[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsmAzOkSoj1KI77lUJ5Vs3izALGbqxA-9bCpOT7hSeP8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":52,"analysis":163,"fingerprints":224},"dashboard-notepad","Dashboard Notepad","1.42","Stephanie Leary","https:\u002F\u002Fprofiles.wordpress.org\u002Fsillybean\u002F","\u003Cp>This dashboard widget provides a simple notepad. The widget settings allow you to choose which roles can edit the notes, and which roles can merely read them. Version 1.30 also adds support for custom roles and integrates with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmembers\u002F\" rel=\"ugc\">Members plugin\u003C\u002Fa> for role settings.\u003C\u002Fp>\n\u003Cp>You can display the contents of your notepad using a template tag and\u002For shortcode. The widget permissions apply to these tags as well: only users with permission to read the notes will see the notes on the front end. You can use \u003Ccode>div#dashboard-notes\u003C\u002Fcode> in your theme’s CSS file to style the notes.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Belorussian (be_BY) by \u003Ca href=\"http:\u002F\u002Ffatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Bulgarian (bg_BG) by \u003Ca href=\"http:\u002F\u002Fwww.siteground.com\u002F\" rel=\"nofollow ugc\">SiteGround\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) by Axel Vanderhaeghen\u003C\u002Fli>\n\u003Cli>German (de_DE) by Guido Kerkewitz\u003C\u002Fli>\n\u003Cli>Italian (it_IT) translation by Francesco Bevivino\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) by Web Hosting Geeks (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Web\u003Cbr \u002F>\nGeek Sciense\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Swedish (se_SV) by \u003Ca href=\"http:\u002F\u002Fwww.rabatt.se\" rel=\"nofollow ugc\">Rabatt\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ukranian (uk_UA) by \u003Ca href=\"http:\u002F\u002Fgetvoip.com\u002Fblog\" rel=\"nofollow ugc\">Michael Yunat\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you would like to send me a translation, please write to me through \u003Ca href=\"http:\u002F\u002Fsillybean.net\u002Fabout\u002Fcontact\u002F\" rel=\"nofollow ugc\">my contact page\u003C\u002Fa>. Let me know which plugin you’ve translated and how you would like to be credited. I will write you back so you can attach the files in your reply.\u003C\u002Fp>\n","The very simplest of notepads for your Dashboard.",10000,92629,92,12,"2017-11-28T13:39:00.000Z","4.1.42","2.8","",[20,21,22],"dashboard","notes","widget","http:\u002F\u002Fsillybean.net\u002Fcode\u002Fwordpress\u002Fdashboard-notepad\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-notepad.1.42.zip",63,1,"2025-09-22 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-57927","dashboard-notepad-cross-site-request-forgery","Dashboard Notepad \u003C= 1.42 - Cross-Site Request Forgery","The Dashboard Notepad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.42. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.42","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-09-26 14:23:23",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F76d10adf-5a17-49af-8ce3-f0714e8c2da6?source=api-prod",{"slug":45,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},"sillybean",16,17260,84,2856,68,"2026-04-03T21:13:24.372Z",[53,77,94,118,141],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":72,"download_link":73,"security_score":63,"vuln_count":74,"unpatched_count":75,"last_vuln_date":76,"fetched_at":28},"dashboard-widgets-suite","Dashboard Widgets Suite","3.5","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>1 Plugin. 9 Widgets. Awesome Dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cem>Add new widgets to your WordPress Dashboard. Streamline your workflow and optimize productivity.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Widgets\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides awesome widgets that you can add to your Dashboard with a click:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Control Panel\u003C\u002Fstrong> – Control widgets directly from the Dashboard\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Notes\u003C\u002Fstrong>    – Add, edit, delete notes for any user role\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed Box\u003C\u002Fstrong>      – Display and customize any RSS Feed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Box\u003C\u002Fstrong>    – Display social links from Twitter, Facebook, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Box\u003C\u002Fstrong>      – Display custom lists created via the Menu screen\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Box\u003C\u002Fstrong>    – Display any theme or WP widget (e.g., Search, Text)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Info\u003C\u002Fstrong>   – Display basic or advanced system information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Log\u003C\u002Fstrong>     – Display, customize, reset your WP debug log\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP Error Log\u003C\u002Fstrong> – Display, customize, reset your server error log\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Each widget includes its own set of options for customizing display 🙂\u003C\u002Fp>\n\u003Cp>The notes widget is super awesome, designed for serious note takers. You can choose from 3 note formats: Text, HTML, or Code. Check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002F#installation\" rel=\"ugc\">Installation\u003C\u002Fa> for more about the User Notes Widget.\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a widget!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite provides a slick set of useful Dashboard widgets with some great features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Includes 9 awesome Dashboard widgets\u003C\u002Fli>\n\u003Cli>Easy to set up and customize options\u003C\u002Fli>\n\u003Cli>Regularly updated and “future proof”\u003C\u002Fli>\n\u003Cli>Secure, clean, error-free code\u003C\u002Fli>\n\u003Cli>Built with the WordPress API\u003C\u002Fli>\n\u003Cli>Lightweight, fast and flexible\u003C\u002Fli>\n\u003Cli>Focused on performance, loads only enabled widgets\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable widgets via Dashboard or plugin settings\u003C\u002Fli>\n\u003Cli>Option to restore 1-column display for the Dashboard\u003C\u002Fli>\n\u003Cli>Shortcodes to display widgets on the frontend\u003C\u002Fli>\n\u003Cli>Many options for customizing widget display\u003C\u002Fli>\n\u003Cli>Works perfectly with or without Gutenberg\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-widgets-suite\u002Fscreenshots\u002F\" rel=\"ugc\">Check out the Screenshots\u003C\u002Fa> for more details!\u003C\u002Fp>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">Suggest a feature!\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Dashboard Widgets Suite is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Adds 9 awesome widgets to your WP Dashboard. Includes User Notes, Social Buttons, System Info, Debug\u002FError Logs, and more!",4000,152523,98,36,"2026-01-28T20:06:00.000Z","6.9.4","4.7","5.6.20",[20,70,71,21,22],"debug","log","https:\u002F\u002Fperishablepress.com\u002Fdashboard-widgets-suite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-widgets-suite.3.5.zip",3,0,"2024-06-12 19:49:38",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":75,"downloaded":85,"rating":75,"num_ratings":75,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":18,"download_link":93,"security_score":13,"vuln_count":75,"unpatched_count":75,"last_vuln_date":35,"fetched_at":28},"dashboard-scratch-pad","Dashboard Scratch Pad","1.0.0","Andrew Mead","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewmead\u002F","\u003Cp>A plugin that adds a scratch pad to your dashboard\u003C\u002Fp>\n","A plugin that adds a scratch pad to your dashboard",763,"2024-06-25T14:54:00.000Z","6.5.8","5.5","7.3.29",[91,21,92],"dashboard-widgets","widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-scratch-pad.1.0.0.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":66,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":114,"download_link":115,"security_score":116,"vuln_count":26,"unpatched_count":75,"last_vuln_date":117,"fetched_at":28},"dashboard-welcome-for-elementor","Dashboard Welcome for Elementor","1.0.10","IdeaBox Creations","https:\u002F\u002Fprofiles.wordpress.org\u002Fideaboxcreations\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=repo-homepage-link\" title=\"PowerPack Elements\" rel=\"nofollow ugc\">Dashboard Welcome by PowerPack Elements\u003C\u002Fa> gives you full control over the WordPress welcome panel using Elementor. You can personalize the dashboard with content and design built with Elementor. You can add heading, contact information, form, video, images, affiliate links, etc.\u003C\u002Fp>\n\u003Cp>PLUS, you can display a template as per the user role.\u003C\u002Fp>\n\u003Ch4>How this works?\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F2wG1Jb0B7T4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a layout with Elementor.\u003C\u002Fli>\n\u003Cli>Go to plugin settings and select the layout from dropdown for any user role.\u003C\u002Fli>\n\u003Cli>Save the setting. Done!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Our other Elementor addons\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpowerpackelements.com\u002F?utm_medium=dashboard-welcome&utm_source=repo-readme&utm_campaign=powerpack-elementor\" title=\"PowerPack for Elementor\" rel=\"nofollow ugc\">PowerPack for Elementor\u003C\u002Fa> – Extend Elementor with 50+ Creative Widgets and build beautiful websites.\u003C\u002Fp>\n","Replaces the default WordPress dashboard welcome panel with custom designed Elementor template.",20000,152714,82,23,"2026-02-23T15:38:00.000Z","6.3","7.4",[20,110,111,112,113],"dashboard-widget","elementor","elementor-addon","elementor-template","https:\u002F\u002Fpowerpackelements.com\u002Fdashboard-welcome-elementor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-welcome-for-elementor.1.0.10.zip",100,"2022-12-16 00:00:00",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":102,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":108,"tags":132,"homepage":137,"download_link":138,"security_score":139,"vuln_count":26,"unpatched_count":75,"last_vuln_date":140,"fetched_at":28},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",631204,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5",[133,134,110,135,136],"admin","administration","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,"2019-02-25 00:00:00",{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":102,"downloaded":149,"rating":13,"num_ratings":150,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":18,"tags":154,"homepage":159,"download_link":160,"security_score":161,"vuln_count":74,"unpatched_count":75,"last_vuln_date":162,"fetched_at":28},"wp-dashboard-notes","WP Dashboard Notes","1.0.13","Jeroen Sormani","https:\u002F\u002Fprofiles.wordpress.org\u002Fsormano\u002F","\u003Cp>Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Colored notes\u003C\u002Fli>\n\u003Cli>List notes or regular notes\u003C\u002Fli>\n\u003Cli>Public or private notes\u003C\u002Fli>\n\u003Cli>Edit on dashboard\u003C\u002Fli>\n\u003Cli>Add as many notes as you like\u003C\u002Fli>\n\u003Cli>Drag & drop list items\u003C\u002Fli>\n\u003Cli>No save button needed!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Feature requests, ratings and donations are welcome and appreciated!\u003C\u002Fstrong>\u003C\u002Fp>\n","Working with multiple persons on a website? Want to make notes? You can do just that with WP Dashboard Notes. Create beautiful notes with a nice user  &hellip;",248966,109,"2024-08-27T08:39:00.000Z","6.4.8","4.0",[155,156,157,21,158],"admin-note","dashboard-notes","note","wordpress-notes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-dashboard-notes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-dashboard-notes.1.0.13.zip",90,"2024-08-09 00:00:00",{"attackSurface":164,"codeSignals":196,"taintFlows":211,"riskAssessment":212,"analyzedAt":223},{"hooks":165,"ajaxHandlers":189,"restRoutes":190,"shortcodes":191,"cronEvents":195,"entryPointCount":26,"unprotectedCount":75},[166,172,176,181,185],{"type":167,"name":168,"callback":169,"file":170,"line":171},"action","admin_head-index.php","dashboard_notepad_css","dashboard-notepad.php",66,{"type":167,"name":173,"callback":174,"file":170,"line":175},"wp_dashboard_setup","dashboard_notepad_widget_setup",67,{"type":177,"name":178,"callback":179,"file":170,"line":180},"filter","edit_dashboard_notes","dashboard_notepad_edit_notes",184,{"type":177,"name":182,"callback":183,"file":170,"line":184},"read_dashboard_notes","dashboard_notepad_read_notes",185,{"type":177,"name":186,"callback":187,"file":170,"line":188},"members_get_capabilities","dashboard_notepad_extra_caps",189,[],[],[192],{"tag":193,"callback":193,"file":170,"line":194},"dashboard_notes",179,[],{"dangerousFunctions":197,"sqlUsage":198,"outputEscaping":200,"fileOperations":75,"externalRequests":75,"nonceChecks":75,"capabilityChecks":209,"bundledLibraries":210},[],{"prepared":75,"raw":75,"locations":199},[],{"escaped":201,"rawEcho":202,"locations":203},5,2,[204,207],{"file":170,"line":205,"context":206},45,"raw output",{"file":170,"line":208,"context":206},173,7,[],[],{"summary":213,"deductions":214},"The 'dashboard-notepad' plugin exhibits a mixed security posture. While its static analysis shows good practices such as 100% prepared statement usage for SQL queries and capability checks on all identified output points, there are significant concerns. The absence of nonce checks is a notable weakness, potentially leaving the plugin vulnerable to cross-site request forgery attacks, especially given its past vulnerability history. Furthermore, the vulnerability history reveals a concerning pattern of a known unpatched medium severity vulnerability, indicating a lack of ongoing maintenance and security responsiveness. The fact that a CVE exists and is unpatched is a critical flag, outweighing some of the positive static analysis findings. The plugin's attack surface is minimal, which is a positive, but the presence of a single shortcode without explicit nonce checks creates a potential entry point for exploitation.",[215,218,221],{"reason":216,"points":217},"Unpatched CVE exists",15,{"reason":219,"points":220},"Missing nonce checks",10,{"reason":222,"points":201},"Medium severity vulnerability history","2026-03-16T17:48:06.153Z",{"wat":225,"direct":233},{"assetPaths":226,"generatorPatterns":228,"scriptPaths":229,"versionParams":230},[227],"\u002Fwp-content\u002Fplugins\u002Fdashboard-notepad\u002Fcss\u002Fdashboard-notepad.css",[],[],[231,232],"dashboard-notepad\u002Fcss\u002Fdashboard-notepad.css?ver=","dashboard-notepad\u002Fjs\u002Fdashboard-notepad.js?ver=",{"cssClasses":234,"htmlComments":237,"htmlAttributes":238,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":250},[235,236],"dashboard-role-column","dashboard-note-clear",[],[239,240,241,242,243,244,245,246,247],"id=\"dashboard_notepad\"","name=\"dashboard_notepad\"","id=\"notepad_title\"","name=\"notepad_title\"","id=\"notepad_size\"","name=\"notepad_size\"","name=\"edit_dashboard_notes[]\"","name=\"read_dashboard_notes[]\"","name=\"dashboard_notepad_submit\"",[],[],[251],"[dashboard_notes]"]