cbr \u002F>\n           @@@@%%@@@ %@@@@@@@@@@@@@@@@@@@@@@@@@    @@@@@%##@@\u003Cbr \u002F>\n                    @@@@@@@@@@@@@@@@@@%@@@@@@@@@@   @@@@##%@@@@\u003Cbr \u002F>\n                   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@  @@@@@@@@@@@\u003Cbr \u002F>\n                    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@     @@@@@@@@\u003C\u002Fp>\n","BuddyClients is a flexible and comprehensive platform for any service-based business. This free version includes core functionality.",221,"2025-08-05T22:16:00.000Z","6.8.5","4.9","8.0",[104,105,106,107,22],"buddypress-integration","business-tools","client-management","service-business","https:\u002F\u002Fbuddyclients.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddyclients-lite.1.0.35.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":70,"downloaded":118,"rating":70,"num_ratings":70,"last_updated":18,"tested_up_to":119,"requires_at_least":120,"requires_php":121,"tags":122,"homepage":127,"download_link":128,"security_score":11,"vuln_count":70,"unpatched_count":70,"last_vuln_date":36,"fetched_at":129},"oikko-team-management","Oikko – All-in-One Team Management","1.1.0","WP Plugin Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fwppluginstudio\u002F","\u003Cp>Oikko – All-in-One Team Management lets you manage your team efficiently with modules for chat, attendance, HR, leave, and documents.\u003C\u002Fp>\n\u003Ch3>🆓 Free Version Features\u003C\u002Fh3>\n\u003Cp>✔ User-to-user chat\u003Cbr \u002F>\n✔ Clock-in\u002Fout and time reports\u003Cbr \u002F>\n✔ Update personal profile information\u003Cbr \u002F>\n✔ Upload & manage documents\u003Cbr \u002F>\n✔ Add\u002Fedit users, assign roles & designations\u003Cbr \u002F>\n✔ Convert time zones easily\u003Cbr \u002F>\n✔ Create\u002Fedit departments & assign users\u003Cbr \u002F>\n✔ Manage designations & assign users\u003Cbr \u002F>\n✔ Create\u002Fedit shifts & assign users\u003C\u002Fp>\n\u003Ch3>💎 Pro Version Features\u003C\u002Fh3>\n\u003Cp>All Free features PLUS:\u003C\u002Fp>\n\u003Cp>⭐ \u003Cstrong>Group Chat\u003C\u002Fstrong> – Create chat groups for seamless collaboration.\u003Cbr \u002F>\n⭐ \u003Cstrong>Audio\u002FVideo Calls\u003C\u002Fstrong> – Built-in user-to-user calls for instant communication.\u003Cbr \u002F>\n⭐ \u003Cstrong>Channel Management\u003C\u002Fstrong> – Organize team discussions, assign users to channels.\u003Cbr \u002F>\n⭐ \u003Cstrong>Leave Requests\u003C\u002Fstrong> – Easy leave request creation with approval tracking.\u003Cbr \u002F>\n⭐ \u003Cstrong>Leave Management\u003C\u002Fstrong> – Full leave management with custom types and workflows.\u003Cbr \u002F>\n⭐ \u003Cstrong>Salary Management\u003C\u002Fstrong> – Assign salaries, manage payroll with full edit\u002Fdelete.\u003C\u002Fp>\n\u003Cp>🔗 \u003Cstrong>Get Pro:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwppluginstudio.net\u002Fproduct\u002Foikko-team-management\u002F\" rel=\"nofollow ugc\">Oikko Team Management Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>[oikkotm_dashboard]\u003C\u002Fcode> – Display the Plugin Frontend Dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin can optionally connect to the OpenStreetMap Nominatim API\u003Cbr \u002F>\n(https:\u002F\u002Fnominatim.openstreetmap.org) to convert coordinates into location\u003Cbr \u002F>\nnames. This feature is disabled by default and can be turned on or off anytime\u003Cbr \u002F>\nfrom the plugin settings. No personal or identifiable data is transmitted.\u003C\u002Fp>\n","Manage your team with chat, time tracking, HR tools, documents, and more.",161,"6.9.4","6.2","7.4",[123,124,125,126,22],"attendance","chat","documents","employee-management","https:\u002F\u002Fwppluginstudio.net\u002Fproduct\u002Foikko-team-management\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foikko-team-management.1.1.0.zip","2026-03-15T10:48:56.248Z",{"slug":131,"name":132,"version":54,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":70,"downloaded":137,"rating":70,"num_ratings":70,"last_updated":138,"tested_up_to":139,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":147,"download_link":148,"security_score":149,"vuln_count":70,"unpatched_count":70,"last_vuln_date":36,"fetched_at":29},"tasks-planner-by-conicplex","Tasks Planner By ConicPlex","ConicPlex","https:\u002F\u002Fprofiles.wordpress.org\u002Fconicplex\u002F","\u003Cp>Tasks Planner by Conicplex is a powerful task management plugin for WordPress that enables admins to efficiently assign tasks to editors, authors, contributors, and other team members. It helps streamline workflows, enhance collaboration, and improve productivity within your WordPress website.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Task Assignment:\u003C\u002Fstrong> Admins can easily create and assign tasks to individual team members, such as editors, authors, contributors, or any other roles, helping organize projects and distribute workloads effectively.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Team Collaboration:\u003C\u002Fstrong> Team members can view their assigned tasks, update task statuses, and leave comments. If they have any questions or require clarification, they can comment directly on the task, notifying the admin for a prompt response.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Real-Time Notifications:\u003C\u002Fstrong> When a comment is added to a task, admins receive notifications, allowing for quick communication and task resolution. Admins can also respond to comments, ensuring clarity and continuous progress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Task Filtering and Sorting:\u003C\u002Fstrong> Filter tasks by status (e.g., pending, in progress, completed) to quickly view specific tasks. Additionally, sort tasks by time, due date, or priority to keep the workflow organized and efficient.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Advanced Task Search:\u003C\u002Fstrong> Use the search box to find tasks quickly by typing in keywords or phrases, making it easy to locate tasks based on titles, descriptions, or other details.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexible Task Statuses:\u003C\u002Fstrong> Track the progress of tasks with customizable statuses, helping teams stay on top of deadlines and project milestones.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use Tasks Planner by Conicplex?\u003C\u002Fh3>\n\u003Cp>With Tasks Planner, managing your team’s tasks becomes straightforward. It simplifies assigning responsibilities, tracking progress, and communicating with team members. Whether you’re managing a content team, editorial workflow, or any other project, Tasks Planner helps you stay organized and ensures that tasks get completed on time.\u003C\u002Fp>\n\u003Cp>Take control of your team’s task management and improve your WordPress site’s productivity with Tasks Planner by Conicplex.\u003C\u002Fp>\n\u003Ch3>Credits & 3rd Party Services\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fconicplex.com\u002F\" rel=\"nofollow ugc\">ConicPlex.com\u003C\u002Fa>\u003C\u002Fstrong>: Tasks Planner by ConicPlex uses \u003Ca href=\"https:\u002F\u002Fconicplex.com\u002F\" rel=\"nofollow ugc\">ConicPlex\u003C\u002Fa> (own website) to store plugin insights. Whenever the plugin is activated, deactivated, or uninstalled, an API request is sent to Conicplex to record the action. The API request includes the action, site URL, admin email, plugin version, plugin name, plugin text domain, WordPress version, site language, and site timezone. \u003Ca href=\"https:\u002F\u002Fconicplex.com\u002Fabout\u002F\" rel=\"nofollow ugc\">Terms & Policies\u003C\u002Fa>\u003C\u002Fp>\n","Tasks Planner by Conicplex helps admins efficiently assign tasks to editors, authors, contributors, and other team members.",577,"2025-01-02T11:53:00.000Z","6.7.5","5.2","7.0",[143,144,145,22,146],"project-management","task-assignment","task-management","to-do-list","https:\u002F\u002Fconicplex.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftasks-planner-by-conicplex.1.0.0.zip",92,{"attackSurface":151,"codeSignals":249,"taintFlows":277,"riskAssessment":278,"analyzedAt":288},{"hooks":152,"ajaxHandlers":228,"restRoutes":233,"shortcodes":234,"cronEvents":247,"entryPointCount":248,"unprotectedCount":27},[153,159,163,167,170,174,178,182,186,189,192,196,200,203,206,209,212,215,218,222,226],{"type":154,"name":155,"callback":156,"file":157,"line":158},"action","init","register_style","custom-team-manager.php",18,{"type":154,"name":160,"callback":161,"file":157,"line":162},"wp_enqueue_scripts","enqueue_style",24,{"type":154,"name":164,"callback":165,"file":157,"line":166},"admin_enqueue_scripts","cmt_wp_admin_style",35,{"type":154,"name":164,"callback":168,"file":157,"line":169},"cmt_wp_admin_js",43,{"type":154,"name":171,"callback":172,"file":157,"line":173},"admin_init","cmt_pto_init",115,{"type":154,"name":175,"callback":176,"file":157,"line":177},"admin_notices","cmt_admin_notice",122,{"type":154,"name":155,"callback":179,"file":180,"line":181},"cmt_team_manager","inc\\functions.php",46,{"type":154,"name":183,"callback":184,"file":180,"line":185},"admin_menu","register_cmt_options_page",50,{"type":154,"name":171,"callback":187,"file":180,"line":188},"register_cmtsettings",56,{"type":154,"name":171,"callback":190,"file":180,"line":191},"cmt_admin_scripts",201,{"type":154,"name":193,"callback":194,"file":180,"line":195},"add_meta_boxes","cmt_member_role_box",240,{"type":154,"name":197,"callback":198,"file":180,"line":199},"save_post","cmt_member_role_box_save",271,{"type":154,"name":193,"callback":201,"file":180,"line":202},"cmt_member_facebook_box",289,{"type":154,"name":197,"callback":204,"file":180,"line":205},"cmt_member_facebook_box_save",308,{"type":154,"name":193,"callback":207,"file":180,"line":208},"cmt_member_twitter_box",328,{"type":154,"name":197,"callback":210,"file":180,"line":211},"cmt_member_twitter_box_save",347,{"type":154,"name":193,"callback":213,"file":180,"line":214},"cmt_member_linkedin_box",366,{"type":154,"name":197,"callback":216,"file":180,"line":217},"cmt_member_linkedin_box_save",385,{"type":154,"name":219,"callback":220,"priority":11,"file":180,"line":221},"wp_head","cmt_add_custom_css",433,{"type":154,"name":155,"callback":223,"file":224,"line":225},"register_shortcodes","inc\\shortcodes.php",165,{"type":154,"name":155,"callback":227,"file":224,"line":199},"register_shortcodes_members_profile",[229],{"action":230,"nopriv":231,"callback":230,"hasNonce":231,"hasCapCheck":231,"file":157,"line":232},"cmt_hide_notice",false,126,[],[235,239,243],{"tag":236,"callback":237,"file":224,"line":238},"team-members","ibn_custom_team_members",163,{"tag":240,"callback":241,"file":224,"line":242},"team-members-profile","ibn_custom_team_members_profile",269,{"tag":244,"callback":245,"file":224,"line":246},"cmt-content","cmt_content_func",277,[],4,{"dangerousFunctions":250,"sqlUsage":251,"outputEscaping":253,"fileOperations":70,"externalRequests":70,"nonceChecks":27,"capabilityChecks":275,"bundledLibraries":276},[],{"prepared":70,"raw":70,"locations":252},[],{"escaped":254,"rawEcho":62,"locations":255},6,[256,259,261,263,265,267,269,271,273],{"file":180,"line":257,"context":258},113,"raw output",{"file":180,"line":260,"context":258},159,{"file":180,"line":262,"context":258},173,{"file":180,"line":264,"context":258},215,{"file":180,"line":266,"context":258},267,{"file":180,"line":268,"context":258},305,{"file":180,"line":270,"context":258},344,{"file":180,"line":272,"context":258},382,{"file":180,"line":274,"context":258},431,8,[],[],{"summary":279,"deductions":280},"The \"custom-team-manager\" v2.4.2 plugin exhibits a mixed security posture. While it shows good practices like using prepared statements for all SQL queries and having a reasonable number of capability checks, there are significant concerns.  The presence of an unprotected AJAX handler represents a critical entry point that could be exploited without authentication. Furthermore, the output escaping is only at 40%, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities where user-supplied data might not be properly sanitized before being displayed to other users. The plugin's vulnerability history, with one unpatched medium severity CVE for XSS, reinforces these concerns and suggests a pattern of security weaknesses.\n\nWhile the absence of dangerous functions, file operations, and external HTTP requests is positive, the critical unsecured AJAX endpoint and the low output escaping rate are major red flags. The existence of an unpatched medium severity XSS vulnerability in its history, coupled with the code analysis revealing poor output escaping, strongly suggests that a similar vulnerability could still be present or easily introduced. The plugin has a relatively small attack surface, but the lack of security around one of its entry points significantly elevates the risk. A cautious approach is recommended, prioritizing updates and careful monitoring for further issues.",[281,283,285],{"reason":282,"points":275},"Unprotected AJAX handler",{"reason":284,"points":254},"Low output escaping rate (40%)",{"reason":286,"points":287},"Unpatched medium severity CVE",15,"2026-03-16T20:37:23.196Z",{"wat":290,"direct":301},{"assetPaths":291,"generatorPatterns":295,"scriptPaths":296,"versionParams":297},[292,293,294],"\u002Fwp-content\u002Fplugins\u002Fcustom-team-manager\u002Fcss\u002Fstylesheet.css","\u002Fwp-content\u002Fplugins\u002Fcustom-team-manager\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fcustom-team-manager\u002Fjs\u002Fcmt-options.js",[],[294],[298,299,300],"custom-team-manager\u002Fcss\u002Fstylesheet.css?ver=","custom-team-manager\u002Fcss\u002Fadmin-style.css?ver=","custom-team-manager\u002Fjs\u002Fcmt-options.js?ver=",{"cssClasses":302,"htmlComments":304,"htmlAttributes":305,"restEndpoints":313,"jsGlobals":314,"shortcodeOutput":315},[303],"cmt-links",[],[306,307,308,309,310,311,312],"name=\"cmt_mem_per_page\"","name=\"cmt_ajax_load\"","name=\"cmt_custom_css\"","name=\"cmt_single_page\"","name=\"cmt_profile_page\"","name=\"cmt_show_gridview\"","name=\"cmt_mem_pro_page_slug\"",[],[],[316,317],"[team-members]","[team-members-profile]"]