[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fB8iUUZjq2xPyb-7scHhdwThliZKx0-FiaylCvlgRI-U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":39,"fingerprints":58},"disable-theme-and-plugin-editor","Disable Theme and Plugin Editor","1.1","Farzad Sotoode","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaster-farzad\u002F","\u003Cp>Disable Theme and Plugin Editors from WordPress Admin Panel for security reasons\u003C\u002Fp>\n\u003Cp>By default WordPress allows users to edit the theme and plugin codes through the admin panel.\u003Cbr \u002F>\nWhile it is a handy feature, it can be very dangerous as well. This simple plugin can end up locking you out of your site unless ofcourse you have the FTP access.\u003Cbr \u002F>\nTo prevent clients from screwing up the site, it is best to disable the theme and plugin editors from the WordPress admin panel.\u003C\u002Fp>\n","Disable Theme and Plugin Editors from WordPress Admin Panel for security reasons",20,2606,100,1,"2014-02-03T21:24:00.000Z","3.7.41","2.8","",[20,21,22,23],"disable-plugin-editing-in-wp","disable-plugin-editor","disable-theme-editing-in-wp","disable-theme-editor","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-theme-and-plugin-editor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-theme-and-plugin-editor.1.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"master-farzad",5,250,30,84,"2026-04-04T04:21:32.572Z",[],{"attackSurface":40,"codeSignals":46,"taintFlows":53,"riskAssessment":54,"analyzedAt":57},{"hooks":41,"ajaxHandlers":42,"restRoutes":43,"shortcodes":44,"cronEvents":45,"entryPointCount":27,"unprotectedCount":27},[],[],[],[],[],{"dangerousFunctions":47,"sqlUsage":48,"outputEscaping":50,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":52},[],{"prepared":27,"raw":27,"locations":49},[],{"escaped":27,"rawEcho":27,"locations":51},[],[],[],{"summary":55,"deductions":56},"The static analysis of the \"disable-theme-and-plugin-editor\" v1.1 plugin reveals an exceptionally clean codebase from a security perspective.  There are no identified entry points like AJAX handlers, REST API routes, or shortcodes, meaning there are no direct attack vectors exposed by the plugin's functionality.  Furthermore, the code signals are all positive, with no dangerous functions, all SQL queries using prepared statements, and all output properly escaped.  The absence of file operations and external HTTP requests further contributes to a robust security posture.  The plugin's vulnerability history is also clear, with no known CVEs or past incidents, suggesting a history of secure development.",[],"2026-03-16T23:10:09.409Z",{"wat":59,"direct":64},{"assetPaths":60,"generatorPatterns":61,"scriptPaths":62,"versionParams":63},[],[],[],[],{"cssClasses":65,"htmlComments":66,"htmlAttributes":67,"restEndpoints":68,"jsGlobals":69,"shortcodeOutput":70},[],[],[],[],[],[]]