[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXDlEq-IxfH853EQofIO1Kx6VEQU3pYFCSSHIIq737hU":3,"$f9UaqeajyKcBUz91qRh96OU1BxujZ7aAmPX5YC0jlBYE":483,"$fDX7UQPuBnXOjGVSIM-bG-S2_l_NZLfH7jO4LyD3kj7o":488},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":14,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":49,"crawl_stats":37,"alternatives":55,"analysis":158,"fingerprints":435},"dk-white-label","DK White Label","1.2","dinamiko","https:\u002F\u002Fprofiles.wordpress.org\u002Fdinamiko\u002F","\u003Cp>Are you creating WordPress websites for your clients?\u003Cbr \u002F>\nTake control over Dashboard experience with DK White Label.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login Screen Customization\u003C\u002Fli>\n\u003Cli>Create your own Color Scheme\u003C\u002Fli>\n\u003Cli>Hide Dashboard UI Elements\u003C\u002Fli>\n\u003Cli>Email fields to from…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Github\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDinamiko\u002Fdk-white-label\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FDinamiko\u002Fdk-white-label\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Customize WordPress Dashboard Branding",30,2529,100,1,"2024-10-19T09:27:00.000Z","4.5.33","3.9","",[20,21,22,23,24],"admin-branding","appearance","branding","client","cms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdk-white-label.1.2.zip",91,0,"2024-11-14 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46,"patch_diff_files":47,"patch_trac_url":37,"research_status":37,"research_verified":48,"research_rounds_completed":27,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":48,"poc_model_used":37,"poc_verification_depth":37},"CVE-2025-24541","dk-white-label-reflected-cross-site-scripting","DK White Label \u003C= 1.0 - Reflected Cross-Site Scripting","The DK White Label plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.0","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-25 16:54:48",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7eae5d83-1443-4682-9e97-dfbc08146b18?source=api-prod",104,[],false,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":13,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},4,88,865,71,"2026-05-20T04:47:04.830Z",[56,81,105,125,142],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":79,"unpatched_count":27,"last_vuln_date":80,"fetched_at":29},"white-label-cms","White Label CMS","2.7.9","Video User Manuals","https:\u002F\u002Fprofiles.wordpress.org\u002Fvideousermanuals\u002F","\u003Cp>The White Label CMS plugin is for developers who want to give their clients a more personalised and less confusing content management system.\u003C\u002Fp>\n\u003Cp>For a overview of the changes in 2.0 version of the plugin please visit the Video User Manuals website.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customize the login page\u003C\u002Fli>\n\u003Cli>Add your branding to the header and footer\u003C\u002Fli>\n\u003Cli>Customize the dashboard\u003C\u002Fli>\n\u003Cli>Control which menus appear for your client\u003C\u002Fli>\n\u003Cli>Setting up a customized dashboard can be done in seconds using the White Label CMS Wizard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Customize The Login Page\u003C\u002Fh4>\n\u003Cp>Impress your clients with a branded login page. Add yours or your client’s logo, add a background image and even control the CSS if you wish. Personalising the back end of WordPress will give your client the feeling that this is their website, not a generic website.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLESxAuRdjBw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Add Your Branding to the Header and Footer\u003C\u002Fh4>\n\u003Cp>Stay top of mind with your client by adding your branding to the admin bar, menu or footer.\u003C\u002Fp>\n\u003Ch4>Customize the Dashboard\u003C\u002Fh4>\n\u003Cp>Are you tired of telling your clients to ignore everything on the Dashboard, but then still receive questions because they’re confused or have broken something?\u003C\u002Fp>\n\u003Cp>With White Label CMS you can clear everything from the dashboard and add in your own dashboard panel. You can even add your own RSS feed so your clients can be kept up to date with what you are doing in your business. Which is much more relevant to your client than where and when the next WordPress Meetup is.\u003C\u002Fp>\n\u003Cp>Add your own welcome dashboard, and now you can use an Elementor or Beaver Builder template to make it look beautiful.\u003C\u002Fp>\n\u003Ch4>Control with Menus Appear for Your Client\u003C\u002Fh4>\n\u003Cp>We have created a new feature called the White Label CMS admin which allows you to hide menus for other users. Setup is simple and gives clients admin access with some restrictions making it harder for them to stumble across settings and mess up the site.\u003C\u002Fp>\n\u003Ch4>Setup a Site in Seconds Using the Wizard\u003C\u002Fh4>\n\u003Cp>Setting up a customized dashboard is easy and quick using the White Label CMS Wizard. With just a few clicks, you can add your branding and your client’s details and be up and running in seconds.\u003C\u002Fp>\n\u003Cp>There is so much that you can do with White Label CMS, but we want the experience to be simple. The Wizard allows you to set up a clutter-free, customized dashboard without having to scroll through all of the options that are available to you.\u003C\u002Fp>\n","Customise dashboard panels and branding, hide menus plus lots more.",200000,4374238,94,114,"2026-04-09T03:09:00.000Z","7.0","3.3","5.4",[73,22,24,74,75],"admin","custom","dashboard","https:\u002F\u002Fwww.videousermanuals.com\u002Fwhite-label-cms\u002F?utm_campaign=wlcms&utm_medium=plugin&utm_source=readme-txt","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhite-label-cms.2.7.9.zip",93,7,"2024-08-16 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":101,"download_link":102,"security_score":103,"vuln_count":14,"unpatched_count":27,"last_vuln_date":104,"fetched_at":29},"ulimate-client-dash","Ultimate Client Dash","4.7","WP CodeUs","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpcodeus\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fultimateclientdash.com\u002F\" rel=\"nofollow ugc\">Ultimate Client Dash\u003C\u002Fa> is the most advanced white label WordPress plugin that lets you create the ultimate client dashboard.\u003C\u002Fp>\n\u003Cp>Customize and rebrand the WordPress dashboard and login page, manage user capabilities, white label WordPress, create a coming soon\u002Funder construction landing page, provide instructions for users, create custom widgets, and more.\u003C\u002Fp>\n\u003Cp>Give your clients the experience they deserve with \u003Ca href=\"https:\u002F\u002Fultimateclientdash.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Ultimate Client Dash Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Free Version Features\u003C\u002Fh3>\n\u003Cp>White Label Branding\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customize Admin Top Bar\u003C\u002Fli>\n\u003Cli>Customize footer\u003C\u002Fli>\n\u003Cli>Customize Login and Dashboard completely\u003C\u002Fli>\n\u003Cli>Customize Look and Feel to your Branding needs\u003C\u002Fli>\n\u003Cli>Fully Customize Admin Menu\u003C\u002Fli>\n\u003Cli>Custom Logo on Login and Landing page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Admin Styling:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Transform your dashboard with our beautiful modern theme\u003C\u002Fli>\n\u003Cli>White label WordPress in Admin Panel\u003C\u002Fli>\n\u003Cli>Show or Hide Top Bar menu items like Updates, Comments, and Add New Menu\u003C\u002Fli>\n\u003Cli>Customize Admin link and button colors\u003C\u002Fli>\n\u003Cli>Hide WordPress Version in footer\u003C\u002Fli>\n\u003Cli>Create custom footer text\u003C\u002Fli>\n\u003Cli>Customize howdy greeting text\u003C\u002Fli>\n\u003Cli>Hide Admin bar on front end\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Personalized Login Page:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a beautiful and branded Login Screen\u003C\u002Fli>\n\u003Cli>Custom Logo for Login Page\u003C\u002Fli>\n\u003Cli>Fully customize look and feel with a vast range of integrated styling options\u003C\u002Fli>\n\u003Cli>Show or Hide URL links like Back to Site and Forgot Password\u003C\u002Fli>\n\u003Cli>Add Login background image and overlay\u003C\u002Fli>\n\u003Cli>Add custom text to Login Footer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Client Access:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Assign clients to new user role Clients\u003C\u002Fli>\n\u003Cli>Simplify the WordPress dashboard\u003C\u002Fli>\n\u003Cli>Limit Clients capabilities\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Landing Page:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a Coming Soon page\u003C\u002Fli>\n\u003Cli>Create a Under Construction page\u003C\u002Fli>\n\u003Cli>Custom Logo for Landing Page\u003C\u002Fli>\n\u003Cli>Add Call-To-Action button\u003C\u002Fli>\n\u003Cli>Track Google Analytics\u003C\u002Fli>\n\u003Cli>Fully customize look and feel with a vast range of integrated styling options\u003C\u002Fli>\n\u003Cli>Connect and display Social Media Links\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tracking and Custom Code:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect and Track Google Analytics on website\u003C\u002Fli>\n\u003Cli>Connect Facebooks Pixels\u003C\u002Fli>\n\u003Cli>Add Head Scripts without having to modify theme files\u003C\u002Fli>\n\u003Cli>Add custom Frontend CSS\u003C\u002Fli>\n\u003Cli>Add custom Javascript\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Widgets:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide default WordPress Widget\u003C\u002Fli>\n\u003Cli>Customize Widget Format\u003C\u002Fli>\n\u003Cli>Create Custom Widgets\u003C\u002Fli>\n\u003Cli>Add Shortcodes to Custom Widgets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Custom Welcome Message:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a custom welcome message for clients\u003C\u002Fli>\n\u003Cli>Add images, iframes, shortcodes and more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Version Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add your own custom CSS to style the WordPress dashboard\u003C\u002Fli>\n\u003Cli>Add your own custom CSS to style the WordPress login page\u003C\u002Fli>\n\u003Cli>Simplify the WordPress dashboard by removing menu items from a dynamically populated list for all roles or just for your client\u003C\u002Fli>\n\u003Cli>Create up to 4 custom widgets to be displayed on the WordPress dashboard\u003C\u002Fli>\n\u003Cli>Customize the meta title and description for the landing page\u003C\u002Fli>\n\u003Cli>Add your own custom CSS to style the landing page\u003C\u002Fli>\n\u003Cli>Extend client capabilities will dynamically populate all WordPress core, theme, and plugin capabilities and allow you to assign them to the user role client\u003C\u002Fli>\n\u003Cli>Replace and use of your active themes name with your own rebrand name in the WordPress Dashboard\u003C\u002Fli>\n\u003Cli>Hide all update notification and nags in the WordPress dashboard for user role client\u003C\u002Fli>\n\u003Cli>Disable fatal PHP error protection email notifications. Added in WordPress 5.2\u003C\u002Fli>\n\u003Cli>Disable WordPress auto update email notification\u003C\u002Fli>\n\u003Cli>Hide Ultimate Client Dash from the plugin list for user role client\u003C\u002Fli>\n\u003Cli>Useful site information shortcodes you can use throughout your website to dynamically populate data\u003C\u002Fli>\n\u003Cli>Useful user information shortcodes you can use throughout your website to dynamically populate data\u003C\u002Fli>\n\u003Cli>Useful date shortcodes you can use throughout your website to dynamically populate data\u003C\u002Fli>\n\u003Cli>Useful symbols information shortcodes you can use throughout your website to dynamically populate data\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>The perfect solution for Agencies & Freelancers\u003C\u002Fh3>\n\u003Cp>Experience the convenience of Ultimate Client Dash. Take full control of the WordPress admin area while creating a personalized experience.\u003C\u002Fp>\n","Create a custom client dashboard, manage user capabilities, white label and rebrand WordPress, provide instructions, create custom widgets and more.",2000,70096,96,10,"2025-12-09T11:53:00.000Z","6.9.4","4.6","7.4",[22,23,98,99,100],"custom-dashboard","under-construction","white-label","https:\u002F\u002Fultimateclientdash.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fulimate-client-dash.4.7.zip",99,"2025-09-05 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":115,"num_ratings":14,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":122,"download_link":123,"security_score":124,"vuln_count":27,"unpatched_count":27,"last_vuln_date":37,"fetched_at":29},"content-management-system-dashboard","CMS Dashboard","2.0","3pointross","https:\u002F\u002Fprofiles.wordpress.org\u002F3pointross\u002F","\u003Cp>Improve the usability of your WordPress CMS system. This plug-in creates a dashboard widget with clearly labeled large buttons of the most common tasks one would perform when using wordpress as a content management system.\u003C\u002Fp>\n\u003Cp>I have found that particularly when handing a WordPress CMS over to less than tech-savvy clients, there is often confusion on how to perform some of the more simple tasks simply because the WordPress side menu can be overwhelming. This plugin creates a simple to use dashboard interface that will let clients easily post, edit, manage users and change widgets with out having to do any hunting or searching.\u003C\u002Fp>\n","Improve the usability of your Wordpress CMS system. This plug-in creates a dashboard widget with clearly labeled large buttons of the most common task &hellip;",300,23193,80,"2010-09-07T19:39:00.000Z","3.0.5","3.0",[73,120,23,24,121],"administration","pages","http:\u002F\u002Fworkshop.37designs.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-management-system-dashboard.zip",85,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":13,"num_ratings":14,"last_updated":135,"tested_up_to":94,"requires_at_least":136,"requires_php":96,"tags":137,"homepage":18,"download_link":141,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":37,"fetched_at":29},"all-in-one-login-styler","All in One Login Styler","1.0.1","Shahid Ifraheem","https:\u002F\u002Fprofiles.wordpress.org\u002Fshahidifraheem\u002F","\u003Cp>\u003Cstrong>All in One Login Styler\u003C\u002Fstrong> is a powerful and easy-to-use plugin that allows you to personalize the WordPress login screen without writing a single line of code. Add your own logo, set a background image, and tweak colors to match your site’s branding for a more professional appearance.\u003C\u002Fp>\n\u003Cp>Whether you’re designing a client dashboard, a custom WordPress solution, or simply want to enhance your own site’s login screen, this plugin makes it simple.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Upload and display a custom login logo\u003Cbr \u002F>\n– Set a background image for the login page\u003Cbr \u002F>\n– Customize background and button colors\u003Cbr \u002F>\n– Live preview of logo and background image\u003Cbr \u002F>\n– Simple, user-friendly interface integrated into the WordPress admin\u003Cbr \u002F>\n– Lightweight and compatible with all modern themes and plugins\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Agencies creating branded dashboards for clients\u003Cbr \u002F>\n– Bloggers and business owners who want a unique login experience\u003Cbr \u002F>\n– Developers building white-labeled WordPress solutions\u003C\u002Fp>\n","Easily customize the WordPress login page with your own logo, background image, and custom colors — no coding required.",40,540,"2026-01-28T10:48:00.000Z","6.0",[20,138,139,140,100],"customization-login-page","login","login-page-styler","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fall-in-one-login-styler.1.0.1.zip",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":11,"downloaded":150,"rating":13,"num_ratings":14,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":18,"tags":154,"homepage":155,"download_link":156,"security_score":124,"vuln_count":27,"unpatched_count":27,"last_vuln_date":37,"fetched_at":157},"easily-navigate-pages-on-your-dashboard","Easily navigate pages on dashboard","1.02","tristanbotly","https:\u002F\u002Fprofiles.wordpress.org\u002Ftristanbotly\u002F","\u003Cp>Display a folder tree of your pages that is easy to expand and contract on your Dashboard. Designed for people that use WordPress as a content management system.\u003C\u002Fp>\n\u003Cp>The idea came from developing a site with over 50 pages in multiple folders and it became impossible to follow which page was where in the folder structure.\u003C\u002Fp>\n","Displays a windows explorer style list of your pages on your Dashboard.",8443,"2011-11-23T03:37:00.000Z","3.2.1","2.5",[73,120,23,24,121],"http:\u002F\u002Fwww.tristanbotly.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasily-navigate-pages-on-your-dashboard.zip","2026-04-06T09:54:40.288Z",{"attackSurface":159,"codeSignals":259,"taintFlows":394,"riskAssessment":420,"analyzedAt":434},{"hooks":160,"ajaxHandlers":255,"restRoutes":256,"shortcodes":257,"cronEvents":258,"entryPointCount":27,"unprotectedCount":27},[161,167,172,177,181,185,190,195,199,203,206,211,215,219,223,226,229,234,238,241,246,249,252],{"type":162,"name":163,"callback":164,"file":165,"line":166},"action","plugins_loaded","dkwl_load_textdomain","dk-white-label.php",29,{"type":162,"name":168,"callback":169,"priority":92,"file":170,"line":171},"save_post","save_meta_boxes","includes\u002Fclass-dkwl-admin-api.php",11,{"type":162,"name":173,"callback":174,"priority":171,"file":175,"line":176},"init","init_settings","includes\u002Fclass-dkwl-settings.php",20,{"type":162,"name":178,"callback":179,"file":175,"line":180},"admin_init","register_settings",23,{"type":162,"name":182,"callback":183,"file":175,"line":184},"admin_menu","add_menu_item",26,{"type":162,"name":186,"callback":187,"file":188,"line":189},"login_enqueue_scripts","dkwl_login_styles","includes\u002Fdkwl-functions.php",33,{"type":191,"name":192,"callback":193,"file":188,"line":194},"filter","login_headerurl","my_login_logo_url",38,{"type":191,"name":196,"callback":197,"file":188,"line":198},"login_headertitle","my_login_logo_url_title",43,{"type":191,"name":200,"callback":201,"file":188,"line":202},"show_admin_bar","dkwl_hide_frontend_toolbar_function",56,{"type":162,"name":182,"callback":204,"file":188,"line":205},"dkwl_hide_admin_menus",76,{"type":162,"name":207,"callback":208,"priority":209,"file":188,"line":210},"admin_bar_menu","dkwl_hide_toolbar_elements",999,92,{"type":162,"name":212,"callback":213,"file":188,"line":214},"wp_dashboard_setup","dkwl_hide_dashboard_metaboxes",115,{"type":191,"name":216,"callback":217,"priority":209,"file":188,"line":218},"contextual_help","dkwl_hide_dashboard_help_tab",130,{"type":191,"name":220,"callback":221,"file":188,"line":222},"admin_footer_text","dkwl_admin_footer_text",146,{"type":162,"name":178,"callback":224,"priority":27,"file":188,"line":225},"dkwl_get_custom_color_scheme_css",165,{"type":162,"name":178,"callback":227,"file":188,"line":228},"dkwl_create_custom_color_scheme",207,{"type":191,"name":230,"callback":231,"priority":232,"file":188,"line":233},"get_user_option_admin_color","dkwl_assign_color_scheme",5,221,{"type":191,"name":235,"callback":236,"priority":92,"file":188,"line":237},"pre_update_option_dkwl_admin_footer_text","dkwl_update_field_admin_footer_text",227,{"type":162,"name":173,"callback":239,"file":188,"line":240},"dkwl_sanitize_options",229,{"type":162,"name":242,"callback":243,"priority":244,"file":245,"line":232},"wp_enqueue_scripts","dkwl_enqueue_styles",15,"includes\u002Fdkwl-load-js-css.php",{"type":162,"name":242,"callback":247,"priority":92,"file":245,"line":248},"dkwl_enqueue_scripts",6,{"type":162,"name":250,"callback":251,"priority":92,"file":245,"line":79},"admin_enqueue_scripts","dkwl_admin_enqueue_scripts",{"type":162,"name":250,"callback":253,"priority":92,"file":245,"line":254},"dkwl_admin_enqueue_styles",8,[],[],[],[],{"dangerousFunctions":260,"sqlUsage":261,"outputEscaping":263,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":393},[],{"prepared":27,"raw":27,"locations":262},[],{"escaped":264,"rawEcho":265,"locations":266},49,69,[267,270,272,274,276,278,279,281,282,284,286,288,290,292,293,295,296,297,298,300,302,304,306,307,309,311,313,315,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,381,382,384,385,387,388,389,391],{"file":170,"line":268,"context":269},203,"raw output",{"file":170,"line":271,"context":269},291,{"file":175,"line":273,"context":269},328,{"file":175,"line":275,"context":269},397,{"file":277,"line":79,"context":269},"includes\u002Fdk-white-label-custom-color-scheme.php",{"file":277,"line":171,"context":269},{"file":277,"line":280,"context":269},18,{"file":277,"line":180,"context":269},{"file":277,"line":283,"context":269},27,{"file":277,"line":285,"context":269},32,{"file":277,"line":287,"context":269},37,{"file":277,"line":289,"context":269},46,{"file":277,"line":291,"context":269},61,{"file":277,"line":265,"context":269},{"file":277,"line":294,"context":269},87,{"file":277,"line":26,"context":269},{"file":277,"line":91,"context":269},{"file":277,"line":13,"context":269},{"file":277,"line":299,"context":269},105,{"file":277,"line":301,"context":269},109,{"file":277,"line":303,"context":269},122,{"file":277,"line":305,"context":269},126,{"file":277,"line":218,"context":269},{"file":277,"line":308,"context":269},137,{"file":277,"line":310,"context":269},153,{"file":277,"line":312,"context":269},175,{"file":277,"line":314,"context":269},179,{"file":277,"line":268,"context":269},{"file":277,"line":317,"context":269},218,{"file":277,"line":319,"context":269},231,{"file":277,"line":321,"context":269},249,{"file":277,"line":323,"context":269},257,{"file":277,"line":325,"context":269},280,{"file":277,"line":327,"context":269},302,{"file":277,"line":329,"context":269},303,{"file":277,"line":331,"context":269},309,{"file":277,"line":333,"context":269},321,{"file":277,"line":335,"context":269},358,{"file":277,"line":337,"context":269},367,{"file":277,"line":339,"context":269},416,{"file":277,"line":341,"context":269},425,{"file":277,"line":343,"context":269},430,{"file":277,"line":345,"context":269},437,{"file":277,"line":347,"context":269},443,{"file":277,"line":349,"context":269},447,{"file":277,"line":351,"context":269},448,{"file":277,"line":353,"context":269},452,{"file":277,"line":355,"context":269},453,{"file":277,"line":357,"context":269},454,{"file":277,"line":359,"context":269},458,{"file":277,"line":361,"context":269},459,{"file":277,"line":363,"context":269},466,{"file":277,"line":365,"context":269},471,{"file":277,"line":367,"context":269},476,{"file":277,"line":369,"context":269},481,{"file":277,"line":371,"context":269},490,{"file":277,"line":373,"context":269},501,{"file":277,"line":375,"context":269},512,{"file":277,"line":377,"context":269},523,{"file":277,"line":379,"context":269},527,{"file":277,"line":134,"context":269},{"file":188,"line":280,"context":269},{"file":188,"line":383,"context":269},19,{"file":188,"line":383,"context":269},{"file":188,"line":386,"context":269},22,{"file":188,"line":180,"context":269},{"file":188,"line":184,"context":269},{"file":188,"line":390,"context":269},140,{"file":188,"line":392,"context":269},142,[],[395,411],{"entryPoint":396,"graph":397,"unsanitizedCount":14,"severity":39},"settings_page (includes\u002Fclass-dkwl-settings.php:335)",{"nodes":398,"edges":409},[399,404],{"id":400,"type":401,"label":402,"file":175,"line":403},"n0","source","$_GET",343,{"id":405,"type":406,"label":407,"file":175,"line":275,"wp_function":408},"n1","sink","echo() [XSS]","echo",[410],{"from":400,"to":405,"sanitized":48},{"entryPoint":412,"graph":413,"unsanitizedCount":14,"severity":419},"\u003Cclass-dkwl-settings> (includes\u002Fclass-dkwl-settings.php:0)",{"nodes":414,"edges":417},[415,416],{"id":400,"type":401,"label":402,"file":175,"line":403},{"id":405,"type":406,"label":407,"file":175,"line":275,"wp_function":408},[418],{"from":400,"to":405,"sanitized":48},"low",{"summary":421,"deductions":422},"The \"dk-white-label\" plugin, version 1.2, presents a mixed security posture.  While the static analysis shows a commendable lack of direct attack surface vectors like AJAX handlers, REST API routes, shortcodes, or cron events, and all SQL queries are properly prepared, there are significant areas of concern.  The low percentage of properly escaped output (42%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially given the history of XSS being a common vulnerability type for this plugin.  The taint analysis, despite a limited number of flows analyzed, revealed unsanitized paths, which coupled with the poor output escaping, could allow attackers to inject malicious scripts into the application. The vulnerability history, though showing no currently unpatched critical or high-severity issues, does indicate a past medium-severity vulnerability related to XSS, and the general pattern suggests the need for more robust input validation and output sanitization.  The complete absence of nonce and capability checks on potential entry points (even though there are none identified) is a missed security best practice that could become a problem if new entry points are added in the future without proper security checks.\n\nOverall, the plugin avoids common, easily exploitable entry points, which is a positive sign. However, the identified weaknesses in output escaping and the presence of unsanitized taint flows are critical security flaws that could lead to significant risks if exploited. The historical trend of XSS vulnerabilities further underscores the importance of addressing these issues.  The lack of comprehensive security checks like nonces and capability checks, while not immediately exploitable with the current attack surface, represents a latent risk.  Therefore, while the plugin demonstrates some good practices, the identified output escaping and taint flow issues, combined with historical patterns, necessitate a cautious approach and prompt remediation.",[423,425,427,429,432],{"reason":424,"points":254},"Low percentage of properly escaped output",{"reason":426,"points":248},"Taint flows with unsanitized paths",{"reason":428,"points":232},"History of XSS vulnerabilities",{"reason":430,"points":431},"No nonce checks",3,{"reason":433,"points":431},"No capability checks","2026-04-16T11:23:51.000Z",{"wat":436,"direct":453},{"assetPaths":437,"generatorPatterns":443,"scriptPaths":444,"versionParams":446},[438,439,440,441,442],"\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fcss\u002Fdkwl-admin.css","\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fjs\u002Fdkwl-admin.js","\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fcss\u002Fdkwl-frontend.css","\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fjs\u002Fdkwl-frontend.js","\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fjs\u002Fdkwl-login.js",[],[445],"\u002Fwp-content\u002Fplugins\u002Fdk-white-label\u002Fassets\u002Fjs\u002Fsettings-admin.js",[447,448,449,450,451,452],"dk-white-label\u002Fassets\u002Fcss\u002Fdkwl-admin.css?ver=","dk-white-label\u002Fassets\u002Fjs\u002Fdkwl-admin.js?ver=","dk-white-label\u002Fassets\u002Fcss\u002Fdkwl-frontend.css?ver=","dk-white-label\u002Fassets\u002Fjs\u002Fdkwl-frontend.js?ver=","dk-white-label\u002Fassets\u002Fjs\u002Fdkwl-login.js?ver=","dk-white-label\u002Fassets\u002Fjs\u002Fsettings-admin.js?ver=",{"cssClasses":454,"htmlComments":459,"htmlAttributes":475,"restEndpoints":478,"jsGlobals":479,"shortcodeOutput":482},[455,456,457,458],"dkwl-login-logo","dkwl-admin-footer-text","dkwl-custom-admin-css","dkwl-custom-login-css",[460,461,462,463,464,465,466,467,468,469,470,471,472,473,474],"\u003C!-- DK White Label : login page -->","\u003C!-- DK White Label : admin elements -->","\u003C!-- DK White Label : color scheme -->","\u003C!-- DK White Label : footer -->","\u003C!-- DK White Label : admin footer text -->","\u003C!-- DK White Label : hide menu pages -->","\u003C!-- DK White Label : hide dashboard metaboxes -->","\u003C!-- DK White Label : hide toolbar elements -->","\u003C!-- DK White Label : login page logo -->","\u003C!-- DK White Label : login page background color -->","\u003C!-- DK White Label : hide frontend toolbar -->","\u003C!-- DK White Label : admin custom CSS -->","\u003C!-- DK White Label : login custom CSS -->","\u003C!-- DK White Label : Custom admin footer -->","\u003C!-- DK White Label : Hide Dashboard Help Tab -->",[476,477],"data-dkwl-login-bg-color","data-dkwl-admin-footer-text",[],[480,481],"dkwl_login_options","dkwl_admin_options",[],{"error":484,"url":485,"statusCode":486,"statusMessage":487,"message":487},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fdk-white-label\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":489,"versions":490},2,[491,496],{"version":6,"download_url":25,"svn_tag_url":492,"released_at":37,"has_diff":48,"diff_files_changed":493,"diff_lines":37,"trac_diff_url":494,"vulnerabilities":495,"is_current":484},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdk-white-label\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fdk-white-label%2Ftags%2F1.0&new_path=%2Fdk-white-label%2Ftags%2F1.2",[],{"version":497,"download_url":498,"svn_tag_url":499,"released_at":37,"has_diff":48,"diff_files_changed":500,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":501,"is_current":48},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdk-white-label.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fdk-white-label\u002Ftags\u002F1.0\u002F",[],[502],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6}]