[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f04_M9Y7d5Ep6I1BFhbrXAPhmRqVgr524vVEF4xH9O7Y":3,"$fC0v23tklV__3viNK_uQZgmhx70PoVnI0JHpueLCz5ls":188,"$fBb_88amwScxrWA8Xpi1T7NZNn8-1bN-aqvh4wpNfUjs":193},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":140,"fingerprints":175},"dirtysuds-kill-howdy","Kill Howdy","1.02","Pat Hawks","https:\u002F\u002Fprofiles.wordpress.org\u002Fpathawks\u002F","\u003Cp>Yesterday, a client told me that he was sick of starring at “Howdy” in the WordPress admin interface.\u003Cbr \u002F>\nHe told me it made him want to punch his computer in the face.\u003Cbr \u002F>\nHe asked me if I could replace it with something like “Hello, Your Majesty”\u003C\u002Fp>\n\u003Cp>After I stopped laughing and picked myself up off the floor, I coded this plugin that will change Howdy to a different, random greeting.\u003C\u002Fp>\n","Changes the text Howdy in the admin interface to a different greeting.",10,3131,100,5,"2013-01-04T03:17:00.000Z","3.6.1","2.8","",[20,21,22,23,24],"admin","hello-dolly","howdy","novelty","plugins","http:\u002F\u002Fdirtysuds.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdirtysuds-kill-howdy.1.02.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"pathawks",8,130,30,84,"2026-05-20T08:05:25.913Z",[41,62,85,104,123],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":60,"download_link":61,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpcore","WPCore Plugin Manager","1.9.2","stueynet","https:\u002F\u002Fprofiles.wordpress.org\u002Fstueynet\u002F","\u003Cp>WPCore is a tool that allows you to manage collections of WordPress plugins and then quickly install them on any WordPress site. You can generate your collections at https:\u002F\u002Fwpcore.com and then import them to your WordPress site by copying and pasting your unique collection key in WordPress.\u003C\u002Fp>\n","Create plugin collections and install them in one click on any WordPress site.",10000,169202,96,32,"2025-05-20T17:15:00.000Z","6.8.5","3.5",[20,57,58,59,24],"administration","install","installation","https:\u002F\u002Fwpcore.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcore.1.9.2.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":51,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":18,"tags":76,"homepage":80,"download_link":81,"security_score":82,"vuln_count":83,"unpatched_count":83,"last_vuln_date":84,"fetched_at":30},"hide-plugins","Hide Plugins","1.0.4","ThemeBoy","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeboy\u002F","\u003Cp>Hide Plugins is a light-weight plugin that gives a single admin user the ability to hide plugins prevent them from being activated, deactivated, or deleted by clients and other users, including administrators. By activating Hide Plugins, you will be able to see all plugins and a toggle to hide each plugin from other users on the Plugins page. Hide Plugins will always remain hidden.\u003C\u002Fp>\n\u003Cp>Note that the dropdown on the Edit Plugins page will not be affected, since it does not have a filter to hook into. Hidden plugins will remain active, so traces of the plugin in areas other than the Plugins page (like options pages in the admin menu) will still be visible. If you also want to hide menus, we recommend using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadmin-menu-editor\u002F\" rel=\"ugc\">Admin Menu Editor\u003C\u002Fa>.\u003C\u002Fp>\n","Hide installed plugins from clients and other admin users.",1000,19345,9,"2016-04-22T14:32:00.000Z","4.5.33","3.0",[20,77,78,79,24],"dashboard","hidden","hide","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhide-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhide-plugins.1.0.4.zip",63,1,"2025-12-31 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":70,"downloaded":93,"rating":13,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":102,"download_link":103,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"plugin-report","Plugin Report","2.2.2","Torsten Landsiedel","https:\u002F\u002Fprofiles.wordpress.org\u002Fzodiac1978\u002F","\u003Cp>A WordPress plugin that provides detailed information about currently installed plugins.\u003C\u002Fp>\n\u003Ch3>Plugin Report will allow you to:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Spot plugins that are no longer maintained.\u003C\u002Fli>\n\u003Cli>Get a quick overview of the “plugin health” of your site.\u003C\u002Fli>\n\u003Cli>Provide clients with a detailed report, right from their own dashboard, or as CSV spreadsheet.\u003C\u002Fli>\n\u003Cli>Find plugins that are no longer active on multisite installs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Thanks to Roy Tanck for trusting me to adopt this great plugin. Hartelijk bedankt!\u003C\u002Fp>\n\u003Cp>Special thanks go to \u003Ca href=\"http:\u002F\u002Ftristen.ca\u002F\" rel=\"nofollow ugc\">Tristen Forsythe Brown\u003C\u002Fa> for the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftristen\u002Ftablesort\" rel=\"nofollow ugc\">tablesort JavaScript library\u003C\u002Fa> licensed under the MIT License.\u003C\u002Fp>\n","A WordPress plugin that provides detailed information about currently installed plugins.",26636,14,"2026-01-18T12:46:00.000Z","6.9.4","4.6","5.6",[20,100,101,24],"multisite","plugin-info","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fplugin-report\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugin-report.2.2.2.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":13,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":18,"tags":118,"homepage":120,"download_link":121,"security_score":122,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"plugins-load-order","Plugins Load Order","1.2.2","Jose Barrera Mayoral","https:\u002F\u002Fprofiles.wordpress.org\u002Fchespir\u002F","\u003Cp>This plugin allows you to change the order in which plugins will be loaded by WordPress.\u003C\u002Fp>\n\u003Cp>It shows you a simple drag-and-drop interface to set this order.\u003C\u002Fp>\n\u003Cp>If you are plugin developer, I encourage you to use actions and hooks so that you will not need this plugin at all, but if you are managing your own blog and you face to the problem a plugin depends on other one, then this is the plugin you need.\u003C\u002Fp>\n","Allows you to change the order in which plugins will be loaded by Wordpress",500,11905,4,"2025-02-03T08:07:00.000Z","6.7.5","2.5",[20,119,24],"manage","http:\u002F\u002Fjosebarreramayoral.es\u002Fen\u002Fmy-plugin\u002Fplugins-load-order-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fplugins-load-order.zip",92,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":72,"last_updated":134,"tested_up_to":16,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":138,"download_link":139,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"install-profiles","WP Install Profiles","3.4.1","rockgod100","https:\u002F\u002Fprofiles.wordpress.org\u002Frockgod100\u002F","\u003Cp>Save time setting up new sites by automatically downloading groups of plugins. Add new plugins by adding the slug from the plugin’s url in the WordPress plugin directory. For instance, the plugin “All In One SEO Pack” is listed here: \u003Ccode>https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fall-in-one-seo-pack\u002F\u003C\u002Fcode>. Add “All In One SEO Pack” to an installation profile by adding \u003Ccode>all-in-one-seo-pack\u003C\u002Fcode> in the plugins field (one plugin per line).\u003C\u002Fp>\n\u003Cp>WP Install Profiles (WPIP) allows users to define groups of plugins, called profiles. Once a profile has been entered, WPIP calls to the WordPress Plugin Directory, downloads the plugin files and unzips them to the site’s plugins folder. Additionally, WPIP saves the profile in a downloadable format, so you can upload it to your next site and download the same plugins with a single click.\u003C\u002Fp>\n\u003Cp>Store your profiles online at http:\u002F\u002Fplugins.ancillaryfactory.com and import them easily into all of your WordPress installs. \u003Ca href=\"http:\u002F\u002Fplugins.ancillaryfactory.com\" rel=\"nofollow ugc\">Learn more and create an account\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See Install Profiles in action: \u003Ca href=\"http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=W-mBhPA1XGA\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=W-mBhPA1XGA\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Required PHP libraries\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>SimpleXML\u003C\u002Fli>\n\u003Cli>ZipArchive\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These libraries are installed by default on most shared hosting accounts, but they may need to be installed manually if your site is hosted by certain providers, including Media Temple.\u003C\u002Fp>\n\u003Ch4>File Permissions\u003C\u002Fh4>\n\u003Cp>If you are unable to save or import profiles, you may need to set \u003Ccode>wp-content\u002Fplugins\u002Finstall-profiles\u002Fprofiles\u003C\u002Fcode> to 777.\u003C\u002Fp>\n","Download custom collections of plugins automatically from the WordPress plugin directory.",400,20256,72,"2013-05-22T01:17:00.000Z","3.1",[20,57,59,24,137],"wp","http:\u002F\u002Fplugins.ancillaryfactory.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finstall-profiles.zip",{"attackSurface":141,"codeSignals":156,"taintFlows":163,"riskAssessment":164,"analyzedAt":174},{"hooks":142,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":28,"unprotectedCount":28},[143,148],{"type":144,"name":145,"callback":146,"priority":11,"file":147,"line":52},"filter","gettext","dirtysuds_howdy","howdy.php",{"type":144,"name":149,"callback":150,"priority":11,"file":147,"line":151},"plugin_row_meta","dirtysuds_howdy_rate",33,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":83,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":162},[],{"prepared":28,"raw":28,"locations":159},[],{"escaped":28,"rawEcho":28,"locations":161},[],[],[],{"summary":165,"deductions":166},"The plugin \"dirtysuds-kill-howdy\" v1.02 exhibits a strong security posture based on the provided static analysis. There are no identified attack vectors through AJAX, REST API, shortcodes, or cron events that lack authentication or permission checks. The code demonstrates good practices with no dangerous functions, all SQL queries using prepared statements, and all output being properly escaped.  The absence of external HTTP requests and a lack of specific security checks like nonce or capability checks, while not ideal, are mitigated by the extremely limited attack surface and the absence of any unsanitized taint flows.  The plugin also has no recorded vulnerability history, further reinforcing its current security standing.\n\nDespite the positive findings, a critical area of concern arises from the single file operation identified in the static analysis. Without further context on the nature of this file operation, it represents a potential blind spot. Although the taint analysis shows no unsanitized paths, the mere existence of a file operation without clear sanitization or validation context warrants attention. The plugin's lack of nonce and capability checks, while not immediately exploitable due to the zero attack surface, signifies a potential future vulnerability should new entry points be introduced without corresponding security controls.  Therefore, while the current state is secure, the single file operation warrants investigation to ensure it does not pose a risk.",[167,169,172],{"reason":168,"points":14},"File operation without clear context",{"reason":170,"points":171},"Missing nonce checks on potential entry points",2,{"reason":173,"points":171},"Missing capability checks on potential entry points","2026-04-16T12:33:00.856Z",{"wat":176,"direct":181},{"assetPaths":177,"generatorPatterns":178,"scriptPaths":179,"versionParams":180},[],[],[],[],{"cssClasses":182,"htmlComments":183,"htmlAttributes":184,"restEndpoints":185,"jsGlobals":186,"shortcodeOutput":187},[],[],[],[],[],[],{"error":189,"url":190,"statusCode":191,"statusMessage":192,"message":192},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdirtysuds-kill-howdy\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":194,"versions":195},3,[196,202,209],{"version":6,"download_url":26,"svn_tag_url":197,"released_at":29,"has_diff":198,"diff_files_changed":199,"diff_lines":29,"trac_diff_url":200,"vulnerabilities":201,"is_current":189},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdirtysuds-kill-howdy\u002Ftags\u002F1.02\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fdirtysuds-kill-howdy%2Ftags%2F1.01&new_path=%2Fdirtysuds-kill-howdy%2Ftags%2F1.02",[],{"version":203,"download_url":204,"svn_tag_url":205,"released_at":29,"has_diff":198,"diff_files_changed":206,"diff_lines":29,"trac_diff_url":207,"vulnerabilities":208,"is_current":198},"1.01","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdirtysuds-kill-howdy.1.01.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdirtysuds-kill-howdy\u002Ftags\u002F1.01\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fdirtysuds-kill-howdy%2Ftags%2F1.00&new_path=%2Fdirtysuds-kill-howdy%2Ftags%2F1.01",[],{"version":210,"download_url":211,"svn_tag_url":212,"released_at":29,"has_diff":198,"diff_files_changed":213,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":214,"is_current":198},"1.00","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdirtysuds-kill-howdy.1.00.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdirtysuds-kill-howdy\u002Ftags\u002F1.00\u002F",[],[]]