[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYVWQJOpO3KP1DFqIJdHrtXo0V_AWZYbhHR4BbZ8QRw8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":45,"crawl_stats":35,"alternatives":51,"analysis":52,"fingerprints":390},"doubledome-resource-link-library","Resource Library for Logged In Users","1.6","doubledome","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoubledome\u002F","\u003Cp>Introducing the remarkable Resource Library for Logged In Users, a dynamic WordPress plugin meticulously crafted to elevate the functionality of your website. This exceptional tool serves as an all-encompassing and well-structured repository, housing a wealth of invaluable resources and links. Whether your aim is to curate an array of helpful websites, disseminate reference materials, or compile a collection of beneficial links tailored to your audience, rest assured that this plugin will surpass your expectations.\u003C\u002Fp>\n\u003Cp>One of the standout features of the Resource Library for Logged In Users is its remarkable versatility, allowing you to effortlessly create and manage multiple categories to seamlessly organize your resources. Embracing a user-friendly interface, this plugin empowers you to effortlessly add, edit, and delete resources with just a few clicks. The streamlined process offered by this plugin ensures that your links are consistently well-organized, enabling you to maintain an up-to-date and user-friendly resource library on your website.\u003C\u002Fp>\n\u003Cp>Discover the limitless possibilities of the Resource Library for Logged In Users and revolutionize the way you present valuable information to your visitors. Experience the convenience, efficiency, and elegance this plugin brings to your website, as it empowers you to curate a comprehensive and easily accessible collection of resources. With the Resource Library for Logged In Users, enhancing your website’s functionality has never been more effortless.\u003C\u002Fp>\n\u003Cp>Our plugin provides you with the ability to personalize and seamlessly integrate the resource library with your website’s unique design. Embrace the freedom to choose from a variety of display options, including grid or list view, and effortlessly match the colors, fonts, and styles to align with your website’s distinctive branding.\u003C\u002Fp>\n\u003Cp>The Resource Library for Logged In Users plugin is not just about aesthetics. It boasts an impressive array of search capabilities, ensuring that users can swiftly locate specific resources based on keywords, tags, or categories. With this feature, we prioritize a seamless and efficient user experience, allowing visitors to effortlessly find the information they need without any unnecessary complications.\u003C\u002Fp>\n\u003Cp>But that’s not all. Our plugin is meticulously crafted to be responsive, guaranteeing that your resource library shines and operates flawlessly on all devices. Whether your visitors are using desktops, tablets, or mobile phones, they will be able to conveniently access your valuable resources and links. We understand the importance of accessibility, and we have designed our plugin accordingly.\u003C\u002Fp>\n\u003Cp>In summary, the Resource Library for Logged In Users plugin is a valuable tool for website owners and administrators who want to create a well-organized and easily navigable resource library on their WordPress websites. With its intuitive interface, customization options, and powerful search functionality, managing and sharing valuable links and resources becomes a breeze. Enhance your website’s functionality and provide a valuable resource hub for your audience with the Resource Library for Logged In Users plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How to Use the Resource Link Library Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\nAfter installing and activating the plugin, it will automatically create the necessary database tables for storing resources and categories.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Admin users with “read post” access: Can view the list of resources and categories.\u003C\u002Fli>\n\u003Cli>Admin users with “edit post” access: Have the ability to create, edit, and delete categories and resources.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Resource Link Library Plugin Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create and manage multiple categories in the resource library.\u003C\u002Fli>\n\u003Cli>Add and organize multiple links with clickable titles.\u003C\u002Fli>\n\u003Cli>Assign each link to one or more categories.\u003C\u002Fli>\n\u003Cli>Utilize smart search functionality to quickly find resources.\u003C\u002Fli>\n\u003Cli>Includes search and pagination for easy navigation within the category and resource link views.\u003C\u002Fli>\n\u003Cli>Email support for plugin-related inquiries\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Do you have questions or issues with Resource Library for Logged In Users Setup? Please send an email to \u003Ca href=\"mailto:pluginsupport@doubledome.com?subject=Resource%20Link%20Library%20Plugin%20Support:%20DoubleDome%20Digital%20Marketing\" rel=\"nofollow ugc\">pluginsupport@doubledome.com\u003C\u002Fa>.\u003C\u002Fp>\n","This Resource Library, Link Library, PDF Library, Document Library, and Video Library plugin enables admins to organize and store categorized resource &hellip;",40,1923,0,"2025-12-17T13:28:00.000Z","6.9.4","5.4","",[19,20,21,22,23],"link-management-wordpress","resource-library-plugin","resource-link-library","resources-link-management","wordpress-link-library","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdoubledome-resource-link-library.1.6.zip",99,1,"2025-12-11 15:10:16","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":6,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":44},"CVE-2025-14354","resource-library-for-logged-in-users-cross-site-request-forgery-to-multiple-administrative-actions","Resource Library for Logged In Users \u003C= 1.5 - Cross-Site Request Forgery to Multiple Administrative Actions","The Resource Library for Logged In Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing nonce validation on multiple administrative functions. This makes it possible for unauthenticated attackers to perform various unauthorized actions including creating, editing, and deleting resources and categories via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.5","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2026-01-06 16:57:19",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F71b82f1e-14ae-4eb3-9b46-5fcea1cd5a32?source=api-prod",26,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":44,"trust_score":49,"computed_at":50},6,620,100,94,"2026-04-04T21:03:10.074Z",[],{"attackSurface":53,"codeSignals":69,"taintFlows":244,"riskAssessment":377,"analyzedAt":389},{"hooks":54,"ajaxHandlers":65,"restRoutes":66,"shortcodes":67,"cronEvents":68,"entryPointCount":13,"unprotectedCount":13},[55,61],{"type":56,"name":57,"callback":58,"file":59,"line":60},"action","admin_menu","ddrll_admin_menu","includes\\class-ddrll.php",7,{"type":56,"name":62,"callback":63,"file":59,"line":64},"admin_enqueue_scripts","ddrll_admin_scripts",8,[],[],[],[],{"dangerousFunctions":70,"sqlUsage":71,"outputEscaping":107,"fileOperations":13,"externalRequests":13,"nonceChecks":46,"capabilityChecks":239,"bundledLibraries":240},[],{"prepared":72,"raw":73,"locations":74},20,14,[75,79,82,84,86,88,91,93,95,97,99,101,103,105],{"file":76,"line":77,"context":78},"includes\\class-ddrll-install.php",108,"$wpdb->get_var() with variable interpolation",{"file":59,"line":80,"context":81},61,"$wpdb->get_results() with variable interpolation",{"file":59,"line":83,"context":81},128,{"file":59,"line":85,"context":78},184,{"file":59,"line":87,"context":81},228,{"file":59,"line":89,"context":90},288,"$wpdb->get_row() with variable interpolation",{"file":59,"line":92,"context":78},302,{"file":59,"line":94,"context":81},344,{"file":59,"line":96,"context":81},454,{"file":59,"line":98,"context":81},459,{"file":59,"line":100,"context":78},479,{"file":59,"line":102,"context":78},554,{"file":59,"line":104,"context":90},618,{"file":59,"line":106,"context":78},629,{"escaped":108,"rawEcho":109,"locations":110},119,71,[111,114,115,117,119,121,123,124,125,127,129,131,133,135,137,139,141,143,145,146,148,149,151,152,154,156,158,160,162,164,166,168,170,171,173,174,176,177,179,181,183,185,187,189,191,193,195,197,199,201,202,203,205,207,208,210,212,214,216,218,220,221,223,225,227,229,230,232,233,235,237],{"file":59,"line":112,"context":113},37,"raw output",{"file":59,"line":109,"context":113},{"file":59,"line":116,"context":113},72,{"file":59,"line":118,"context":113},73,{"file":59,"line":120,"context":113},75,{"file":59,"line":122,"context":113},89,{"file":59,"line":122,"context":113},{"file":59,"line":122,"context":113},{"file":59,"line":126,"context":113},109,{"file":59,"line":128,"context":113},125,{"file":59,"line":130,"context":113},131,{"file":59,"line":132,"context":113},133,{"file":59,"line":134,"context":113},150,{"file":59,"line":136,"context":113},156,{"file":59,"line":138,"context":113},159,{"file":59,"line":140,"context":113},162,{"file":59,"line":142,"context":113},207,{"file":59,"line":144,"context":113},218,{"file":59,"line":144,"context":113},{"file":59,"line":147,"context":113},222,{"file":59,"line":147,"context":113},{"file":59,"line":150,"context":113},226,{"file":59,"line":150,"context":113},{"file":59,"line":153,"context":113},239,{"file":59,"line":155,"context":113},246,{"file":59,"line":157,"context":113},248,{"file":59,"line":159,"context":113},251,{"file":59,"line":161,"context":113},254,{"file":59,"line":163,"context":113},257,{"file":59,"line":165,"context":113},259,{"file":59,"line":167,"context":113},322,{"file":59,"line":169,"context":113},334,{"file":59,"line":169,"context":113},{"file":59,"line":172,"context":113},338,{"file":59,"line":172,"context":113},{"file":59,"line":175,"context":113},342,{"file":59,"line":175,"context":113},{"file":59,"line":178,"context":113},359,{"file":59,"line":180,"context":113},366,{"file":59,"line":182,"context":113},368,{"file":59,"line":184,"context":113},371,{"file":59,"line":186,"context":113},374,{"file":59,"line":188,"context":113},377,{"file":59,"line":190,"context":113},379,{"file":59,"line":192,"context":113},443,{"file":59,"line":194,"context":113},469,{"file":59,"line":196,"context":113},470,{"file":59,"line":198,"context":113},472,{"file":59,"line":200,"context":113},486,{"file":59,"line":200,"context":113},{"file":59,"line":200,"context":113},{"file":59,"line":204,"context":113},506,{"file":59,"line":206,"context":113},522,{"file":59,"line":206,"context":113},{"file":59,"line":209,"context":113},525,{"file":59,"line":211,"context":113},530,{"file":59,"line":213,"context":113},533,{"file":59,"line":215,"context":113},536,{"file":59,"line":217,"context":113},571,{"file":59,"line":219,"context":113},582,{"file":59,"line":219,"context":113},{"file":59,"line":222,"context":113},586,{"file":59,"line":224,"context":113},593,{"file":59,"line":226,"context":113},640,{"file":59,"line":228,"context":113},652,{"file":59,"line":228,"context":113},{"file":59,"line":231,"context":113},656,{"file":59,"line":231,"context":113},{"file":59,"line":234,"context":113},663,{"file":59,"line":236,"context":113},725,{"file":59,"line":238,"context":113},729,11,[241],{"name":242,"version":35,"knownCves":243},"Select2",[],[245,261,288,297,311,330,339,352],{"entryPoint":246,"graph":247,"unsanitizedCount":26,"severity":37},"category_search_top (includes\\class-ddrll.php:516)",{"nodes":248,"edges":258},[249,253],{"id":250,"type":251,"label":252,"file":59,"line":206},"n0","source","$_POST['CatName']",{"id":254,"type":255,"label":256,"file":59,"line":206,"wp_function":257},"n1","sink","echo() [XSS]","echo",[259],{"from":250,"to":254,"sanitized":260},false,{"entryPoint":262,"graph":263,"unsanitizedCount":13,"severity":287},"ddrll_resource_list (includes\\class-ddrll.php:34)",{"nodes":264,"edges":282},[265,268,271,273,278,280],{"id":250,"type":251,"label":266,"file":59,"line":267},"$_POST",54,{"id":254,"type":255,"label":269,"file":59,"line":80,"wp_function":270},"get_results() [SQLi]","get_results",{"id":272,"type":251,"label":266,"file":59,"line":267},"n2",{"id":274,"type":255,"label":275,"file":59,"line":276,"wp_function":277},"n3","get_var() [SQLi]",65,"get_var",{"id":279,"type":251,"label":266,"file":59,"line":267},"n4",{"id":281,"type":255,"label":256,"file":59,"line":25,"wp_function":257},"n5",[283,285,286],{"from":250,"to":254,"sanitized":284},true,{"from":272,"to":274,"sanitized":284},{"from":279,"to":281,"sanitized":284},"low",{"entryPoint":289,"graph":290,"unsanitizedCount":13,"severity":287},"ddrll_add_resource_function (includes\\class-ddrll.php:169)",{"nodes":291,"edges":295},[292,294],{"id":250,"type":251,"label":266,"file":59,"line":293},179,{"id":254,"type":255,"label":275,"file":59,"line":85,"wp_function":277},[296],{"from":250,"to":254,"sanitized":284},{"entryPoint":298,"graph":299,"unsanitizedCount":13,"severity":287},"ddrll_edit_resource_function (includes\\class-ddrll.php:280)",{"nodes":300,"edges":308},[301,303,304,307],{"id":250,"type":251,"label":266,"file":59,"line":302},298,{"id":254,"type":255,"label":275,"file":59,"line":92,"wp_function":277},{"id":272,"type":251,"label":305,"file":59,"line":306},"$_POST (x3)",299,{"id":274,"type":255,"label":256,"file":59,"line":167,"wp_function":257},[309,310],{"from":250,"to":254,"sanitized":284},{"from":272,"to":274,"sanitized":284},{"entryPoint":312,"graph":313,"unsanitizedCount":13,"severity":287},"ddrll_category_list (includes\\class-ddrll.php:440)",{"nodes":314,"edges":326},[315,317,318,319,321,324],{"id":250,"type":251,"label":266,"file":59,"line":316},453,{"id":254,"type":255,"label":269,"file":59,"line":96,"wp_function":270},{"id":272,"type":251,"label":266,"file":59,"line":316},{"id":274,"type":255,"label":275,"file":59,"line":320,"wp_function":277},463,{"id":279,"type":251,"label":322,"file":59,"line":323},"$_GET",449,{"id":281,"type":255,"label":256,"file":59,"line":325,"wp_function":257},496,[327,328,329],{"from":250,"to":254,"sanitized":284},{"from":272,"to":274,"sanitized":284},{"from":279,"to":281,"sanitized":284},{"entryPoint":331,"graph":332,"unsanitizedCount":13,"severity":287},"ddrll_add_category_function (includes\\class-ddrll.php:541)",{"nodes":333,"edges":337},[334,336],{"id":250,"type":251,"label":266,"file":59,"line":335},551,{"id":254,"type":255,"label":275,"file":59,"line":102,"wp_function":277},[338],{"from":250,"to":254,"sanitized":284},{"entryPoint":340,"graph":341,"unsanitizedCount":13,"severity":287},"ddrll_edit_category_function (includes\\class-ddrll.php:610)",{"nodes":342,"edges":349},[343,345,346,348],{"id":250,"type":251,"label":266,"file":59,"line":344},628,{"id":254,"type":255,"label":275,"file":59,"line":106,"wp_function":277},{"id":272,"type":251,"label":347,"file":59,"line":344},"$_POST (x2)",{"id":274,"type":255,"label":256,"file":59,"line":226,"wp_function":257},[350,351],{"from":250,"to":254,"sanitized":284},{"from":272,"to":274,"sanitized":284},{"entryPoint":353,"graph":354,"unsanitizedCount":13,"severity":287},"\u003Cclass-ddrll> (includes\\class-ddrll.php:0)",{"nodes":355,"edges":371},[356,357,358,360,361,362,363,365,367,369],{"id":250,"type":251,"label":347,"file":59,"line":267},{"id":254,"type":255,"label":269,"file":59,"line":80,"wp_function":270},{"id":272,"type":251,"label":359,"file":59,"line":267},"$_POST (x6)",{"id":274,"type":255,"label":275,"file":59,"line":276,"wp_function":277},{"id":279,"type":251,"label":359,"file":59,"line":267},{"id":281,"type":255,"label":256,"file":59,"line":25,"wp_function":257},{"id":364,"type":251,"label":322,"file":59,"line":323},"n6",{"id":366,"type":255,"label":256,"file":59,"line":325,"wp_function":257},"n7",{"id":368,"type":251,"label":252,"file":59,"line":206},"n8",{"id":370,"type":255,"label":256,"file":59,"line":206,"wp_function":257},"n9",[372,373,374,375,376],{"from":250,"to":254,"sanitized":284},{"from":272,"to":274,"sanitized":284},{"from":279,"to":281,"sanitized":284},{"from":364,"to":366,"sanitized":284},{"from":368,"to":370,"sanitized":284},{"summary":378,"deductions":379},"The doubledome-resource-link-library v1.6 plugin exhibits a mixed security posture. On the positive side, the static analysis shows a clean attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are unprotected. This indicates a good defensive design against common entry point exploitation.  Furthermore, the plugin demonstrates awareness of security best practices by implementing a decent number of nonce and capability checks. However, there are areas for improvement.  A significant concern is the relatively low percentage of SQL queries that use prepared statements, with 41% being potentially vulnerable to SQL injection if user input is not meticulously handled.  Similarly, the output escaping is only properly implemented in 63% of cases, leaving room for cross-site scripting (XSS) vulnerabilities if dynamically generated content is not sanitized. The taint analysis revealed one flow with an unsanitized path, which, while not classified as critical or high, warrants attention as it represents a potential avenue for data leakage or manipulation. The vulnerability history notes one medium-severity CVE, which, although patched, highlights that the plugin has had past security weaknesses.  The prevalence of Cross-Site Request Forgery (CSRF) in its history suggests a potential recurring pattern if input validation and nonce usage are not consistently robust across all functionalities.  In conclusion, while the plugin has a strong foundation in limiting its attack surface, the code quality in terms of SQL prepared statements and output escaping, along with a past medium vulnerability, indicates a moderate risk profile.",[380,383,385,387],{"reason":381,"points":382},"SQL queries not using prepared statements",10,{"reason":384,"points":46},"Output escaping not properly implemented",{"reason":386,"points":60},"Taint flow with unsanitized path",{"reason":388,"points":382},"Past medium severity CVE","2026-03-16T22:08:11.050Z",{"wat":391,"direct":402},{"assetPaths":392,"generatorPatterns":396,"scriptPaths":397,"versionParams":398},[393,394,395],"\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fadmin_settings.css","\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fselect2.min.css","\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fselect2.min.js",[],[395],[399,400,401],"\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fadmin_settings.css?ver=","\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fselect2.min.css?ver=","\u002Fwp-content\u002Fplugins\u002Fdoubledome-resource-link-library\u002Fassets\u002Fselect2.min.js?ver=",{"cssClasses":403,"htmlComments":405,"htmlAttributes":406,"restEndpoints":407,"jsGlobals":408,"shortcodeOutput":409},[404],"ddrll_box",[],[],[],[],[]]