[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdNRw5FIk5bbn19bU2tsy43EN2agUMbYS427LrQTOFTc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":133,"fingerprints":218},"disable-feeds","Disable Feeds","1.4.4","WPDeveloper","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdevteam\u002F","\u003Cp>This plugin disables all RSS\u002FAtom\u002FRDF feeds on your site. It is useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behaviour – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>If you come across any bugs or have suggestions, please use the plugin support forum. I can’t fix it if I don’t know it’s broken! Please check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fdisable-feeds\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for common issues.\u003C\u002Fp>\n\u003Cp>Want to contribute? Here’s the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsolarissmoke\u002Fdisable-feeds\" rel=\"nofollow ugc\">GitHub development repository\u003C\u002Fa>.\u003C\u002Fp>\n","Disables all RSS\u002FAtom\u002FRDF feeds on your WordPress site.",30000,216366,94,31,"2018-03-30T04:50:00.000Z","4.9.29","4.0","",[20,21,22,23,24],"atom","disable","feeds","rdf","rss","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"wpdevteam",46,3988410,91,163,73,"2026-04-04T02:41:53.877Z",[41,59,78,97,115],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":28,"num_ratings":28,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":56,"download_link":57,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-rss-rdf-atom-feeds","Disable RSS, RDF, and Atom Feeds","1.1","Roxnor","https:\u002F\u002Fprofiles.wordpress.org\u002Froxnor\u002F","\u003Cp>The “Disable RSS, RDF, and Atom Feeds” plugin allows you to disable all RSS, RDF, and Atom feeds easily on your WordPress website. This plugin provides options to redirect feed requests to the corresponding HTML content or issue a 404 error. You can also allow the global post and comment feeds if desired.\u003C\u002Fp>\n\u003Cp>This plugin is handy if you do not use RSS feeds and want to reduce your site’s exposure. It prevents unauthorized users from accessing your site’s content via feeds.\u003C\u002Fp>\n\u003Ch3>USEFUL LINK\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwpmet.com\u002Fsupport-help\u002F\" rel=\"nofollow ugc\">Get a Quick Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>✔️ Disable all feeds: RSS, RDF, and Atom.\u003C\u002Fp>\n\u003Cp>✔️ Options to redirect feed requests or issue a 404 error.\u003C\u002Fp>\n\u003Cp>✔️ Allow global post feed and comment feed.\u003C\u002Fp>\n\u003Cp>✔️ Integration with bbPress to disable forum\u002Ftopic\u002Freply feeds.\u003C\u002Fp>\n\u003Cp>✔️ Simple configuration through WordPress settings.\u003C\u002Fp>\n","Disable all RSS, RDF, and Atom feeds on your WordPress site with the option to control behavior such as redirection or issuing a 404 error.",10,972,"2024-12-22T09:13:00.000Z","6.7.5","5.0",[20,55,22,23,24],"disable-feed","https:\u002F\u002Fwpmet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-rss-rdf-atom-feeds.1.1.zip",92,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":10,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":76,"download_link":77,"security_score":68,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-feeds-wp","Disable Feeds WP","1.7","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Disable Feeds WP is a WordPress plugin to disable all RSS\u002FAtom\u002FRDF WordPress feeds on your website\u002Fblog. It is very useful if you use WordPress purely as a content management system (and not for blogging). All requests for feeds will be redirected to the corresponding HTML content.\u003C\u002Fp>\n\u003Cp>There are a couple of options to tweak the plugin’s behavior – go to \u003Ccode>Settings -> Reading\u003C\u002Fcode> to see them.\u003C\u002Fp>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fdisable-feeds-wp\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n",10000,26094,100,5,"2025-07-17T11:10:00.000Z","6.8.5","4.9","7.4",[20,21,22,24,75],"wordpress-feeds","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-feeds-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds-wp.1.7.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":28,"num_ratings":28,"last_updated":88,"tested_up_to":52,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":18,"download_link":96,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-rss-feeds-and-comments","Disable Feeds and Comments","1.5.1","Haseeb Asghar","https:\u002F\u002Fprofiles.wordpress.org\u002Fhaseebasghar\u002F","\u003Cp>This WordPress plugin, “Disable RSS Feeds and Comments,” gives you the ability to turn off both the RSS feeds and comments on pages and\u002For posts with a few simple clicks. The plugin adds an option under the WordPress Settings menu with a checkbox to disable the RSS feeds. Additionally, it provides two more checkboxes to disable comments on either pages or posts, or both.\u003C\u002Fp>\n\u003Cp>This plugin is ideal for website owners who want to restrict access to their site’s content via RSS feeds and\u002For comments. It provides a quick and simple solution for those looking to enhance the privacy and security of their website. Additionally, the plugin is compatible with the latest version of WordPress, ensuring that it will work seamlessly with your website.\u003C\u002Fp>\n\u003Cp>\u003Cem>It takes lots of efforts to develop and support a plugin. Please send us your feedback and questions to fix your issue before leaving a bad review.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>How it works?\u003C\u002Fh3>\n\u003Cp>Just Click on options that you want this plugin to add into your website like disabling feeds or comments on pages\u002Fposts under the Disable Feeds and Comments Menu\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Feeds on your website\u003C\u002Fli>\n\u003Cli>Disable Comments on your Pages\u003C\u002Fli>\n\u003Cli>Disable Comments on your Posts\u003C\u002Fli>\n\u003Cli>Restrict content access via RSS Feeds\u002FComments\u003C\u002Fli>\n\u003C\u002Ful>\n","This WordPress plugin, \"Disable RSS Feeds and Comments,\" gives you the ability to turn off both the RSS feeds and comments on pages and\u002For p …",400,4218,"2024-12-01T21:06:00.000Z","4.7","7.0",[92,93,94,4,95],"disable-comments","disable-comments-on-pages","disable-comments-on-posts","disable-rss-feeds","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-rss-feeds-and-comments.1.5.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":86,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":113,"download_link":114,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rss-just-better","RSS Just Better","1.4","Stefi","https:\u002F\u002Fprofiles.wordpress.org\u002Fstefsoton\u002F","\u003Cp>It displays a list of feed items from a given feed URL. You can select cache recreation frequency, the number of displayable news and whether you want publication date, time (and in which format), an excerpt and reference to the plugin homepage displayed or not. You can also choose to have a ordered (numbered) or unordered (bullet-point) list and to open a new windows or not, when clicking on the linked items. You can truncate title and\u002For excerpt to a certain amount of chars and can sort the itmes by date\u002Ftime or title.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>= Usage as a Shortcode =\u003Cbr \u002F>\n* In Posts\u002FPages->Add New or Edit of your wp adminstration, select the HTML tab in the entry form;\u003Cbr \u002F>\n* enter either the following (if you want to display a generic feed):\u003Cbr \u002F>\n[RSSjb feed=”replace-with-the-rss-or-atom-feed-URL-you-wish-to-display”]\u003Cbr \u002F>\nor the following (if you want to display a Google News feed):\u003Cbr \u002F>\n[RSSjb location=”replace-with-the-Google-s-location-code-of-the-country-language-you-want-news-from”]\u003Cbr \u002F>\nA list of the \u003Ca href=\"http:\u002F\u002Fwww.stefonthenet.com\u002F2010\u002F02\u002F21\u002Fgoogle-news-localization-codes\u002F\" rel=\"nofollow ugc\">Google localization codes\u003C\u002Fa> is here.\u003Cbr \u002F>\nOptional attributes for Google News feeds are the following:\u003Cbr \u002F>\n* local: city, state\u002Fprovince or zipcode (of Usa or Canada news and in English only)\u003Cbr \u002F>\n* gsearch: search-words according to google search syntax. Learn a few \u003Ca href=\"http:\u002F\u002Fwww.stefonthenet.com\u002Fgoogles-search-operators\u002F\" rel=\"nofollow ugc\">Tips\u003C\u002Fa> about Google search (default: none); (See note 4)\u003Cbr \u002F>\n* topic: any of Google’s topic-codes (default: Top Stories). Here is a \u003Ca href=\"http:\u002F\u002Fwww.stefonthenet.com\u002F2010\u002F02\u002F21\u002Fgoogle-news-topic-codes\u002F\" rel=\"nofollow ugc\">list of topic codes\u003C\u002Fa>. (See also notes 3 and 4)\u003Cbr \u002F>\nOther Optional attributes:\u003Cbr \u002F>\n* filter: enter any keyword which needs to be present or avoided in the titles of the choosen feed’s items. (See Note 1)\u003Cbr \u002F>\n* num: max number of items to be displayed, when all present in the feed (default: 5. If you enter 0 all the items in the feed will be displayed) (See Note 2);\u003Cbr \u002F>\n* ltime: max age (in hours from publication) of item as a condition for displaying it (default: none)\u003Cbr \u002F>\n* list: either “ul” or “ol” to get unordered or ordered lists (default: “ul”);\u003Cbr \u002F>\n* target: either “_blank” or “_self” to get links opened in a new or the same window (default: “_blank”);\u003Cbr \u002F>\n* pubdate: either true or false to display the publication date\u002Fnot (default: false);\u003Cbr \u002F>\n* pubtime: either true or false to display the publication time\u002Fnot (default: false);\u003Cbr \u002F>\n* dformat: customized date format (default: none. None displays the wp standard date format if pubdate is true);\u003Cbr \u002F>\n* tformat: customized time format (default: none. None displays the wp standard time format if pubtime is true);\u003Cbr \u002F>\n* pubauthor: true\u002Ffalse whether you allow this plugin homepage to be displayed in the footer or not (please, say yes) (default: true);\u003Cbr \u002F>\n* excerpt: either true or false to display the excerpt\u002Fnot (default: false);\u003Cbr \u002F>\n* charex: limit the number of the ecerpt chars to be displayed (default: none = all chars will be displayed);\u003Cbr \u002F>\n* chartle: limit the number of the title chars to be displayed (default: none = all chars will be displayed);\u003Cbr \u002F>\n* title: title for the items list (default: none);\u003Cbr \u002F>\n* link: either true or false if the title is linked to the RSS\u002FAtom feed URL\u002Fnot (default: false);\u003Cbr \u002F>\n* sort: either true to display the list in alphabetic order (by title) or false to display in reverse date\u002Ftime order (default: false);\u003Cbr \u002F>\n* cachefeed: cache refresh for the feed (in seconds) (default: 3600 => 1h);\u003C\u002Fp>\n\u003Ch4>Usage As a widget\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>in Appearance -> Widgets of your wp administration, drag & drop the RSS Just Better widget to any widget-ready area of your wp;\u003C\u002Fli>\n\u003Cli>Now, complete the widget form:\u003Cbr \u002F>\n** Enter a title to be given to your items list;\u003Cbr \u002F>\n** Choose whether you want the widget title linkable to the feed URL or not;\u003Cbr \u002F>\n** Enter the RSS\u002FAtom feed URL of the items you wish to display OR\u003Cbr \u002F>\n** Enter the location of the Google News feed items you wish to display;\u003Cbr \u002F>\n** Enter topic or search keys, local (all optionals) if you chose a Google News feed;\u003Cbr \u002F>\n** Enter the frequency for the cache refresh (in seconds);\u003Cbr \u002F>\n** Choose if you want your list sorted by title instead of the standard date\u002Ftime;\u003Cbr \u002F>\n** Enter any keyword which needs to be present or excluded in the titles of the choosen feed items. (See Note 1)\u003Cbr \u002F>\n** Enter the max number of items you want to display (when available) (See Note 2). If you enter 0 all the items in the feed will be displayed;\u003Cbr \u002F>\n** Enter the max age (in hours from publishing) an item needs to have to be displayed. Useful for less frequently updated feeds;\u003Cbr \u002F>\n** Enter a certain amount of chars, if you want to truncate the titles;\u003Cbr \u002F>\n** Choose whether you want a publication date\u002Ftime (and what formats), excerpt (and how many chars of it) or not;\u003Cbr \u002F>\n** Select whether you want a dotted list (default) or a numbered\u002Fordered list;\u003Cbr \u002F>\n** Select whether you want the linked items to open up in a new page (default) or in the same page;\u003Cbr \u002F>\n** Choose whether you allow this plugin homepage to be displayed or not (please, say yes);\u003Cbr \u002F>\n** Click on ‘Save’ (and ‘Close’ the widget form, if you want).\u003Cbr \u002F>\n(1) Notes on ‘filter’ attribute\u002Fparameter:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Col>\n\u003Cli>You can enter one of more words to be able to select your feed’s items by keyword. So if you write “foo bar” you will INCLUDE ONLY those titles where ANY of the two word(s) is present and if you write “-foo -bar” you will EXCLUDE ALL those titles where any of the two words is present instead.\u003C\u002Fli>\n\u003Cli>You can also mix inclusive and exclusive terms as in “foo -bar” of course (it will include only titles with “foo” and without “bar”.)\u003C\u002Fli>\n\u003Cli>Search is case insensitive and searches for keywords in the titles only.\u003C\u002Fli>\n\u003Cli>Wildshars, quotes and boolean are not enabled for this search.\u003Cbr \u002F>\n(2) Note on ‘num’ attribute\u002Fparameter:\u003Cbr \u002F>\nThe maximum number of displayable articles\u002Fitems depends on the number of articles stored into the XML page (RSS\u002FAtom feed page) of the website you want to syndicate (i.e. if you wish to display the latest 15 items and the original feed contains 10 items only, then only 10 items will be displayed).\u003Cbr \u002F>\n(3) Note on ‘topic’ attribute\u002Fparameter:\u003Cbr \u002F>\nNot all topics are set for all countries\u002Flanguages.  If you select a topic for a country where this is not provided (as yet?) then the “Top stories” (the default) will be displayed instead.\u003Cbr \u002F>\n(4) Note on ‘topic’ & ‘gsearch’ attributes\u002Fparameters:\u003Cbr \u002F>\nGoogle (not me!) allows to search by topic OR by search-word(s). The two “filters” do not work together: if topic AND search-keys are both entered by the user, then the search-keys will be ignored and no error message will be displayed.\u003Cbr \u002F>\n(5) Note on ‘Local’ attribute\u002Fparameter:\u003Cbr \u002F>\nThis option is available for Google News in English limited to Usa and Canada. It allows to enter city, region or postcode for local news results only.\u003Cbr \u002F>\nExample of shortcode with all attributes and their default values for a generic feed URL:\u003Cbr \u002F>\n[RSSjb feed=”http:\u002F\u002Ffeeds.feedburner.com\u002FStefaniasBlog” filter=”” num=”5″ ltime=”” list=”ul” target=”_blank” pubdate=”false” pubtime=”false” dformat=”” tformat=”” pubauthor=”true” excerpt=”false” charex=”150″ title=”” link=”false” sort=”false” cachefeed=”3600″]\u003Cbr \u002F>\nExample of shortcode with all attributes and their default values for a Google News feed URL:\u003Cbr \u002F>\n[RSSjb location=”us” local=”” topic=”” gsearch=”” filter=”” num=”5″ ltime=”” list=”ul” target=”_blank” pubdate=”false” pubtime=”false” dformat=”” tformat=”” pubauthor=”true” excerpt=”false” charex=”150″ title=”” link=”false” sort=”false” cachefeed=”3600″]\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>The Future\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>being able to view images (and media files) too\u003C\u002Fli>\n\u003Cli>more feeds for more websites\u003C\u002Fli>\n\u003Cli>filter by keywords in description too (new attribute)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Interaction\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Would you like to see a new feature in this plugin? Please write me here: stefonthenet@gmail.com;\u003C\u002Fli>\n\u003Cli>Would you like to see a broken\u002Forphan plugin working again? Write me anyhow, I might (hey, MIGHT) find the time to give it a look.\u003C\u002Fli>\n\u003C\u002Ful>\n","Displays a list of RSS\u002FAtom feed items given the feed URL and other parameters (optionals). Highly customizable.",46433,90,8,"2015-11-19T18:37:00.000Z","4.3.34","2.8",[20,112,22,24],"feed","http:\u002F\u002Fwww.stefonthenet.com\u002Frss-just-better-plugin-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-just-better.1.4.zip",{"slug":116,"name":117,"version":44,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":18,"tags":129,"homepage":18,"download_link":132,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-feeds-and-hide-usernames","Disable Feeds And Hide Usernames","thapa.laxman","https:\u002F\u002Fprofiles.wordpress.org\u002Fthapalaxman\u002F","\u003Ch3>Disable Feeds And Hide Usernames\u003C\u002Fh3>\n\u003Cp>removes the rss feeds like below. For a simple CMS site it is not required.\u003Cbr \u002F>\n* http:\u002F\u002Fexample.com\u002Ffeed\u002F\u003Cbr \u002F>\n* http:\u002F\u002Fexample.com\u002Ffeed\u002Frss\u002F\u003Cbr \u002F>\n* http:\u002F\u002Fexample.com\u002Ffeed\u002Frss2\u002F\u003Cbr \u002F>\n* http:\u002F\u002Fexample.com\u002Ffeed\u002Frdf\u002F\u003Cbr \u002F>\n* http:\u002F\u002Fexample.com\u002Ffeed\u002Fatom\u002F\u003C\u002Fp>\n\u003Ch4>Why Hide WordPress Usernames\u003C\u002Fh4>\n\u003Cp>WordPress usernames can easily be guessed. If guessed it makes the attackers’ life easier especially in case of a targeted WordPress hack attack. Attackers can use a tool such as WPScan to guess your WordPress username or simply by entering a URL such as the following:\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.example.com\u002F?author=1\u003C\u002Fp>\n\u003Cp>If the author ID is valid then they will be redirected to the author URL, for example:\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.example.com\u002Fauthor\u002Fadmin\u003C\u002Fp>\n\u003Cp>The above is possible even when you change the WordPress user IDs. For example if you changed the user ID to 1000, then by requesting the URL http:\u002F\u002Fwww.example.com\u002F?author=1000 the attacker can guess the username. This means that you would be delaying the guessing attack but not completely eliminating it.\u003C\u002Fp>\n\u003Cp>WordPress usernames can also be found in the source of rss feeds.\u003C\u002Fp>\n\u003Ch3>Disable Feeds And Hide Usernames\u003C\u002Fh3>\n\u003Cp>hides the usernames to make it harder for the attacker.\u003C\u002Fp>\n","This tiny and lightweight plugin removes all the rss feeds  and hides usernames.",300,4097,80,3,"2018-12-28T09:37:00.000Z","5.0.25","3.0.1",[4,130,131],"hide-username","remove-rss","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-feeds-and-hide-usernames.1.2.zip",{"attackSurface":134,"codeSignals":165,"taintFlows":182,"riskAssessment":210,"analyzedAt":217},{"hooks":135,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":28,"unprotectedCount":28},[136,142,146,151,157],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_init","admin_setup","disable-feeds.php",29,{"type":137,"name":143,"callback":144,"file":140,"line":145},"wp_loaded","remove_links",32,{"type":137,"name":147,"callback":148,"priority":149,"file":140,"line":150},"template_redirect","filter_feeds",1,33,{"type":152,"name":153,"callback":154,"priority":155,"file":140,"line":156},"filter","bbp_request","filter_bbp_feeds",9,34,{"type":137,"name":158,"callback":159,"file":140,"line":160},"plugins_loaded","register_text_domain",37,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":181},[],{"prepared":28,"raw":28,"locations":168},[],{"escaped":28,"rawEcho":170,"locations":171},4,[172,175,177,179],{"file":140,"line":173,"context":174},52,"raw output",{"file":140,"line":176,"context":174},53,{"file":140,"line":178,"context":174},54,{"file":140,"line":180,"context":174},55,[],[183,202],{"entryPoint":184,"graph":185,"unsanitizedCount":149,"severity":201},"redirect_feed (disable-feeds.php:115)",{"nodes":186,"edges":198},[187,192],{"id":188,"type":189,"label":190,"file":140,"line":191},"n0","source","$_SERVER",134,{"id":193,"type":194,"label":195,"file":140,"line":196,"wp_function":197},"n1","sink","wp_redirect() [Open Redirect]",138,"wp_redirect",[199],{"from":188,"to":193,"sanitized":200},false,"medium",{"entryPoint":203,"graph":204,"unsanitizedCount":149,"severity":201},"\u003Cdisable-feeds> (disable-feeds.php:0)",{"nodes":205,"edges":208},[206,207],{"id":188,"type":189,"label":190,"file":140,"line":191},{"id":193,"type":194,"label":195,"file":140,"line":196,"wp_function":197},[209],{"from":188,"to":193,"sanitized":200},{"summary":211,"deductions":212},"The 'disable-feeds' plugin v1.4.4 exhibits a generally good security posture based on the static analysis provided. The absence of dangerous functions, SQL queries not using prepared statements, file operations, and external HTTP requests is a significant strength. Furthermore, the plugin has no known vulnerabilities, indicating a history of stability and potentially good security practices from the developer.\n\nHowever, there are notable areas of concern. The analysis reveals that 100% of the observed outputs are not properly escaped. This is a critical security weakness that could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without sanitization. Additionally, the taint analysis identified two flows with unsanitized paths, which, while not rated as critical or high severity in this specific scan, warrants attention as it suggests potential pathways for malicious input to affect program execution.\n\nIn conclusion, while the plugin's core functionality appears to be implemented securely, the lack of output escaping presents a significant risk. The unsanitized paths, though not explicitly severe, also suggest potential improvements. Addressing the output escaping issue should be a priority to mitigate XSS risks. The clean vulnerability history is positive, but it should not lead to complacency, especially given the identified code concerns.",[213,215],{"reason":214,"points":107},"100% of outputs unescaped",{"reason":216,"points":170},"2 flows with unsanitized paths","2026-03-16T17:26:17.331Z",{"wat":219,"direct":224},{"assetPaths":220,"generatorPatterns":221,"scriptPaths":222,"versionParams":223},[],[],[],[],{"cssClasses":225,"htmlComments":229,"htmlAttributes":230,"restEndpoints":231,"jsGlobals":232,"shortcodeOutput":233},[226,227,228],"disable_feeds_redirect_yes","disable_feeds_redirect_no","disable_feeds_allow_main",[],[],[],[],[]]