[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-yysRw6s_TkQ7moN7uiYvsoVPHQkgy8cnK3_F-hRmxQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":120,"fingerprints":167},"disable-editor","Disable Visual Editor","1.0","dkchauhan","https:\u002F\u002Fprofiles.wordpress.org\u002Fdkchauhan\u002F","\u003Cp>This plugin will disable the visual editor for selected page(s)\u002Fpost(s).\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>You may provide arbitrary sections, in the same format as the ones above.  This may be of use for extremely complicated\u003Cbr \u002F>\nplugins where more information needs to be conveyed that doesn’t fit into the categories of “description” or\u003Cbr \u002F>\n“installation.”  Arbitrary sections will be shown below the built-in sections outlined above.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","Here is a short description of the plugin.",20,3244,100,1,"2013-08-26T12:06:00.000Z","3.6.1","3.6","",[20,21],"disable-post-edit","page-edit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-editor.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,40,30,84,"2026-04-04T21:11:13.934Z",[35,61,80,100],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":18,"tags":50,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":24,"last_vuln_date":60,"fetched_at":26},"wp-editor","WP Editor","1.2.9.3","benjaminprojas","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjaminprojas\u002F","\u003Cp>WP Editor is a plugin for WordPress that replaces the default plugin and theme editors as well as the page\u002Fpost editor. Using integrations with CodeMirror and FancyBox to create a feature rich environment, WP Editor completely reworks the default WordPress file editing capabilities. Using Asynchronous Javascript and XML (AJAX) to retrieve files and folders, WP Editor sets a new standard for speed and reliability in a web-based editing atmosphere.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>CodeMirror\u003C\u002Fli>\n\u003Cli>Active Line Highlighting\u003C\u002Fli>\n\u003Cli>Line Numbers\u003C\u002Fli>\n\u003Cli>Line Wrapping\u003C\u002Fli>\n\u003Cli>Eight Editor Themes with Syntax Highlighting\u003C\u002Fli>\n\u003Cli>Fullscreen Editing (ESC, F11)\u003C\u002Fli>\n\u003Cli>Text Search (CMD + F, CTRL + F)\u003C\u002Fli>\n\u003Cli>Individual Settings for Each Editor\u003C\u002Fli>\n\u003Cli>FancyBox for image viewing\u003C\u002Fli>\n\u003Cli>AJAX File Browser\u003C\u002Fli>\n\u003Cli>Allowed Extensions List\u003C\u002Fli>\n\u003Cli>Easy to use Settings Section\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Editor is a plugin for WordPress that replaces the default plugin and theme editors as well as the page\u002Fpost editor.",30000,1075617,90,95,"2026-03-11T18:50:00.000Z","6.9.4","3.9",[51,52,53,54,55],"code-editor","page-editor","plugin-editor","post-editor","theme-editor","http:\u002F\u002Fwpeditor.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-editor.1.2.9.3.zip",86,9,"2025-04-16 17:11:50",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":13,"num_ratings":29,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":18,"download_link":79,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"edit-lock","Edit Lock","1.0.3","doublejar","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoublejar\u002F","\u003Cp>When you build a custom-made website, either for your client or yourself, there often are pages which contains HTML codes which may break if edited by casual users.\u003C\u002Fp>\n\u003Cp>This plugin allows you to disable editing on selected pages, to protect the pages from accidental or unwanted changes. By locking pages and posts, these crucial pages cannot be edited or deleted by users. An exception can be added for administrators to modify pages irregardless of locking status.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Locks any pages, posts, and even media files\u003C\u002Fli>\n\u003Cli>Custom post types are also supported\u003C\u002Fli>\n\u003Cli>Works with Gutenberg and Classic Editor\u003C\u002Fli>\n\u003Cli>Two locking mechanisms available\u003C\u002Fli>\n\u003Cli>Allows admin users to modify pages without unlocking or lock for everyone\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Locking mechanisms:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lock mode — Disable editing or deleting locked posts.\u003C\u002Fli>\n\u003Cli>Warn mode — Warn users when editing locked posts. Quick edit and deletion are disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable page editing on selected pages, to protect the pages from accidental or unwanted changes that might break your site.",500,4971,"2022-10-09T00:44:00.000Z","6.1.10","5.4","7.0",[20,76,77,78],"posts","security","wp-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-lock.1.0.3.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":13,"num_ratings":29,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":98,"download_link":99,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"administrator-access-to-pmpro-protected-content","Administrator Access to PMPro Protected Content","1.3","Thomas S","https:\u002F\u002Fprofiles.wordpress.org\u002Feighty20results\u002F","\u003Cp>By default Paid Memberships Pro will \u003Cem>not\u003C\u002Fem> let an administrator get access to a protected post or page without making the administrator a member of one of the membership levels that are required for that post\u002Fpage in the “Require Membership” checkboxes in the post\u002Fpage editor.\u003C\u002Fp>\n\u003Cp>This is contrary to what a traditional interpretation of the “Administrator” role represents for WordPress (or any user based security system). People expect the administrator\u002Froot account(s) on the system to have full access to administer and view the content on the site.\u003C\u002Fp>\n\u003Cp>This behavior also represents one of the frequent problems experienced when trying to use a WordPress front-end post or page editor; The expected content for the post\u002Fpage being edited either doesn’t show up, or is being redirected away from.\u003C\u002Fp>\n\u003Cp>This plugin will remove the PMPro access restrictions to content for any user assigned to the WordPress ‘administrator’ role.\u003C\u002Fp>\n\u003Cp>As of version 1.2, the same functionality has been extended to the PMPro [membership] short code.\u003Cbr \u002F>\nThis plugin should be used with caution!\u003C\u002Fp>\n\u003Ch3>Credit\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Ca href=\"https:\u002F\u002Fwww.freeiconspng.com\u002Fimg\u002F29108\" rel=\"nofollow ugc\">Unlock Hd Icon by Ahkâm\u003C\u002Fa> – Copyright (c) Ahkâm\u003Cbr \u002F>\nThis plugin uses the logo by \u003Ca href=\"https:\u002F\u002Fwww.paid-memberships-pro.com\u002F\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa> – Copyright (c) Stranger Studios, LLC\u003C\u002Fp>\n\u003Ch3>v1.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>REFACTOR: Updated to signify support for latest WordPress releases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>ENHANCEMENT: Add check override when using [membership] short code\u003C\u002Fli>\n\u003Cli>BUG FIX: Didn’t guarantee false return when user isn’t logged in or not an admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>BUG FIX: Didn’t prevent redirect(s) when accessing the Membership Account page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release of plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","Overrides the PMPro \"Require Membership\" settings and grants view access to any user assigned to the WordPress \"Administrator\" rol …",60,2535,"2020-09-16T20:02:00.000Z","5.5.18","4.8",[94,95,52,96,97],"membership","membership-management","paid-memberships-pro","pmpro","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadministrator-access-to-pmpro-protected-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadministrator-access-to-pmpro-protected-content.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":13,"num_ratings":14,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":118,"download_link":119,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"dc-hide-publish-button","DC Hide Publish Button","2.0.0","Doni Susanto","https:\u002F\u002Fprofiles.wordpress.org\u002Fdonixe\u002F","\u003Cp>This plugin will come handy for author who often accidentally click publish button when what what they realy want is save only.\u003Cbr \u002F>\nThis plugin hide publish button for Post and Page which status is Draft.\u003Cbr \u002F>\nPublish button will shows when status change to Pending Review, or if you change Visibility state which will automatically change Post \u002F Page status.\u003C\u002Fp>\n","This plugin will come handy for author who often accidentally click publish button when what what they realy want is save only.",10,1343,"2017-03-25T18:14:00.000Z","4.7.32","4.7",[21,114,115,116,117],"pages","post","post-edit","publish-button","https:\u002F\u002Fdonisusanto.net\u002Fwordpress\u002Fplugins\u002Fdc-hide-publish-button.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdc-hide-publish-button.zip",{"attackSurface":121,"codeSignals":149,"taintFlows":159,"riskAssessment":160,"analyzedAt":166},{"hooks":122,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":24,"unprotectedCount":24},[123,128,132,136,140],{"type":124,"name":125,"callback":126,"file":127,"line":108},"filter","admin_init","disableView_admin_pre_edit_page","disable_visual_editor.php",{"type":124,"name":129,"callback":130,"file":127,"line":131},"format_to_edit","disableView_admin_edit_page",11,{"type":133,"name":125,"callback":134,"priority":14,"file":127,"line":135},"action","disableView_add_custom_box",13,{"type":133,"name":137,"callback":138,"file":127,"line":139},"save_post","disableView_save_post",14,{"type":124,"name":141,"callback":142,"priority":143,"file":127,"line":144},"admin_footer","disableView_admin_edit_page_js",99,35,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":24,"externalRequests":24,"nonceChecks":14,"capabilityChecks":29,"bundledLibraries":158},[],{"prepared":24,"raw":24,"locations":152},[],{"escaped":24,"rawEcho":14,"locations":154},[155],{"file":127,"line":156,"context":157},79,"raw output",[],[],{"summary":161,"deductions":162},"The \"disable-editor\" v1.0 plugin exhibits a strong security posture based on the provided static analysis.  The absence of any identified attack surface points (AJAX, REST API, shortcodes, cron events) is a significant strength, indicating that the plugin is unlikely to introduce direct entry points for attackers. Furthermore, the code analysis reveals a complete absence of dangerous functions and SQL queries that are not prepared, suggesting robust data handling practices. The presence of nonce and capability checks, even with a limited attack surface, is also a positive indicator of security awareness.\n\nHowever, a notable concern arises from the output escaping analysis. With one total output identified and none properly escaped, there is a risk of Cross-Site Scripting (XSS) vulnerabilities if user-controlled data is ever displayed without sanitization. While the taint analysis shows no flows with unsanitized paths, this is likely due to the minimal attack surface and lack of data flowing through the analyzed components. The plugin's history of zero known CVEs is reassuring, suggesting a track record of security. Overall, the plugin is well-architected with minimal attack vectors, but the unescaped output is a critical area that requires immediate attention to prevent potential XSS flaws.",[163],{"reason":164,"points":165},"Unescaped output found",7,"2026-03-16T22:48:55.980Z",{"wat":168,"direct":173},{"assetPaths":169,"generatorPatterns":170,"scriptPaths":171,"versionParams":172},[],[],[],[],{"cssClasses":174,"htmlComments":175,"htmlAttributes":176,"restEndpoints":179,"jsGlobals":180,"shortcodeOutput":181},[],[],[177,178],"id=\"disableView_checkbox\"","name=\"disableView_checkbox\"",[],[],[]]