[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fx69hE7YFxQ-qAAONx5cOWGPYeXvNxo7RVErQIrLh6wQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":41,"analysis":130,"fingerprints":179},"debug-bar-list-dependencies","Debug Bar List Script & Style Dependencies","1.1","Per Søderlind","https:\u002F\u002Fprofiles.wordpress.org\u002Fpers\u002F","\u003Cp>We all know that when we’re add a script or style to WordPress, we should use \u003Ccode>wp_enqueue_script( $handle, $src, $deps, $ver, $in_footer )\u003C\u002Fcode> and \u003Ccode>wp_enqueue_style( $handle, $src, $deps, $ver, $media )\u003C\u002Fcode> as in:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function themeslug_enqueue_style() {\n    wp_enqueue_style( 'core', 'style.css', array('twentytwelve-style') );\n}\n\nfunction themeslug_enqueue_script() {\n    wp_enqueue_script( 'my-js', 'filename.js', array('jquery') );\n}\n\nadd_action( 'wp_enqueue_scripts', 'themeslug_enqueue_style' );\nadd_action( 'wp_enqueue_scripts', 'themeslug_enqueue_script' )\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>$deps (dependencies), the handle name and an optional parameter, lets you control when\u002Fwhere your script or style should be added. If $deps is \u003Ccode>array('jquery')\u003C\u002Fcode>, your script will be loaded after jquery is loaded.\u003C\u002Fp>\n\u003Cp>The problem is, which one exists and in which order are they loaded ?\u003C\u002Fp>\n\u003Cp>Debug Bar List Script & Style Dependencies, an add-on to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdebug-bar\u002F\" rel=\"ugc\">Debug Bar\u003C\u002Fa>, will list the dependencies.\u003C\u002Fp>\n\u003Ch4>Use\u003C\u002Fh4>\n\u003Cp>To view the loaded scripts and styles\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Front-end: Go to the front-end, and on the admin bar choose Debug and view Script & Style Dependencies\u003C\u002Fli>\n\u003Cli>Back-end: Go to the back-end, on the admin bar choose Debug and view Script & Style Dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note, the front-end and back-end loads different scripts and styles. Also, different pages on the front-end and back-end can load different scripts and styles.\u003C\u002Fp>\n","Debug Bar List Script & Style Dependencies is an add-on to WordPress Debug Bar",200,86242,100,3,"2016-12-12T20:11:00.000Z","4.7.32","3.4","",[20,21,22,23,24],"debug","debug-bar","development","wp_enqueue_script","wp_enqueue_style","http:\u002F\u002Fsoderlind.no\u002Fdebug-bar-list-script-and-style-dependencies\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebug-bar-list-dependencies.1.1.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":34,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":37,"avg_patch_time_days":38,"trust_score":39,"computed_at":40},"pers","PersianScript",95,188640,92,320,73,"2026-04-03T19:59:42.396Z",[42,62,78,92,112],{"slug":43,"name":44,"version":45,"author":46,"author_profile":47,"description":48,"short_description":49,"active_installs":50,"downloaded":51,"rating":52,"num_ratings":53,"last_updated":54,"tested_up_to":55,"requires_at_least":56,"requires_php":57,"tags":58,"homepage":60,"download_link":61,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"query-monitor","Query Monitor – The developer tools panel for WordPress","3.20.2","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>Query Monitor is the developer tools panel for WordPress and WooCommerce. It enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API calls, and more.\u003C\u002Fp>\n\u003Cp>It includes some advanced features such as debugging of Ajax calls, REST API calls, user capability checks, and full support for block themes and full site editing. It includes the ability to narrow down much of its output by plugin or theme, allowing you to quickly determine poorly performing plugins, themes, or functions.\u003C\u002Fp>\n\u003Cp>Query Monitor focuses heavily on presenting its information in a useful manner, for example by showing aggregate database queries grouped by the plugins, themes, or functions that are responsible for them. It adds an admin toolbar menu showing an overview of the current page, with complete debugging information shown in panels once you select a menu item.\u003C\u002Fp>\n\u003Cp>Query Monitor supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Cp>For complete information, please see \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002F\" rel=\"nofollow ugc\">the Query Monitor website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Here’s an overview of what’s shown for each page load:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Database queries, including notifications for slow, duplicate, or erroneous queries. Allows filtering by query type (\u003Ccode>SELECT\u003C\u002Fcode>, \u003Ccode>UPDATE\u003C\u002Fcode>, \u003Ccode>DELETE\u003C\u002Fcode>, etc), responsible component (plugin, theme, WordPress core), and calling function, and provides separate aggregate views for each.\u003C\u002Fli>\n\u003Cli>The template filename, the complete template hierarchy, and names of all template parts that were loaded or not loaded (for block themes and classic themes).\u003C\u002Fli>\n\u003Cli>PHP errors presented nicely along with their responsible component and call stack, and a visible warning in the admin toolbar.\u003C\u002Fli>\n\u003Cli>Usage of “Doing it Wrong” or “Deprecated” functionality in the code on your site.\u003C\u002Fli>\n\u003Cli>Blocks and associated properties within post content and within full site editing (FSE).\u003C\u002Fli>\n\u003Cli>Matched rewrite rules, associated query strings, and query vars.\u003C\u002Fli>\n\u003Cli>Enqueued scripts and stylesheets, along with their dependencies, dependents, and alerts for broken dependencies.\u003C\u002Fli>\n\u003Cli>Language settings and loaded translation files (MO files and JSON files) for each text domain.\u003C\u002Fli>\n\u003Cli>HTTP API requests, with response code, responsible component, and time taken, with alerts for failed or erroneous requests.\u003C\u002Fli>\n\u003Cli>User capability checks, along with the result and any parameters passed to the capability check.\u003C\u002Fli>\n\u003Cli>Environment information, including detailed information about PHP, the database, WordPress, and the web server.\u003C\u002Fli>\n\u003Cli>The values of all WordPress conditional functions such as \u003Ccode>is_single()\u003C\u002Fcode>, \u003Ccode>is_home()\u003C\u002Fcode>, etc.\u003C\u002Fli>\n\u003Cli>Transients that were updated.\u003C\u002Fli>\n\u003Cli>Usage of \u003Ccode>switch_to_blog()\u003C\u002Fcode> and \u003Ccode>restore_current_blog()\u003C\u002Fcode> on Multisite installations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Whenever a redirect occurs, Query Monitor adds an HTTP header containing the call stack, so you can use your favourite HTTP inspector or browser developer tools to trace what triggered the redirect.\u003C\u002Fli>\n\u003Cli>The response from any jQuery-initiated Ajax request on the page will contain various debugging information in its headers. PHP errors also get output to the browser’s developer console.\u003C\u002Fli>\n\u003Cli>The response from an authenticated WordPress REST API request will contain an overview of performance information and PHP errors in its headers, as long as the authenticated user has permission to view Query Monitor’s output. An \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Frest-api\u002Fusing-the-rest-api\u002Fglobal-parameters\u002F#_envelope\" rel=\"nofollow ugc\">an enveloped REST API request\u003C\u002Fa> will include even more debugging information in the \u003Ccode>qm\u003C\u002Fcode> property of the response.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By default, Query Monitor’s output is only shown to Administrators on single-site installations, and Super Admins on Multisite installations.\u003C\u002Fp>\n\u003Cp>In addition to this, you can set an authentication cookie which allows you to view Query Monitor output when you’re not logged in (or if you’re logged in as a non-Administrator). See the Settings panel for details.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F\" rel=\"ugc\">User Switching\u003C\u002Fa> provides instant switching between user accounts in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor is private by default and always will be. It does not persistently store any of the data that it collects. It does not send data to any third party, nor does it include any third party resources. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Query Monitor’s full privacy statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor aims to be fully accessible to all of its users. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Faccessibility\u002F\" rel=\"nofollow ugc\">Query Monitor’s full accessibility statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n","Query Monitor is the developer tools panel for WordPress and WooCommerce.",200000,19156533,98,463,"2025-12-11T22:16:00.000Z","6.9.4","6.1","7.4",[20,21,22,59,43],"performance","https:\u002F\u002Fquerymonitor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquery-monitor.3.20.2.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":72,"last_updated":73,"tested_up_to":55,"requires_at_least":56,"requires_php":57,"tags":74,"homepage":76,"download_link":77,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"blackbar","Black Bar","4.1.4","Gemini Labs","https:\u002F\u002Fprofiles.wordpress.org\u002Fgeminilabs\u002F","\u003Cp>Black Bar is an unobtrusive Debug Bar for WordPress developers. It collects and displays errors, executed SQL queries, slow actions and hooks, theme templates, global variables, and provides a profiler.\u003C\u002Fp>\n\u003Cp>How it helps you with development:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Debug your code with the Console\u003C\u002Fli>\n\u003Cli>Inspect global variables (COOKIE, GET, POST, SERVER, SESSION, WP_Screen)\u003C\u002Fli>\n\u003Cli>Measure performance of your code with the Profiler\u003C\u002Fli>\n\u003Cli>View any PHP errors that occur when loading a page in the Console\u003C\u002Fli>\n\u003Cli>View executed MySQL queries along with execution time and backtrace\u003C\u002Fli>\n\u003Cli>View template files of the active theme in loaded order\u003C\u002Fli>\n\u003Cli>View the 50 slowest action and filter hooks along with callbacks ordered by priority\u003C\u002Fli>\n\u003C\u002Ful>\n","Black Bar is an unobtrusive Debug Bar for WordPress developers that attaches itself to the bottom of the browser window.",600,38607,9,"2025-12-01T22:51:00.000Z",[20,21,75,22],"debugbar","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblackbar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblackbar.4.1.4.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":28,"downloaded":86,"rating":28,"num_ratings":28,"last_updated":87,"tested_up_to":55,"requires_at_least":88,"requires_php":57,"tags":89,"homepage":18,"download_link":91,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"script-report","Script Report","1.2.1","sapayth","https:\u002F\u002Fprofiles.wordpress.org\u002Fsapayth\u002F","\u003Cp>Script Report is a minimal and focused debugging tool for WordPress developers. It helps you audit and visualize JavaScript and CSS dependencies on any admin or frontend page.\u003C\u002Fp>\n\u003Cp>When something loads out of order, loads twice, or slows down a page, Script Report helps you see exactly what is happening.\u003C\u002Fp>\n\u003Cp>Use the Script Report link in the admin navbar on any page to open a complete breakdown of scripts and styles, their load order, dependencies, and origin.\u003C\u002Fp>\n\u003Ch3>Why Use Script Report?\u003C\u002Fh3>\n\u003Cp>Developers often ask:\u003C\u002Fp>\n\u003Cp>Why is this script loading here\u003Cbr \u002F>\nWho enqueued this style\u003Cbr \u002F>\nWhy is my dependency not working\u003Cbr \u002F>\nIs something loading twice\u003Cbr \u002F>\nWhat is affecting performance on this page\u003C\u002Fp>\n\u003Cp>Script Report gives you clear answers instantly.\u003C\u002Fp>\n\u003Ch3>What You Can Inspect\u003C\u002Fh3>\n\u003Ch4>JavaScript\u003C\u002Fh4>\n\u003Cp>View a complete breakdown of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Registered scripts\u003C\u002Fli>\n\u003Cli>Enqueued scripts\u003C\u002Fli>\n\u003Cli>Total required scripts\u003C\u002Fli>\n\u003Cli>Load order\u003C\u002Fli>\n\u003Cli>File size\u003C\u002Fli>\n\u003Cli>Footer or header loading\u003C\u002Fli>\n\u003Cli>Inline scripts\u003C\u002Fli>\n\u003Cli>Enqueued by source\u003C\u002Fli>\n\u003Cli>Required by dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CSS\u003C\u002Fh4>\n\u003Cp>Inspect styles with the same detailed structure:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Registered styles\u003C\u002Fli>\n\u003Cli>Enqueued styles\u003C\u002Fli>\n\u003Cli>Total required styles\u003C\u002Fli>\n\u003Cli>Load order\u003C\u002Fli>\n\u003Cli>File size\u003C\u002Fli>\n\u003Cli>Dependency relationships\u003C\u002Fli>\n\u003Cli>Enqueued by source\u003C\u002Fli>\n\u003Cli>Required by dependencies\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Script Modules WordPress 6.5+\u003C\u002Fh4>\n\u003Cp>Audit registered and enqueued script modules along with their dependency chains.\u003C\u002Fp>\n\u003Ch3>Views\u003C\u002Fh3>\n\u003Cp>Switch between two views:\u003C\u002Fp>\n\u003Cp>List view\u003Cbr \u002F>\nClean, structured overview of all scripts and styles.\u003C\u002Fp>\n\u003Cp>Tree view\u003Cbr \u002F>\nVisual representation of dependency chains. Circular or missing dependencies are clearly flagged.\u003C\u002Fp>\n\u003Ch3>Filtering\u003C\u002Fh3>\n\u003Cp>Quickly filter by handle or source to narrow down large lists. Filtering works client side for fast inspection.\u003C\u002Fp>\n","Debug and audit JavaScript and CSS loading in WordPress. Analyze dependencies, detect issues, and improve performance on any page.",203,"2026-03-14T10:59:00.000Z","5.0",[20,21,22,59,90],"scripts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscript-report.1.2.1.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":13,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":18,"tags":106,"homepage":110,"download_link":111,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"monkeyman-rewrite-analyzer","Monkeyman Rewrite Analyzer","1.0","Jan Fabry","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanfabry\u002F","\u003Cp>This is a tool to understand your rewrite rules (“Pretty Permalinks”). It is indispensable if you are adding or modifying rules and want to understand how they work (or why they don’t work).\u003C\u002Fp>\n\u003Cp>It is only an analyzer, it does not change any rules for you. It parses the rules down to their components and shows the connection with the resulting query variables. It allows you to try out different URLs to see which rules will match and what the value of the different query variables will be (see screenshots).\u003C\u002Fp>\n\u003Cp>This plugin was written as a tool to help answering questions about rewrite rules on \u003Ca href=\"http:\u002F\u002Fwordpress.stackexchange.com\u002F\" rel=\"nofollow ugc\">the WordPress Stack Exchange\u003C\u002Fa>.\u003C\u002Fp>\n","Making sense of the rewrite mess. Display and play with your rewrite rules.",2000,73356,26,"2011-05-12T17:49:00.000Z","3.2.1","3.0",[20,22,107,108,109],"mod_rewrite","permalinks","rewrite","http:\u002F\u002Fwordpress.stackexchange.com\u002Fq\u002F3606\u002F8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonkeyman-rewrite-analyzer.1.0.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":13,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":18,"download_link":129,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"monster-widget","Monster Widget","0.3","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The Monster widget consolidates all 13 core widgets into a single widget enabling theme developers to create multiple instances with ease. It has been created to save time during theme development and review by minimizing the steps needed to populate a sidebar with widgets. The Monster widget is not designed for use in production.\u003C\u002Fp>\n","Provides a quick and easy method of adding all core widgets to a sidebar for testing purposes.",1000,160640,8,"2017-11-10T15:47:00.000Z","4.9.29","3.2.0",[20,127,128],"theme-development","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmonster-widget.zip",{"attackSurface":131,"codeSignals":152,"taintFlows":171,"riskAssessment":172,"analyzedAt":178},{"hooks":132,"ajaxHandlers":148,"restRoutes":149,"shortcodes":150,"cronEvents":151,"entryPointCount":28,"unprotectedCount":28},[133,139,142],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","wp_enqueue_scripts","enqueue","class-debug-bar-list-dependencies.php",30,{"type":134,"name":140,"callback":136,"file":137,"line":141},"admin_enqueue_scripts",31,{"type":143,"name":144,"callback":145,"file":146,"line":147},"filter","debug_bar_panels","ps_listdeps_debug_bar_panels","debug-bar-list-dependencies.php",40,[],[],[],[],{"dangerousFunctions":153,"sqlUsage":154,"outputEscaping":156,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":170},[],{"prepared":28,"raw":28,"locations":155},[],{"escaped":72,"rawEcho":122,"locations":157},[158,161,162,163,164,166,167,168],{"file":137,"line":159,"context":160},72,"raw output",{"file":137,"line":159,"context":160},{"file":137,"line":159,"context":160},{"file":137,"line":159,"context":160},{"file":137,"line":165,"context":160},117,{"file":137,"line":165,"context":160},{"file":137,"line":165,"context":160},{"file":137,"line":169,"context":160},156,[],[],{"summary":173,"deductions":174},"The \"debug-bar-list-dependencies\" plugin v1.1 exhibits a generally good security posture, with no registered vulnerabilities in its history and a clean static analysis report regarding dangerous functions, SQL queries, file operations, and external requests. The absence of a significant attack surface and the use of prepared statements for SQL indicate careful development practices.  However, a notable concern is the output escaping, where only 53% of outputs are properly escaped. This leaves a portion of the plugin's output potentially vulnerable to cross-site scripting (XSS) attacks if dynamic data is inserted without proper sanitization. The lack of observed taint flows could be due to the limited nature of the analysis or the plugin's functionality, but the unescaped outputs remain a tangible risk. While the plugin has no known vulnerabilities, the imperfect output escaping is a weakness that could be exploited.  Therefore, while the plugin is relatively safe, addressing the output escaping issues would significantly strengthen its security.",[175],{"reason":176,"points":177},"Inconsistent output escaping",5,"2026-03-16T20:22:21.924Z",{"wat":180,"direct":189},{"assetPaths":181,"generatorPatterns":184,"scriptPaths":185,"versionParams":186},[182,183],"\u002Fwp-content\u002Fplugins\u002Fdebug-bar-list-dependencies\u002Fcss\u002Fdebug-bar-list-deps.css","\u002Fwp-content\u002Fplugins\u002Fdebug-bar-list-dependencies\u002Fcss\u002Fdebug-bar-list-deps.min.css",[],[],[187,188],"debug-bar-list-dependencies\u002Fcss\u002Fdebug-bar-list-deps.css?ver=","debug-bar-list-dependencies\u002Fcss\u002Fdebug-bar-list-deps.min.css?ver=",{"cssClasses":190,"htmlComments":192,"htmlAttributes":193,"restEndpoints":194,"jsGlobals":195,"shortcodeOutput":196},[4,191],"deps-table",[],[],[],[],[]]