[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnd4LexOVOYZqiC7WmvPoKwluzpP_rQt8-Fy7DKhACS0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":39,"analysis":146,"fingerprints":213},"dx-template-manager","DX Template Manager","1.1","Mario Peshev","https:\u002F\u002Fprofiles.wordpress.org\u002Fnofearinc\u002F","\u003Cp>Create page templates like the ones in your theme folder but through a “DX Templates” menu in your Admin dashboard. Paste HTML, JS and PHP code which you could assign to your posts, pages or custom post types via a meta box dropdown. Create page templates and apply them to be evaluated.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: eval() function is used. However, it is available only for admin users to submit code and normally admin users could do a lot harm or upload external harmful plugins as well.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>A complete demo is available here:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjtsbXfNi7ts?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Create page templates like the ones in your theme folder but through a \"DX Templates\" menu in your Admin dashboard - HTML, JS, PHP supported &hellip;",10,4248,100,1,"2014-09-08T15:01:00.000Z","4.0.38","3.3.1","",[20,21,22,23],"evaluation","execute","php","template","http:\u002F\u002Fdevrix.com\u002Ftemplate-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdx-template-manager.1.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"nofearinc",13,5120,86,164,69,"2026-04-05T01:02:58.190Z",[40,66,90,110,128],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":61,"download_link":62,"security_score":63,"vuln_count":64,"unpatched_count":27,"last_vuln_date":65,"fetched_at":29},"include-me","Include Me","1.3.7","Stefano Lissa","https:\u002F\u002Fprofiles.wordpress.org\u002Fsatollo\u002F","\u003Cp>Include Me helps to include in posts or pages external files usually to be shared\u003Cbr \u002F>\nbetween different posts or pages or that contains PHP or other code that can be\u003Cbr \u002F>\ncompromised by the visual editor.\u003C\u002Fp>\n\u003Cp>The use is immediate: the shortcode [includeme] is all that you need (see the documentation\u003Cbr \u002F>\non \u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Finclude-me\" rel=\"nofollow ugc\">Include Me official page\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>The best way to use it is to include functionalities\u003Cbr \u002F>\nwritten in external PHP that will be rendered in post body or to include pieces of\u003Cbr \u002F>\njavascript that will be hard to add with WordPress editor.\u003C\u002Fp>\n\u003Cp>Inclusions can be rendered with IFRAME if needed to create boxes that display\u003Cbr \u002F>\nexternal web pages.\u003C\u002Fp>\n\u003Cp>This plugin is made of few line of code, ultralite!\u003C\u002Fp>\n\u003Cp>Other plugins by Stefano Lissa:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fhyper-cache\" rel=\"nofollow ugc\">Hyper Cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.thenewsletterplugin.com\" rel=\"nofollow ugc\">Newsletter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fheader-footer\" rel=\"nofollow ugc\">Header and Footer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Fthumbnails\" rel=\"nofollow ugc\">Thumbnails\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translation\u003C\u002Fh4>\n\u003Cp>You can contribute to translate this plugin in your language on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\" rel=\"nofollow ugc\">WordPress Translate\u003C\u002Fa>\u003C\u002Fp>\n","Include Me helps to include any external file (textual, HTML or PHP) in posts or pages.",4000,91243,96,21,"2026-02-05T15:36:00.000Z","6.9.4","6.1","7.0",[57,58,59,22,60],"external-page","iframe","include","php-execute","https:\u002F\u002Fwww.satollo.net\u002Fplugins\u002Finclude-me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finclude-me.1.3.7.zip",97,2,"2025-09-09 00:00:00",{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":76,"num_ratings":77,"last_updated":78,"tested_up_to":53,"requires_at_least":79,"requires_php":80,"tags":81,"homepage":86,"download_link":87,"security_score":88,"vuln_count":64,"unpatched_count":27,"last_vuln_date":89,"fetched_at":29},"wp-w3all-phpbb-integration","WP w3all phpBB","3.0.4","axew3","https:\u002F\u002Fprofiles.wordpress.org\u002Faxewww\u002F","\u003Cp>WP w3all phpBB provides free user login and registration integration between a phpBB bulletin board and WordPress CMS.\u003C\u002Fp>\n\u003Ch4>Wp w3all phpBB integration\u003C\u002Fh4>\n\u003Cp>Integration cookie based between WordPress and phpBB installed on same and subdomains.\u003C\u002Fp>\n\u003Cp>After the setup and initialization of the plugin, WP users will automatically be added into phpBB when they register into WordPress (or in the case of old existent users, when they will login into WordPress), while without using the phpBB extension installed into phpBB, if users are allowed to register in phpBB, they will be added into WordPress when they will visit the WordPress side as logged in or at their first login in WordPress (or install the phpBB extension to add users at same time into WordPress when they register in phpBB). But you could use the plugin just only to transfer users between phpBB and WordPress by activating the plugin as not linked (read the help install page), or to show phpBB posts into a WordPress hosted into another domain\u003C\u002Fp>\n\u003Ch4>Widgets\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login\u002Flogout widget (anyway users can login\u002Flogout\u002Fregister on any WordPress or phpBB login form)\u003C\u002Fli>\n\u003Cli>Last Topic Posts widget(Links, Links and Text, With or Without Avatars), Read\u002FUnread Topics\u002FPosts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Auto Embed phpBB into WordPress Template\u003C\u002Fh4>\n\u003Cp>WP w3all phpBB is capable of running in iframe mode and automatically embedding phpBB into WordPress template. Setup for the iframe responsive embedded procedure is quick and quite easy!\u003C\u002Fp>\n\u003Ch4>WP to phpBB and phpBB to WP users\u003C\u002Fh4>\n\u003Cp>Transfer WP users into your phpBB forums and vice versa\u003C\u002Fp>\n\u003Ch4>phpBB avatars into WordPress options\u003C\u002Fh4>\n\u003Cp>Option to use phpBB avatars to replace WP Gravatars\u003C\u002Fp>\n\u003Ch4>WordPress MUMS ready\u003C\u002Fh4>\n\u003Cp>It is possible to integrate a WP Multisite network, but linking the same phpBB forum into each subsite\u003C\u002Fp>\n\u003Ch4>Shortcodes and more options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002F2017\u002F07\u002Fwordpress-shortcode-phpbb-posts-into-wp-post\u002F\" rel=\"nofollow ugc\">Shortcode to display phpBB posts on WordPress posts\u002Fpages as formatted bbcode or plain text\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002F2017\u002F09\u002Fwordpress-shortcode-last-phpbb-topics-posts-into-wp-post\u002F\" rel=\"nofollow ugc\">Shortcode to display recent phpBB Topics\u002FPosts on WordPress posts\u002Fpages\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002Fwordpress-phpbb-integration-install\u002F\" rel=\"nofollow ugc\">Check the list of others available Shortcodes on the Common How To section of the install help page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Users Transfer options\u003C\u002Fli>\n\u003Cli>Check more options and features in the WP admin Settings -> WP_w3all (config page). More documentation can be found at the \u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002Fwordpress-phpbb-integration-install\u002F\" rel=\"nofollow ugc\">WP w3all phpBB help page\u003C\u002Fa> and into inline plugin admin page hints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress phpBB integration without linking users\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002F2018\u002F01\u002Fwordpress-phpbb-integration-without-linking-users\u002F\" rel=\"nofollow ugc\">Display phpBB posts and Last Topics Widgets into WordPress posts\u002Fpages, also cross domain, without linking users\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Help pages\u003C\u002Fh4>\n\u003Cp>WP w3all phpBB help page with common questions, setup and usage guides, and answers to frequently asked questions to be up and running in minutes are available here:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.axew3.com\u002Fw3\u002Fwordpress-phpbb-integration-install\u002F\" rel=\"nofollow ugc\">WP w3all phpBB help page\u003C\u002Fa>\u003C\u002Fp>\n","w3all WP phpBB integration - easy, light.",300,81924,94,31,"2025-10-12T07:39:00.000Z","6.0.0","7.2",[82,83,84,23,85],"integration","login","phpbb","user","http:\u002F\u002Faxew3.com\u002Fw3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-w3all-phpbb-integration.3.0.4.zip",98,"2025-04-09 00:00:00",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":13,"num_ratings":64,"last_updated":100,"tested_up_to":101,"requires_at_least":102,"requires_php":18,"tags":103,"homepage":108,"download_link":109,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"html-php-pages-and-posts","Custom HTML\u002FPHP Post Templates","2.0.0","Stephen AfamO","https:\u002F\u002Fprofiles.wordpress.org\u002Fstephenafamo\u002F","\u003Cp>This plugin allows you to use any HTML or PHP file as the template for any page or post.\u003C\u002Fp>\n\u003Cp>Simply upload the file and select it.\u003Cbr \u002F>\nYou can upload custom js and css files into the media library and link to them from the HTML file.\u003C\u002Fp>\n\u003Cp>Options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Overwrite All: You overwrite the entire theme and use your custom file\u003C\u002Fli>\n\u003Cli>Overwrite Content: Keeps the header, footer, sidebar, e.t.c. Simply overwrites the body of the page or post\u003C\u002Fli>\n\u003Cli>Above Content: Your custom content is simply added to the top of the page content\u003C\u002Fli>\n\u003Cli>Below Content: You custom content is placed just beneath the page content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Adding support for custom post types\u003C\u002Fh4>\n\u003Cp>By default the pulugin works with pages and posts, however, go to the settings to enable it on any other registered post type.\u003C\u002Fp>\n\u003Cp>use the \u003Ccode>hppp_post_types\u003C\u002Fcode> filter to add more post types.\u003C\u002Fp>\n\u003Cp>Like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    public function post_type_modify ($post_types) {\n        $post_types[] = 'custom_post_type';\n        return $post_types;\n    }\n\n    add_filter( 'hppp_post_types', 'post_type_modify' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use your HTML or PHP files for any page or post.",60,8262,"2017-07-09T19:42:00.000Z","4.8.28","3.0.1",[104,105,106,107,22],"custom-pages","custom-posts","custom-templates","html","http:\u002F\u002Fwww.github.com\u002Fstephenafamo\u002Fhtml-php-pages-and-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtml-php-pages-and-posts.2.0.0.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":27,"num_ratings":27,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":126,"download_link":127,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"php-widgetify","PHP-Widgetify","1.0","RMWebsec","https:\u002F\u002Fprofiles.wordpress.org\u002Frmwebsec\u002F","\u003Cp>Like a normal text widget this allows you to easily post text and HTML, but\u003Cbr \u002F>\nnow you can execute PHP too!\u003Cbr \u002F>\nThis makes merging with other themes easier.\u003C\u002Fp>\n\u003Cp>!IMPORTANT! You must use  tags for the code to be\u003Cbr \u002F>\nrecognized.\u003C\u002Fp>\n","Execute HTML, Text or PHP fast and easy with this Widgetify-widget.",40,6488,"2009-11-08T13:55:00.000Z","2.9.2","2.8",[21,107,22,124,125],"text","widget","http:\u002F\u002Frmwebsec.com\u002Fportfolio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphp-widgetify.zip",{"slug":129,"name":130,"version":131,"author":132,"author_profile":133,"description":134,"short_description":135,"active_installs":11,"downloaded":136,"rating":50,"num_ratings":137,"last_updated":138,"tested_up_to":139,"requires_at_least":102,"requires_php":18,"tags":140,"homepage":144,"download_link":145,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"acf-php-vars","ACF PHP VARS","1.3","samjco","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamjco\u002F","\u003Cp>Finally being able to copy all ACF field variables is here!!!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Supports ACF PRO!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin was build for the awesomeness of the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-custom-fields\u002F\" title=\"Advanced custom fields | ACF\" rel=\"ugc\">Advanced Custom Fields\u003C\u002Fa> plugin created by Elliot Condon, so that referencing custom fields is fast and makes life easier for developers.\u003C\u002Fp>\n\u003Cp>You are now able to get a complete list of fields that you’ve created, make adjustments with the available options, and simply copy-and-paste them right into your theme template. No more switching back-and-forth screens in order to copy-and-paste field names into your file. whew!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily switch from field names to field IDs.\u003C\u002Fli>\n\u003Cli>Easily choose between the_field() or get_field() functions to use.\u003C\u002Fli>\n\u003Cli>Show all fields-group with fields OR just the fields created within the current field group section.\u003C\u002Fli>\n\u003Cli>Show Example field code and decriptions.\u003C\u002Fli>\n\u003Cli>Works great with ACF PRO\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>I hope you enjoy this plugin and if it works for you, please add your rating. Your donations to (https:\u002F\u002FPayPal.Me\u002Fsamjco) will help to make this plugin better!\u003C\u002Fp>\n\u003Cp>[Demo video:\u003C\u002Fp>\n\u003Cp>](https:\u002F\u002Fscreencast.com\u002Ft\u002FpS9dukeU\u002F\u003C\u002Fp>\n\u003Cp>Demo Video | Screencast\u003C\u002Fp>\n\u003Cp>“)\u003C\u002Fp>\n\u003Cp>\u003Cem>Special thanks to the ACF display plugin.\u003C\u002Fem>\u003C\u002Fp>\n","Lists all ACF\u002FACF PRO variables of created fields so that you can simply copy-and-paste into your theme template files.",3142,5,"2018-10-04T05:58:00.000Z","4.9.29",[141,142,22,23,143],"acf","advanced-custom-fields","theme","https:\u002F\u002Flinkedin.com\u002Fin\u002Fsamcohen","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-php-vars.zip",{"attackSurface":147,"codeSignals":181,"taintFlows":201,"riskAssessment":202,"analyzedAt":212},{"hooks":148,"ajaxHandlers":177,"restRoutes":178,"shortcodes":179,"cronEvents":180,"entryPointCount":27,"unprotectedCount":27},[149,155,160,164,168,173],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","init","post_type_callback","dx-template-manager.php",16,{"type":156,"name":157,"callback":158,"file":153,"line":159},"filter","template_include","apply_remote_template",20,{"type":150,"name":161,"callback":162,"file":153,"line":163},"add_meta_boxes","meta_boxes_callback",23,{"type":150,"name":165,"callback":166,"file":153,"line":167},"save_post","update_dynamic_template",25,{"type":150,"name":169,"callback":170,"file":171,"line":172},"admin_menu","add_options_page_callback","dx-template-protector.class.php",14,{"type":150,"name":174,"callback":175,"file":171,"line":176},"admin_init","register_settings",17,[],[],[],[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":188,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":200},[],{"prepared":64,"raw":14,"locations":184},[185],{"file":153,"line":186,"context":187},129,"$wpdb->get_results() with variable interpolation",{"escaped":14,"rawEcho":189,"locations":190},4,[191,194,196,198],{"file":153,"line":192,"context":193},99,"raw output",{"file":153,"line":195,"context":193},138,{"file":153,"line":197,"context":193},140,{"file":171,"line":199,"context":193},75,[],[],{"summary":203,"deductions":204},"The \"dx-template-manager\" plugin version 1.1 exhibits a generally strong security posture based on the provided static analysis.  The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with an exposed attack surface is a significant positive.  Furthermore, the lack of dangerous function usage, file operations, and external HTTP requests mitigates common plugin vulnerabilities.  The vulnerability history is also clean, with no recorded CVEs, suggesting a well-maintained or less-targeted plugin.\n\nHowever, there are areas for concern.  The limited output escaping (only 20% properly escaped) presents a risk of Cross-Site Scripting (XSS) vulnerabilities, especially if any of the unescaped outputs handle user-supplied data or data from less trusted sources.  The complete absence of nonce checks and capability checks, while not directly exploitable given the lack of entry points, indicates a lack of defense-in-depth. If new entry points are added in future versions without corresponding security checks, this could become a significant vulnerability.\n\nIn conclusion, version 1.1 of \"dx-template-manager\" appears relatively secure due to its minimal attack surface and clean vulnerability history. The primary weakness lies in the insufficient output escaping, which should be addressed to prevent potential XSS attacks. The lack of authorization and nonces, while not an immediate threat, represents a missed opportunity for robust security practices.",[205,208,210],{"reason":206,"points":207},"Insufficient output escaping",8,{"reason":209,"points":137},"Missing nonce checks",{"reason":211,"points":137},"Missing capability checks","2026-03-17T00:07:46.597Z",{"wat":214,"direct":219},{"assetPaths":215,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[],[],[],[],{"cssClasses":220,"htmlComments":221,"htmlAttributes":222,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":225},[],[],[],[],[],[]]