[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fr9DsvV5XDjgvnY5sZdy6tnCIC37X_dBnxJQZ3kOWBo0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":75,"crawl_stats":37,"alternatives":82,"analysis":185,"fingerprints":285},"customizer-export-import","Customizer Export\u002FImport","0.9.8","Beaver Builder","https:\u002F\u002Fprofiles.wordpress.org\u002Fbeaverbuilder\u002F","\u003Ch4>Customizer Export\u002FImport\u003C\u002Fh4>\n\u003Cp>The Customizer Export\u002FImport plugin allows you to export or import your WordPress customizer settings from directly within the customizer interface! If your theme makes use of the WordPress customizer for its settings, this plugin is for you!\u003C\u002Fp>\n\u003Cp>Please visit our blog for more info on the \u003Ca href=\"https:\u002F\u002Fwww.wpbeaverbuilder.com\u002Fwordpress-customizer-export-import-plugin\u002F?utm_source=external&utm_medium=wp-repo&utm_campaign=customizer-export-description\" rel=\"nofollow ugc\">Customizer Export\u002FImport plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>New! Export Options\u003C\u002Fh4>\n\u003Cp>The Customizer Export\u002FImport plugin previously only exported options saved as theme mods using the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_theme_mods\" rel=\"nofollow ugc\">get_theme_mods\u003C\u002Fa> function, but that is no more! The Customizer Export\u002FImport plugin now exports settings saved as options as well!\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>Exporting customizer settings is easy. Click the export button from within the customizer and a file will automatically begin downloading with your settings. Export files are named after your theme and can only be used to import settings for the theme or child theme that they came from. Export files contain a serialized dump of mods retrieved using the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_theme_mods\" rel=\"nofollow ugc\">get_theme_mods\u003C\u002Fa> function or customizer settings saved as options.\u003C\u002Fp>\n\u003Cp>Importing customizer settings is just as easy. Choose the export file you would like to import, select whether you would like to download and import images (similar to importing posts), and finally, click the import button. Once your settings have been imported the page will refresh and your new design will be displayed.\u003C\u002Fp>\n\u003Ch4>Exporting Custom Options\u003C\u002Fh4>\n\u003Cp>Developers can also have arbitrary options that aren’t part of the customizer exported by using the cei_export_option_keys filter. Those options can be exported and imported by adding your option key to the array of options that will be exported as shown below.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_export_option_keys( $keys ) {\n    $keys[] = 'my_option_key';\n    $keys[] = 'another_option_key';\n    return $keys;\n}\n\nadd_filter( 'cei_export_option_keys', 'my_export_option_keys' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Known Issues\u003C\u002Fh4>\n\u003Cp>This plugin currently only works for active themes, not themes that are being previewed with either the Theme Test Drive plugin or the new customizer theme preview.\u003C\u002Fp>\n\u003Ch4>Contribute!\u003C\u002Fh4>\n\u003Cp>We’d love to hear your feedback as to how we could improve the Customizer Export\u002FImport plugin, or better yet, see theme developers actively contribute! Don’t hesitate to let us know if you’re interested in contributing as we would gladly have others on board.\u003C\u002Fp>\n\u003Cp>The Customizer Export\u002FImport plugin is brought to you by the fine folks at \u003Ca href=\"https:\u002F\u002Fwww.wpbeaverbuilder.com\u002F?utm_source=external&utm_medium=wp-repo&utm_campaign=customizer-export-description\" rel=\"nofollow ugc\">Beaver Builder\u003C\u002Fa>.\u003C\u002Fp>\n","Easily export or import your WordPress customizer settings!",100000,2778794,96,114,"2026-01-14T15:16:00.000Z","6.9.4","3.6","",[20,21,22,23,24],"customizer","customizer-export","customizer-import","export","import","https:\u002F\u002Fwww.wpbeaverbuilder.com\u002Fwordpress-customizer-export-import-plugin\u002F?utm_source=external&utm_medium=customizer-export&utm_campaign=plugins-page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomizer-export-import.0.9.8.zip",3,0,"2024-09-06 00:00:00","2026-03-15T15:16:48.613Z",[32,48,64],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-7620","customizer-exportimport-authenticated-admin-arbitrary-file-upload-via-customization-settings-import","Customizer Export\u002FImport \u003C= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import","The Customizer Export\u002FImport plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: This vulnerability is only exploitable when used in conjunction with a race condition as the uploaded file is deleted shortly after it is created.",null,"\u003C=0.9.7","0.9.7.1","medium",6.6,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2024-09-07 11:17:05",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7600e7df-725d-4877-b0bf-5329f814723f?source=api-prod",1,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2023-1347","customizer-exportimport-authenticated-administrator-php-object-injection-2","Customizer Export\u002FImport \u003C= 0.9.5 - Authenticated (Administrator+) PHP Object Injection","The Customizer Export\u002FImport for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.9.5  via deserialization of untrusted input from an imported file. This allows administrator-level attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","\u003C=0.9.5","0.9.6","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2023-04-25 00:00:00","2024-01-22 19:56:02",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdd7312ec-9654-4ddc-aec6-71c7e684fac0?source=api-prod",273,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":37,"affected_versions":69,"patched_in_version":70,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":71,"updated_date":60,"references":72,"days_to_patch":74},"CVE-2022-3380","customizer-exportimport-authenticated-administrator-php-object-injection","Customizer Export\u002FImport \u003C= 0.9.4 - Authenticated (Administrator+) PHP Object Injection","The Customizer Export\u002FImport for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 0.9.4  via deserialization of untrusted input from an imported file. This allows administrator-level attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.","\u003C=0.9.4","0.9.5","2022-10-10 00:00:00",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F72fadfa8-4b53-4661-8b6c-69cdb79d3fd7?source=api-prod",470,{"slug":76,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":77,"avg_security_score":78,"avg_patch_time_days":79,"trust_score":80,"computed_at":81},"beaverbuilder",204000,93,204,74,"2026-04-03T21:27:58.894Z",[83,102,119,144,167],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":100,"download_link":101,"security_score":93,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"customizer-reset","Customizer Reset – Export & Import","1.4.1","David Vongries","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidvongries\u002F","\u003Cp>Reset, export, and import your WordPress Customizer settings with just one click of a button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Reset Customizer settings\u003C\u002Fli>\n\u003Cli>Export Customizer settings\u003C\u002Fli>\n\u003Cli>Import Customizer settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Reset the WordPress Customizer\u003C\u002Fh4>\n\u003Cp>You have made changes in the Customizer and want to start fresh without undoing each setting individually? We’ve got you covered! Reset the WordPress Customizer with a simple click of a button.\u003C\u002Fp>\n\u003Ch4>Export & import Customizer settings\u003C\u002Fh4>\n\u003Cp>Take a snapshot and export your Customizer settings with just a click.\u003C\u002Fp>\n\u003Cp>The Customizer Reset plugin allows you to take a snapshot and export\u002Fimport your settings from directly within the WordPress Customizer. This can be useful if you want to migrate your Customizer settings to a different WordPress installation or child-theme.\u003C\u002Fp>\n\u003Ch4>Compatible Themes\u003C\u002Fh4>\n\u003Cp>This plugin should work with all WordPress themes out of the box.\u003Cbr \u002F>\nIt was initally created as a helper plugin for the \u003Ca href=\"https:\u002F\u002Fwp-pagebuilderframework.com\u002F\" rel=\"nofollow ugc\">Page Builder Framework\u003C\u002Fa> theme. A fast & minimalistic WordPress theme designed for the new WordPress era.\u003C\u002Fp>\n\u003Ch3>What’s next?\u003C\u002Fh3>\n\u003Cp>If you like Customizer Reset – Export & Import, make sure to check out our other products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-pagebuilderframework.com\u002F?utm_source=customizer_reset&utm_medium=repository&utm_campaign=wpbf\" rel=\"nofollow ugc\">Page Builder Framework\u003C\u002Fa>\u003C\u002Fstrong> – A fast & minimalistic WordPress theme designed for the new WordPress era.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fultimatedashboard.io\u002F?utm_source=customizer_reset&utm_medium=repository&utm_campaign=udb\" rel=\"nofollow ugc\">Ultimate Dashboard\u003C\u002Fa>\u003C\u002Fstrong> – The #1 WordPress plugin to customize your WordPress dashboard and admin area.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbetteradminbar.com\u002F?utm_source=customizer_reset&utm_medium=repository&utm_campaign=bab\" rel=\"nofollow ugc\">Better Admin Bar\u003C\u002Fa>\u003C\u002Fstrong> – The plugin to make your clients enjoy WordPress. It replaces the default admin bar to provide the best possible user experience when editing & navigating a website.\u003C\u002Fli>\n\u003C\u002Ful>\n","Reset, export, and import your WordPress Customizer settings with just one click of a button.",1000,28751,100,8,"2025-11-03T09:05:00.000Z","6.8.5","4.0",[20,21,22,84,99],"reset","https:\u002F\u002Fwp-pagebuilderframework.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomizer-reset.1.4.1.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":28,"downloaded":110,"rating":28,"num_ratings":28,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":116,"download_link":117,"security_score":118,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"customizer-ex","Customizer EX","1.0","keksus","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeksus\u002F","\u003Cp>This plugin allows you easily export and import Customizer settings.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>To make export\u002Fimport go to Settings – Customizer EX page.\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>After activation current customizer settings will be saved at file theme_mods_themename.txt in ‘\u002Fwp-content\u002Fuploads\u002F’ directory.\u003C\u002Fp>\n\u003Ch3>Errors\u003C\u002Fh3>\n\u003Cp>If after file upload and import you see message ‘Error import data!’ check your file permissions. It must be 0755.\u003C\u002Fp>\n","Simple Export and Import Customizer settings",1128,"2021-02-21T10:15:00.000Z","5.6.17","4.1","5.3",[20,21,22,23,24],"http:\u002F\u002Fkeksus.com\u002Fsimple-customizer-export-import-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomizer-ex.zip",85,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":140,"download_link":141,"security_score":142,"vuln_count":47,"unpatched_count":28,"last_vuln_date":143,"fetched_at":30},"advanced-import","Advanced Import: One-Click Demo Import for WordPress","1.4.5","AddonsPress","https:\u002F\u002Fprofiles.wordpress.org\u002Faddonspress\u002F","\u003Cp>Import Data or Demo Content which is exported by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-export\u002F\" rel=\"ugc\">Advanced Export\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Advanced Import is the ultimate solution for WordPress theme and plugin developers who want to provide a seamless demo import experience for their users. With a simple one-click interface, it allows users to import demo content, widgets, customizer settings, and even Gutenberg block data effortlessly.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-Click Demo Import:\u003C\u002Fstrong> Easily import all demo content with a single click.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizer Settings Import:\u003C\u002Fstrong> Retain your theme’s look and feel by importing customizer settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Data Import:\u003C\u002Fstrong> Quickly set up widgets to match your demo layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg Blocks Import:\u003C\u002Fstrong> Import block-based content for modern themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Files Import:\u003C\u002Fstrong> Seamlessly upload and integrate demo media.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Friendly Hooks:\u003C\u002Fstrong> Extend or customize the import process with available actions and filters.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Use Advanced Import?\u003C\u002Fh3>\n\u003Cp>Whether you’re a theme developer offering demo content or a user setting up a site, Advanced Import makes the process hassle-free. It saves time, reduces manual setup effort, and ensures consistency between demo and live sites.\u003C\u002Fp>\n\u003Ch3>Features for Theme Author\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Code\u002FPlugin example available\u003C\u002Fli>\n\u003Cli>Support for the premium version or premium plugin of the free theme\u003C\u002Fli>\n\u003Cli>Install separate dependent plugin\u002Fs for each demo starter package of the theme\u003C\u002Fli>\n\u003Cli>Categorized available demo import starter package to type and categories\u003C\u002Fli>\n\u003Cli>Search filter keywords for demo starter packages\u003C\u002Fli>\n\u003Cli>Sufficient hooks to customize the plugin design and functionality\u003C\u002Fli>\n\u003Cli>Add demo URL\u003C\u002Fli>\n\u003Cli>Add pro URL\u003C\u002Fli>\n\u003Cli>Better experience for the user\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Dashboard Location\u003C\u002Fh3>\n\u003Ch4>Theme Demo Import Screen\u003C\u002Fh4>\n\u003Cp>Dashboard -> Appearance -> Demo Import\u003C\u002Fp>\n\u003Ch4>Zip File Import Screen\u003C\u002Fh4>\n\u003Cp>Dashboard -> Tool -> Advanced Import\u003C\u002Fp>\n","Advanced Import simplifies importing demo data for WordPress sites, enabling users to import posts, pages, media, widgets, customizer settings, and Gu &hellip;",90000,1682950,88,7,"2025-01-14T16:13:00.000Z","6.7.5","5.0","5.6.20",[22,136,137,138,139],"demo-import","gutenberg-import","theme-import","widget-import","https:\u002F\u002Faddonspress.com\u002Fitem\u002Fadvanced-import","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-import.1.4.5.zip",91,"2022-11-14 00:00:00",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":152,"downloaded":153,"rating":154,"num_ratings":155,"last_updated":156,"tested_up_to":16,"requires_at_least":157,"requires_php":158,"tags":159,"homepage":164,"download_link":165,"security_score":93,"vuln_count":47,"unpatched_count":28,"last_vuln_date":166,"fetched_at":30},"astra-import-export","Import \u002F Export Customizer Settings","1.1.0","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>Astra theme customizer offers several settings for header\u002Ffooter layout, sidebar and blog designs, colors, backgrounds, typography and much more. You need to tweak the number of settings to make your site look flawless. These settings can be moved to other Astra sites easily with Import \u002F Export Customizer Settings plugin. It will save repetitive work to arrange all customizer settings for each new Astra site or while moving the site from local to live.\u003C\u002Fp>\n\u003Cp>It is an easy-to-use plugin for the Astra theme that lets you import-export customizer settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This Import\u002FExport plugin is created only for the \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002F?utm_source=wp-repo&utm_campaign=home-page-banner-for-astra-theme&utm_medium=description\" rel=\"nofollow ugc\">Astra theme\u003C\u002Fa>. You should have the Astra theme installed and activated on your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbsf.io\u002Fastra-import-export-demo\" rel=\"nofollow ugc\">Try it out on a free dummy site\u003C\u002Fa>\u003C\u002Fp>\n","Astra theme customizer offers several settings for header\u002Ffooter layout, sidebar and blog designs, colors, backgrounds, typography and much more.",50000,1008491,94,6,"2025-12-01T09:46:00.000Z","4.4","5.4",[160,161,24,162,163],"astra-addons-export","customizer-settings","settings","theme-settings","https:\u002F\u002Fwpastra.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastra-import-export.1.1.0.zip","2020-09-16 00:00:00",{"slug":168,"name":169,"version":170,"author":171,"author_profile":172,"description":173,"short_description":174,"active_installs":175,"downloaded":176,"rating":129,"num_ratings":177,"last_updated":178,"tested_up_to":16,"requires_at_least":179,"requires_php":180,"tags":181,"homepage":183,"download_link":184,"security_score":93,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"customizer-reset-by-wpzoom","Customizer Backup & Reset","2.0.3","WPZOOM","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpzoom\u002F","\u003Cp>Reset theme customizations made via WordPress Customizer with enhanced safety features. Works with 99% of themes, including \u003Ca href=\"https:\u002F\u002Fwww.wpzoom.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">WPZOOM themes\u003C\u002Fa> and popular themes like \u003Cstrong>Inspiro\u003C\u002Fstrong>, \u003Cstrong>Divi\u003C\u002Fstrong>, \u003Cstrong>Astra\u003C\u002Fstrong>, \u003Cstrong>GeneratePress\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This plugin removes all theme modifications that are registered via Customizer API, with the added safety of backup, export, and import capabilities.\u003C\u002Fp>\n\u003Cp>Works with all themes and plugins that use \u003Cstrong>theme_mod\u003C\u002Fstrong> settings type for storing modifications.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Please keep in mind that some themes uses different method to save customizer settings, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcustomizer-reset-by-wpzoom\u002F\" rel=\"ugc\">let us know\u003C\u002Fa> if this plugin isn’t compatible with your theme.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>📌 What’s new in version 2.0.?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> Redesigned UI & New Customizer Section\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> Import\u002FExport Settings – Dual format support (JSON and DAT)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> Additional CSS Support – Optional reset checkbox and included in all exports\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> Backup & Reset – Automatically create a backup before resetting (5 rotating backups)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> Backup History – View and restore from the last 5 backups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW:\u003C\u002Fstrong> GeneratePress Theme compatibility – Including dynamic CSS cache clearing\u003C\u002Fli>\n\u003Cli>Improved UX with customizer section panel and inline notifications\u003C\u002Fli>\n\u003Cli>Added translation support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Get Involved\u003C\u002Fh3>\n\u003Cp>Looking to contribute code to this plugin? Go ahead and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpzoom\u002Fcustomizer-reset\" rel=\"nofollow ugc\">fork the repository over at GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>🙌 FOLLOW US\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🐦 \u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpzoom\" rel=\"nofollow ugc\">X\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>📘 \u003Ca href=\"https:\u002F\u002Ffacebook.com\u002Fwpzoom\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>📘 \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpzoom\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>🌄 \u003Ca href=\"https:\u002F\u002Finstagram.com\u002Fwpzoom\" rel=\"nofollow ugc\">Instagram\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Reset theme customizations made via WordPress Customizer with backup, export, and import features.",8000,179138,14,"2025-12-05T10:02:00.000Z","6.4","7.4",[182,20,84,23,24],"backup","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustomizer-reset\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomizer-reset-by-wpzoom.2.0.3.zip",{"attackSurface":186,"codeSignals":214,"taintFlows":233,"riskAssessment":270,"analyzedAt":284},{"hooks":187,"ajaxHandlers":210,"restRoutes":211,"shortcodes":212,"cronEvents":213,"entryPointCount":28,"unprotectedCount":28},[188,194,198,202,207],{"type":189,"name":190,"callback":191,"file":192,"line":193},"action","plugins_loaded","CEI_Core::load_plugin_textdomain","customizer-export-import.php",21,{"type":189,"name":195,"callback":196,"file":192,"line":197},"customize_controls_print_scripts","CEI_Core::controls_print_scripts",22,{"type":189,"name":199,"callback":200,"file":192,"line":201},"customize_controls_enqueue_scripts","CEI_Core::controls_enqueue_scripts",23,{"type":189,"name":203,"callback":204,"priority":205,"file":192,"line":206},"customize_register","CEI_Core::init",999999,24,{"type":189,"name":203,"callback":208,"file":192,"line":209},"CEI_Core::register",25,[],[],[],[],{"dangerousFunctions":215,"sqlUsage":221,"outputEscaping":223,"fileOperations":231,"externalRequests":28,"nonceChecks":224,"capabilityChecks":224,"bundledLibraries":232},[216],{"fn":217,"file":218,"line":219,"context":220},"unserialize","classes\\class-cei-core.php",294,"$data = @unserialize( trim( $raw ), array( 'allowed_classes' => false ) );",{"prepared":28,"raw":28,"locations":222},[],{"escaped":47,"rawEcho":224,"locations":225},2,[226,229],{"file":218,"line":227,"context":228},80,"raw output",{"file":218,"line":230,"context":228},227,4,[],[234,259],{"entryPoint":235,"graph":236,"unsanitizedCount":28,"severity":258},"_import (classes\\class-cei-core.php:243)",{"nodes":237,"edges":254},[238,243,249,251],{"id":239,"type":240,"label":241,"file":218,"line":242},"n0","source","$_FILES",279,{"id":244,"type":245,"label":246,"file":218,"line":247,"wp_function":248},"n1","sink","file_get_contents() [SSRF\u002FLFI]",293,"file_get_contents",{"id":250,"type":240,"label":241,"file":218,"line":242},"n2",{"id":252,"type":245,"label":253,"file":218,"line":219,"wp_function":217},"n3","unserialize() [Object Injection]",[255,257],{"from":239,"to":244,"sanitized":256},true,{"from":250,"to":252,"sanitized":256},"low",{"entryPoint":260,"graph":261,"unsanitizedCount":28,"severity":258},"\u003Cclass-cei-core> (classes\\class-cei-core.php:0)",{"nodes":262,"edges":267},[263,264,265,266],{"id":239,"type":240,"label":241,"file":218,"line":242},{"id":244,"type":245,"label":246,"file":218,"line":247,"wp_function":248},{"id":250,"type":240,"label":241,"file":218,"line":242},{"id":252,"type":245,"label":253,"file":218,"line":219,"wp_function":217},[268,269],{"from":239,"to":244,"sanitized":256},{"from":250,"to":252,"sanitized":256},{"summary":271,"deductions":272},"The customizer-export-import plugin, version 0.9.8, exhibits a mixed security posture. While it demonstrates good practices by exclusively using prepared statements for SQL queries and includes two nonce and capability checks, several areas raise concerns. The presence of the `unserialize` function is a significant red flag, as deserialization of untrusted data can lead to remote code execution if not handled with extreme care and validation. Furthermore, only 33% of output is properly escaped, indicating a potential for cross-site scripting (XSS) vulnerabilities where user-controlled data might be outputted without sufficient sanitization.\n\nThe plugin's vulnerability history is particularly worrying. With three known CVEs, including two high and one medium severity, and a recent vulnerability dated 2024-09-06, it suggests a pattern of introducing security flaws. The common vulnerability types of Unrestricted Upload of File with Dangerous Type and Deserialization of Untrusted Data directly align with the static analysis finding of `unserialize`, further validating these concerns. The fact that there are currently no unpatched CVEs is a positive sign, but the historical pattern necessitates vigilance.\n\nIn conclusion, while the plugin has some strengths like robust SQL handling, the combination of a dangerous function (`unserialize`), poor output escaping, and a history of significant vulnerabilities, especially those related to deserialization and file uploads, points to a moderately high risk. Users should be cautious and ensure the plugin is always updated to the latest version when available to mitigate these risks.",[273,276,278,281],{"reason":274,"points":275},"Dangerous function unserialize found",15,{"reason":277,"points":155},"Low percentage of output properly escaped",{"reason":279,"points":280},"Multiple high\u002Fmedium severity CVEs historically",20,{"reason":282,"points":283},"Recent vulnerability history",10,"2026-03-16T17:04:52.437Z",{"wat":286,"direct":295},{"assetPaths":287,"generatorPatterns":290,"scriptPaths":291,"versionParams":292},[288,289],"\u002Fwp-content\u002Fplugins\u002Fcustomizer-export-import\u002Fcss\u002Fcustomizer.css","\u002Fwp-content\u002Fplugins\u002Fcustomizer-export-import\u002Fjs\u002Fcustomizer.js",[],[289],[293,294],"customizer-export-import\u002Fcss\u002Fcustomizer.css?ver=","customizer-export-import\u002Fjs\u002Fcustomizer.js?ver=",{"cssClasses":296,"htmlComments":298,"htmlAttributes":299,"restEndpoints":301,"jsGlobals":302,"shortcodeOutput":305},[297],"cei-description",[],[300],"data-customize-setting-link",[],[303,304],"CEIl10n","CEIConfig",[]]