[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDPtkNDPe0zBQ7xiuaqV1RlRhGD81-NlCS9e-AcfcZFM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":133,"fingerprints":179},"edit-category-slug","Edit Category Slug (Multisite)","0.4","Sergey Biryukov","https:\u002F\u002Fprofiles.wordpress.org\u002Fsergeybiryukov\u002F","\u003Cp>Allows to specify or edit a category slug in WordPress Multisite.\u003C\u002Fp>\n","Allows to specify or edit a category slug in WordPress Multisite.",10,5899,0,"2011-02-14T07:30:00.000Z","3.0.5","2.6","",[19,20,21,22,23],"admin","category","multisite","slug","wpmu","http:\u002F\u002Fuplift.ru\u002Fprojects\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-category-slug.0.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"sergeybiryukov",23,312630,86,30,84,"2026-04-04T10:37:35.739Z",[39,49,69,88,112],{"slug":40,"name":41,"version":6,"author":7,"author_profile":8,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":46,"homepage":24,"download_link":48,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"edit-tag-slug","Edit Tag Slug (Multisite)","\u003Cp>Allows to specify or edit a tag slug in WordPress Multisite.\u003C\u002Fp>\n","Allows to specify or edit a tag slug in WordPress Multisite.",3967,"2011-02-14T07:32:00.000Z",[19,21,22,47,23],"tag","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-tag-slug.0.4.zip",{"slug":50,"name":51,"version":52,"author":53,"author_profile":54,"description":55,"short_description":56,"active_installs":57,"downloaded":58,"rating":57,"num_ratings":59,"last_updated":60,"tested_up_to":61,"requires_at_least":62,"requires_php":17,"tags":63,"homepage":66,"download_link":67,"security_score":68,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"network-username-restrictions-override","Network Username Restrictions Override","1.3","Daniel Westermann-Clark","https:\u002F\u002Fprofiles.wordpress.org\u002Fdwc\u002F","\u003Cp>By default, WordPress network usernames cannot contain anything but lowercase letters and numbers. This plugin adds network options to let you include hyphens, underscores, or uppercase letters, if desired.\u003C\u002Fp>\n\u003Cp>Furthermore, this plugin gives you the option to allow email addresses as usernames, or to allow all-numeric usernames (e.g. “1234”).\u003C\u002Fp>\n\u003Cp>Finally, this plugin lets you override the minimum length for usernames (which defaults to four characters).\u003C\u002Fp>\n\u003Cp>To follow updates to this plugin, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F\u003C\u002Fp>\n\u003Cp>For help with this version, visit:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F\u003C\u002Fp>\n","Override restrictions on WordPress network usernames.",100,10464,2,"2024-04-24T14:02:00.000Z","6.5.8","3.4",[19,64,21,65,23],"authentication","network","https:\u002F\u002Fdanieltwc.com\u002F2011\u002Fnetwork-username-restrictions-override-1-0\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnetwork-username-restrictions-override.1.3.zip",92,{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":11,"downloaded":77,"rating":57,"num_ratings":78,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":17,"tags":82,"homepage":86,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"extended-super-admins","Extended Super Admins","0.7b","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>The way that WordPress roles and capabilities are set up, there is only level of Super Admin available. Without this plugin, the only way to grant a user control over certain aspects of the network, you have to grant that user control over all aspects.\u003C\u002Fp>\n\u003Cp>This plugin allows you to revoke specific privileges from any Super Admin on the network. You can create new roles within the site, then assign any Super Admin to that role; effectively removing the appropriate privileges.\u003C\u002Fp>\n\u003Cp>This plugin does not grant any new privileges (with the possible exception of the ability to manage the settings for this plugin itself) to any users. It is only capable of removing privileges.\u003C\u002Fp>\n\u003Cp>This plugin is also built to be compatible with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-multi-network\u002F\" rel=\"ugc\">WordPress Multi Network\u003C\u002Fa> plugin and the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnetworks-for-wordpress\u002F\" rel=\"ugc\">Networks for WordPress\u003C\u002Fa> plugin. If either of those plugins is active, the options for this plugin will be saved and used for all of the networks within the installation.\u003C\u002Fp>\n\u003Cp>This plugin was developed by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fcgrymala\" rel=\"ugc\">Curtiss Grymala\u003C\u002Fa> for the \u003Ca href=\"http:\u002F\u002Fumw.edu\u002F\" rel=\"nofollow ugc\">University of Mary Washington\u003C\u002Fa>. It is licensed under the GPL2, which basically means you can take it, break it and change it any way you want, as long as the original credit and license information remains somewhere in the package.\u003C\u002Fp>\n\u003Ch3>Important Notice\u003C\u002Fh3>\n\u003Cp>It is entirely possible that there could be serious bugs when used in different settings. At this time, I am seeking people to test the plugin, so please report any issues you encounter. Thank you.\u003C\u002Fp>\n\u003Cp>Also, if you are updating from the original public alpha of this plugin, you will need to delete the old version before installing this version. The folder name changed from extended_super_admins in the initial release to extended-super-admins in newer versions.\u003C\u002Fp>\n\u003Cp>If you downloaded and installed this plugin from the WordPress repository, you will not need to do so, as the folder name changed when adding this plugin to that repository.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>This plugin requires WordPress. It might work with WordPressMU versions older than 3.0, but it has not been tested with those.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin requires WordPress to be setup in Multi Site mode. It will not do anything at all if the Multi Site functions are not enabled.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin also requires PHP5. Some attempt has been made to make it compatible with PHP4, but it has not been tested in that environment.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>To Do\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Make the Codex retrieval more efficient (find a better way to cache the information and a better way to compare it to Codex revisions)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Continue to improve the UI for the plugin to make it as user-friendly as possible\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>On occasion, the JavaScript in this plugin might cause CPU usage to spike and freeze the browser momentarily\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin allows you to create multiple levels of Super Admins in a multi-site configuration.",12752,1,"2013-09-03T17:54:00.000Z","3.6.1","3.0",[21,83,84,85,23],"role-manager","site-admin","super-admins","http:\u002F\u002Fplugins.ten-321.com\u002Fextended-super-admins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fextended-super-admins.0.7b.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":68,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":107,"download_link":108,"security_score":109,"vuln_count":110,"unpatched_count":13,"last_vuln_date":111,"fetched_at":28},"admin-menu-editor","Admin Menu Editor","1.15","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>Admin Menu Editor lets you manually edit the Dashboard menu. You can reorder the menus, show\u002Fhide specific items, change permissions, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change menu titles, URLs, icons, CSS classes and so on.\u003C\u002Fli>\n\u003Cli>Organize menu items via drag & drop.\u003C\u002Fli>\n\u003Cli>Change menu permissions by setting the required capability or role.\u003C\u002Fli>\n\u003Cli>Move a menu item to a different submenu. \u003C\u002Fli>\n\u003Cli>Create custom menus that point to any part of the Dashboard or an external URL.\u003C\u002Fli>\n\u003Cli>Hide\u002Fshow any menu or menu item. A hidden menu is invisible to all users, including administrators.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The \u003Ca href=\"http:\u002F\u002Fw-shadow.com\u002FAdminMenuEditor\u002F\" rel=\"nofollow ugc\">Pro version\u003C\u002Fa> lets you set per-role menu permissions, hide a menu from everyone except a specific user, export your admin menu, drag items between menu levels, make menus open in a new window and more. \u003Ca href=\"http:\u002F\u002Famedemo.com\u002Fwpdemo\u002Fdemo.php\" rel=\"nofollow ugc\">Try online demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Additional Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Despite the name, this plugin is not limited to just editing the admin menu. You can also:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create login redirects and logout redirects.\u003C\u002Fli>\n\u003Cli>Allow\u002Fdeny access to specific posts based on user roles.\u003C\u002Fli>\n\u003Cli>Hide plugins on the \u003Cem>Plugins -> Installed Plugins\u003C\u002Fem> page from other users.\u003C\u002Fli>\n\u003Cli>Edit the display name, description, and other plugin details shown on the \u003Cem>Plugins -> Installed Plugins\u003C\u002Fem> page (e.g. for white-labelling).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Shortcodes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin provides a few utility shortcodes. These are mainly intended to help with creating login\u002Flogout redirects, but you can also use them in posts and pages.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[ame-wp-admin]\u003C\u002Fcode> – URL of the WordPress dashboard (with a trailing slash).\u003C\u002Fli>\n\u003Cli>\u003Ccode>[ame-home-url]\u003C\u002Fcode> – Site URL. Usually, this is the same as the URL in the “Site Address” field in \u003Cem>Settings -> General\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[ame-user-info field=\"...\"]\u003C\u002Fcode> – Information about the logged-in user. Parameters:\n\u003Cul>\n\u003Cli>\u003Ccode>field\u003C\u002Fcode> – The part of user profile to display. Supported fields include: \u003Ccode>ID\u003C\u002Fcode>, \u003Ccode>user_login\u003C\u002Fcode>, \u003Ccode>display_name\u003C\u002Fcode>, \u003Ccode>locale\u003C\u002Fcode>, \u003Ccode>user_nicename\u003C\u002Fcode>, \u003Ccode>user_url\u003C\u002Fcode>, and so on.\u003C\u002Fli>\n\u003Cli>\u003Ccode>placeholder\u003C\u002Fcode> – Optional. Text that will be shown if the visitor is not logged in.\u003C\u002Fli>\n\u003Cli>\u003Ccode>encoding\u003C\u002Fcode> – Optional. How to encode or escape the output. This is useful if you want to use the shortcode in your own HTML or JS code. Supported values: \u003Ccode>auto\u003C\u002Fcode> (default), \u003Ccode>html\u003C\u002Fcode>, \u003Ccode>attr\u003C\u002Fcode>, \u003Ccode>js\u003C\u002Fcode>, \u003Ccode>none\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If you delete any of the default menus they will reappear after saving. This is by design. To get rid of a menu for good, either hide it or change it’s access permissions.\u003C\u002Fli>\n\u003Cli>In the free version, it’s not possible to give a role access to a menu item that it couldn’t see before. You can only restrict menu access further.\u003C\u002Fli>\n\u003Cli>In case of emergency, you can reset the menu configuration back to the default by going to http:\u002F\u002Fexample.com\u002Fwp-admin\u002F?reset_admin_menu=1 (replace example.com with your site URL). You must be logged in as an Administrator to do this.\u003C\u002Fli>\n\u003C\u002Ful>\n","Lets you edit the WordPress admin menu. You can re-order, hide or rename menus, add custom menus and more.",400000,7768111,311,"2026-02-20T11:36:00.000Z","6.9.4","5.9","7.4",[19,104,105,106,23],"dashboard","menu","security","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2008\u002F12\u002F20\u002Fadmin-menu-editor-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-menu-editor.1.15.zip",96,3,"2026-03-10 00:00:00",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":68,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":17,"tags":126,"homepage":131,"download_link":132,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"no-category-base-wpml","No Category Base (WPML)","1.4","DigitalME","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalmeactivecampaign\u002F","\u003Cp>As the name suggests this plugin will completely remove the mandatory ‘Category Base’ from your category permalinks ( e.g. ‘mysite.com\u002Fcategory\u002Fmy-category\u002F’ to ‘mysite.com\u002Fmy-category\u002F’ ).\u003C\u002Fp>\n\u003Cp>The plugin requires no setup or modifying core wordpress files and will not break any links. It will also take care of redirecting your old category links to the new ones.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Better and logical permalinks like ‘mysite.com\u002Fmy-category\u002F’ and ‘mysite.com\u002Fmy-category\u002Fmy-post\u002F’.\u003C\u002Fli>\n\u003Cli>Simple plugin – barely adds any overhead.\u003C\u002Fli>\n\u003Cli>Works out of the box – no setup needed.\u003C\u002Fli>\n\u003Cli>No need to modify WordPress files.\u003C\u002Fli>\n\u003Cli>Doesn’t require other plugins to work.\u003C\u002Fli>\n\u003Cli>Compatible with sitemap plugins.\u003C\u002Fli>\n\u003Cli>Compatible with WPML.\u003C\u002Fli>\n\u003Cli>Works with multiple sub-categories.\u003C\u002Fli>\n\u003Cli>Works with WordPress Multisite.\u003C\u002Fli>\n\u003Cli>Redirects old category permalinks to the new ones (301 redirect, good for SEO).\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin removes the mandatory 'Category Base' from your category permalinks. It's compatible with WPML.",100000,856653,33,"2025-11-07T13:46:00.000Z","6.8.5","5.0",[127,128,129,130],"category-base","category-permalinks","category-slug","category-url","https:\u002F\u002Fwww.digitalme.cc\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-category-base-wpml.1.4.zip",{"attackSurface":134,"codeSignals":154,"taintFlows":167,"riskAssessment":168,"analyzedAt":178},{"hooks":135,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":13,"unprotectedCount":13},[136,142,146],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","edit_category_form","ecs_display_slug_row","edit-category-slug.php",42,{"type":137,"name":143,"callback":144,"file":140,"line":145},"edit_category","ecs_edit_slug",55,{"type":137,"name":147,"callback":148,"file":140,"line":149},"admin_init","ecs_remove_sync_category_tag_slugs",60,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":166},[],{"prepared":13,"raw":13,"locations":157},[],{"escaped":110,"rawEcho":110,"locations":159},[160,163,164],{"file":140,"line":161,"context":162},22,"raw output",{"file":140,"line":32,"context":162},{"file":140,"line":165,"context":162},27,[],[],{"summary":169,"deductions":170},"The \"edit-category-slug\" v0.4 plugin exhibits a seemingly strong security posture based on the provided static analysis and vulnerability history. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the analysis indicates a complete absence of dangerous functions, file operations, external HTTP requests, and critical taint analysis findings, which are all positive indicators.\n\nHowever, a notable concern arises from the \"Output escaping\" metric, where only 50% of the total outputs are properly escaped. This suggests a potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs are rendered in a context where they can be interpreted as executable code. Additionally, the complete lack of nonce checks and capability checks, while not directly indicative of a vulnerability given the current attack surface, represents a missing layer of security that could become problematic if the plugin's entry points were to expand in future versions. The vulnerability history being entirely clear is a good sign, but it does not mitigate the risks identified within the current code analysis.\n\nIn conclusion, while the plugin has a minimal attack surface and a clean vulnerability history, the unescaped output is a tangible security risk that should be addressed. The absence of authentication checks on potential future entry points also warrants consideration for a more robust security approach. The plugin is generally well-behaved in its current state, but the output escaping issue presents a clear, albeit potentially low-impact, vulnerability.",[171,174,176],{"reason":172,"points":173},"Unescaped output detected",5,{"reason":175,"points":110},"Missing nonce checks",{"reason":177,"points":110},"Missing capability checks","2026-03-16T23:57:47.393Z",{"wat":180,"direct":186},{"assetPaths":181,"generatorPatterns":182,"scriptPaths":183,"versionParams":185},[],[],[184],"\u002Fwp-content\u002Fplugins\u002Fedit-category-slug\u002Fedit-category-slug.php",[],{"cssClasses":187,"htmlComments":189,"htmlAttributes":192,"restEndpoints":195,"jsGlobals":196,"shortcodeOutput":201},[188],"form-field",[190,191],"\u003C![CDATA[","]]>",[193,194],"name=\"category_nicename\"","id=\"category_nicename\"",[],[197,198,199,200],"form_addcat","form_editcat","slugRow","slugDiv",[]]