[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgHdI4tMrN6wP6u_gyoVPIZcwRO_VrTxHDSB_YV6NJ6Q":3,"$fyl9oClnKSUlaetm67K37kGckOFK2c4QBRdX--PRuQFU":206,"$fIH8onSOO5WIDhInbklCMUX262Ak44I9rYFqAp0OHojM":211},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":34,"analysis":134,"fingerprints":191},"developer-monitor","Developer monitor by VentureGeeks","1","nick000000","https:\u002F\u002Fprofiles.wordpress.org\u002Fnick000000\u002F","\u003Cp>This is probably a tool that every wordpress developer needs. Use it to see through the Firebug console all important things like database queries, $_POST, $_GET, $_FILES and other evnironment details.\u003C\u002Fp>\n","Check all the running queries and other development information in Firebug. Great to debug performance issues in live web sites.",10,1949,0,"2012-05-24T16:27:00.000Z","3.3.2","2.0.2","",[19,20,21],"development","firebug","firephp","http:\u002F\u002Fventuregeeks.com\u002Fblog\u002Fwp-developer-monitor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdeveloper-monitor.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-07-15T07:34:20.404Z",[35,54,70,94,113],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":43,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":51,"download_link":52,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":53},"firephp-firebug-php","FirePHP \u002F Firebug PHP Integration","1.0.0","evaldsurtans","https:\u002F\u002Fprofiles.wordpress.org\u002Fevaldsurtans\u002F","\u003Cp>Adds FirePHP Integration, php function fb(…) etc.\u003Cbr \u002F>\nMore information of usage http:\u002F\u002Fwww.firephp.org.\u003Cbr \u002F>\nCan be easily used with Mozilla Firefox’s FireBug extension FirePHP.\u003C\u002Fp>\n","Adds FirePHP Integration, php function fb(...) etc. More information of usage http:\u002F\u002Fwww.firephp.org. Can be easily used with Mozilla Firefox's F &hellip;",100,9952,5,"2013-03-08T07:24:00.000Z","3.5.2","3.0",[20,50,21],"firefox","http:\u002F\u002Fasketic.lv","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirephp-firebug-php.1.0.0.zip","2026-04-16T10:56:18.058Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":11,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":68,"download_link":69,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":53},"simple-wp-firephp","Simple WP FirePHP","0.2.0","corischlegel","https:\u002F\u002Fprofiles.wordpress.org\u002Fcorischlegel\u002F","\u003Cp>I like the very simple API to FirePHP and find it very useful for debugging WordPress plugins and themes.  There are a few other plugins out there that integrate FirePHP, notable WP-FirePHP and WP-Logger, but both add complexity that I don’t want to have to deal with for a quick debugging task.\u003C\u002Fp>\n\u003Cp>It wouldn’t be that hard to install the FirePHP core and add the includes to wp-config.php, and that’s what I generally do on sites that I control, but having this plugin in the Wrodpress.org\u002Fextend directory means that I’ll be able to install it on the fly for a blog that someone hasn’t given me shell or ftp access to.\u003C\u002Fp>\n\u003Ch3>Plans\u003C\u002Fh3>\n\u003Cp>I don’t think I’ll do a \u003Cem>whole\u003C\u002Fem> lot more with this, since I want to keep it pretty simple, but I plan to make sure the plugin loads first (see wp-logger) and perhaps add a simple options screen.  Might also add PHP4 support, but probably not.\u003C\u002Fp>\n","Extremely simple mechanism for embedding FirePHP into WordPress to use FirePHP during WP Development.",3573,"2010-09-15T10:32:00.000Z","2.9.2","2.0",[67,20,21],"debugging","http:\u002F\u002Fkinrowan.net\u002Fwordpress\u002FSimple-WP-FirePHP","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-wp-firephp.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":90,"download_link":91,"security_score":92,"vuln_count":30,"unpatched_count":13,"last_vuln_date":93,"fetched_at":53},"query-monitor","Query Monitor","4.0.6","John Blackbourn","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnbillion\u002F","\u003Cp>Query Monitor is the developer tools panel for WordPress and WooCommerce. It enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API calls, and more.\u003C\u002Fp>\n\u003Cp>It includes some advanced features such as debugging of Ajax calls, REST API calls, user capability checks, and full support for block themes and full site editing. It includes the ability to narrow down much of its output by plugin or theme, allowing you to quickly determine poorly performing plugins, themes, or functions.\u003C\u002Fp>\n\u003Cp>Query Monitor focuses heavily on presenting its information in a useful manner, for example by showing aggregate database queries grouped by the plugins, themes, or functions that are responsible for them. It adds an admin toolbar menu showing an overview of the current page, with complete debugging information shown in panels once you select a menu item.\u003C\u002Fp>\n\u003Cp>Query Monitor supports versions of WordPress up to three years old, and PHP version 7.4 or higher.\u003C\u002Fp>\n\u003Cp>For complete information, please see \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002F\" rel=\"nofollow ugc\">the Query Monitor website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Here’s an overview of what’s shown for each page load:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Database queries, including notifications for slow, duplicate, or erroneous queries. Allows filtering by query type (\u003Ccode>SELECT\u003C\u002Fcode>, \u003Ccode>UPDATE\u003C\u002Fcode>, \u003Ccode>DELETE\u003C\u002Fcode>, etc), responsible component (plugin, theme, WordPress core), and calling function, and provides separate aggregate views for each.\u003C\u002Fli>\n\u003Cli>The template filename, the complete template hierarchy, and names of all template parts that were loaded or not loaded (for block themes and classic themes).\u003C\u002Fli>\n\u003Cli>PHP errors presented nicely along with their responsible component and call stack, and a visible warning in the admin toolbar.\u003C\u002Fli>\n\u003Cli>Usage of “Doing it Wrong” or “Deprecated” functionality in the code on your site.\u003C\u002Fli>\n\u003Cli>Blocks and associated properties within post content and within full site editing (FSE).\u003C\u002Fli>\n\u003Cli>Matched rewrite rules, associated query strings, and query vars.\u003C\u002Fli>\n\u003Cli>Enqueued scripts and stylesheets, along with their dependencies, dependents, and alerts for broken dependencies.\u003C\u002Fli>\n\u003Cli>Language settings and loaded translation files (MO files and JSON files) for each text domain.\u003C\u002Fli>\n\u003Cli>HTTP API requests, with response code, responsible component, and time taken, with alerts for failed or erroneous requests.\u003C\u002Fli>\n\u003Cli>User capability checks, along with the result and any parameters passed to the capability check.\u003C\u002Fli>\n\u003Cli>Environment information, including detailed information about PHP, the database, WordPress, and the web server.\u003C\u002Fli>\n\u003Cli>The values of all WordPress conditional functions such as \u003Ccode>is_single()\u003C\u002Fcode>, \u003Ccode>is_home()\u003C\u002Fcode>, etc.\u003C\u002Fli>\n\u003Cli>Transients that were updated.\u003C\u002Fli>\n\u003Cli>Usage of \u003Ccode>switch_to_blog()\u003C\u002Fcode> and \u003Ccode>restore_current_blog()\u003C\u002Fcode> on Multisite installations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Whenever a redirect occurs, Query Monitor adds an HTTP header containing the call stack, so you can use your favourite HTTP inspector or browser developer tools to trace what triggered the redirect.\u003C\u002Fli>\n\u003Cli>The response from any jQuery-initiated Ajax request on the page will contain various debugging information in its headers. PHP errors also get output to the browser’s developer console.\u003C\u002Fli>\n\u003Cli>The response from an authenticated WordPress REST API request will contain an overview of performance information and PHP errors in its headers, as long as the authenticated user has permission to view Query Monitor’s output. An \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Frest-api\u002Fusing-the-rest-api\u002Fglobal-parameters\u002F#_envelope\" rel=\"nofollow ugc\">an enveloped REST API request\u003C\u002Fa> will include even more debugging information in the \u003Ccode>qm\u003C\u002Fcode> property of the response.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By default, Query Monitor’s output is only shown to Administrators on single-site installations, and Super Admins on Multisite installations.\u003C\u002Fp>\n\u003Cp>In addition to this, you can set an authentication cookie which allows you to view Query Monitor output when you’re not logged in (or if you’re logged in as a non-Administrator). See the Settings panel for details.\u003C\u002Fp>\n\u003Ch3>Other Plugins\u003C\u002Fh3>\n\u003Cp>I maintain several other plugins for developers. Check them out:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuser-switching\u002F\" rel=\"ugc\">User Switching\u003C\u002Fa> provides instant switching between user accounts in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-crontrol\u002F\" rel=\"ugc\">WP Crontrol\u003C\u002Fa> lets you view and control what’s happening in the WP-Cron system\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Thanks\u003C\u002Fh3>\n\u003Cp>The time that I spend maintaining this plugin and others is in part sponsored by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fautomattic.com\u002F\" rel=\"nofollow ugc\">Automattic\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fservmask.com\u002F\" rel=\"nofollow ugc\">ServMask\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-staging.com\u002F\" rel=\"nofollow ugc\">WP Staging\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsponsors\u002Fjohnbillion\" rel=\"nofollow ugc\">All my kind sponsors on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor is private by default and always will be. It does not persistently store any of the data that it collects. It does not send data to any third party, nor does it include any third party resources. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Query Monitor’s full privacy statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Accessibility Statement\u003C\u002Fh3>\n\u003Cp>Query Monitor aims to be fully accessible to all of its users. \u003Ca href=\"https:\u002F\u002Fquerymonitor.com\u002Faccessibility\u002F\" rel=\"nofollow ugc\">Query Monitor’s full accessibility statement can be found here\u003C\u002Fa>.\u003C\u002Fp>\n","Query Monitor is the developer tools panel for WordPress and WooCommerce.",200000,19993201,98,465,"2026-04-11T11:53:00.000Z","6.9.4","6.1","7.4",[87,88,19,89,71],"debug","debug-bar","performance","https:\u002F\u002Fquerymonitor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquery-monitor.4.0.6.zip",97,"2026-03-30 23:21:22",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":80,"num_ratings":104,"last_updated":105,"tested_up_to":83,"requires_at_least":106,"requires_php":107,"tags":108,"homepage":111,"download_link":112,"security_score":43,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":53},"yoast-test-helper","Yoast Test Helper","1.18","Yoast","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoast\u002F","\u003Cp>This plugin makes testing Yoast SEO, Yoast SEO add-ons and integrations and resetting the different features a lot easier. It also makes testing database migrations a lot easier as it allows you to set the database version and see if the upgrade process runs smoothly.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>This test helper plugin has several features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easily enable Yoast SEO development mode.\u003C\u002Fli>\n\u003Cli>Saving and restoring Yoast SEO and Yoast SEO extension options, to test upgrade paths.\u003C\u002Fli>\n\u003Cli>Add options debug info to Yoast SEO admin pages.\u003C\u002Fli>\n\u003Cli>Reset the internal link counter, prominent words calculation and other features.\u003C\u002Fli>\n\u003Cli>Add two post types (Books and Movies) with two taxonomies (Category and Genre) each and optionally disable the block editor for them.\u003C\u002Fli>\n\u003Cli>Easily add an inline script after a selected script.\u003C\u002Fli>\n\u003Cli>Replace your \u003Ccode>.test\u003C\u002Fcode> TLD with \u003Ccode>example.com\u003C\u002Fcode> in your Schema output, so you can easily copy paste to Google’s Structured Data Testing Tool.\u003C\u002Fli>\n\u003Cli>Change the number of URLs shown in an XML Sitemap.\u003C\u002Fli>\n\u003Cli>Easily change your MyYoast URL.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you find bugs or would like to contribute, see our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FYoast\u002Fyoast-test-helper\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin makes testing Yoast SEO, Yoast SEO add-ons and integrations and resetting the different features a lot easier.",60000,777860,12,"2025-12-01T18:28:00.000Z","6.4","7.2.5",[19,109,110],"yoast","yoast-seo","https:\u002F\u002Fgithub.com\u002Fyoast\u002Fyoast-test-helper","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoast-test-helper.1.18.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":80,"num_ratings":123,"last_updated":124,"tested_up_to":83,"requires_at_least":125,"requires_php":126,"tags":127,"homepage":132,"download_link":133,"security_score":43,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":53},"what-the-file","What The File","1.6.1","Barry Kooij","https:\u002F\u002Fprofiles.wordpress.org\u002Fbarrykooij\u002F","\u003Cp>What The File adds an option to your toolbar showing what file and template parts are used to display the page you’re currently viewing.\u003C\u002Fp>\n\u003Cp>You can click the file name to directly edit it through the theme editor, though I don’t recommend this for bigger changes.\u003C\u002Fp>\n\u003Cp>What The File supports BuddyPress and Roots Theme based themes.\u003C\u002Fp>\n\u003Cp>More information can be found \u003Ca href=\"http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Looking for a great related posts plugin for WordPress?\u003C\u002Fh4>\n\u003Cp>Another plugin I’ve built, that I’m very proud of is Related Posts for WordPress. Related Posts for WordPress offers you the ability to link related posts to each other with just 1 click! And it’s 100% free! \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frelated-posts-for-wp\u002F\" rel=\"ugc\">Check it out on the WordPress repository.\u003C\u002Fa>\u003C\u002Fp>\n","What The File is the best tool to find out what template parts are used to display the page you're currently viewing!",40000,591241,882,"2026-02-19T17:21:00.000Z","3.1","5.3",[19,128,129,130,131],"file","template","template-editing","toolbar","http:\u002F\u002Fwww.barrykooij.com\u002Fwhat-the-file\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhat-the-file.1.6.1.zip",{"attackSurface":135,"codeSignals":161,"taintFlows":180,"riskAssessment":181,"analyzedAt":190},{"hooks":136,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[137,143,147,150,154],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","init","dev_init","dev-monitor.php",164,{"type":138,"name":144,"callback":145,"file":141,"line":146},"wp_footer","dev_display",165,{"type":138,"name":148,"callback":145,"file":141,"line":149},"admin_init",166,{"type":138,"name":148,"callback":151,"file":152,"line":153},"register_mysettings","settings.php",8,{"type":138,"name":155,"callback":156,"file":152,"line":11},"admin_menu","dev_create_menu",[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":179},[],{"prepared":13,"raw":13,"locations":164},[],{"escaped":13,"rawEcho":45,"locations":166},[167,171,173,175,177],{"file":168,"line":169,"context":170},"FirePHPCore\u002FFirePHP.class.php",481,"raw output",{"file":168,"line":172,"context":170},755,{"file":141,"line":174,"context":170},156,{"file":152,"line":176,"context":170},39,{"file":152,"line":178,"context":170},40,[],[],{"summary":182,"deductions":183},"The \"developer-monitor\" plugin v1 exhibits a strong security posture in several key areas. Notably, there are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-entry point attack surface. The code also demonstrates good practices by using prepared statements for all SQL queries and avoiding file operations and external HTTP requests. There is no recorded vulnerability history, which is a positive indicator. However, a significant concern is the complete lack of output escaping across all identified output points. This means that any data displayed by the plugin, even if sourced internally, is not being properly sanitized, leaving it vulnerable to Cross-Site Scripting (XSS) attacks. Additionally, the absence of any capability checks or nonce checks on the identified entry points (though none exist) suggests a potential oversight in securing functionalities if they were to be introduced in the future.",[184,186,188],{"reason":185,"points":153},"All output is unescaped",{"reason":187,"points":45},"No capability checks implemented",{"reason":189,"points":45},"No nonce checks implemented","2026-04-16T11:48:30.490Z",{"wat":192,"direct":198},{"assetPaths":193,"generatorPatterns":194,"scriptPaths":195,"versionParams":197},[],[],[196],"\u002Fwp-content\u002Fplugins\u002Fdeveloper-monitor\u002FFirePHPCore\u002FFirePHP.class.php",[],{"cssClasses":199,"htmlComments":200,"htmlAttributes":201,"restEndpoints":202,"jsGlobals":203,"shortcodeOutput":205},[],[],[],[],[204],"FirePHP",[],{"error":207,"url":208,"statusCode":209,"statusMessage":210,"message":210},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdeveloper-monitor\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":212},[]]