[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fs9kxqxczvj2cadlF3QN3qJflY39hzQFmF4OFg88pKfk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":131,"fingerprints":232},"edit-profile-fields","Edit Profile Fields","1.0.0","wezley","https:\u002F\u002Fprofiles.wordpress.org\u002Fwezley\u002F","\u003Cp>Create, show, hide and delete custom contact info fields on your users profiles.\u003C\u002Fp>\n\u003Cp>Add extra fields to the ‘Contact Info’ section of the user profile page!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add unlimited fields to the Contact Info section\u003C\u002Fli>\n\u003Cli>Name the fields anything you want\u003C\u002Fli>\n\u003Cli>Show or hide your custom fields\u003C\u002Fli>\n\u003Cli>Delete your custom fields and user data\u003C\u002Fli>\n\u003Cli>Show or hide the Colour Scheme Picker\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit https:\u002F\u002Feditprofilefields.com to suggest or request a feature!\u003C\u002Fp>\n","Create, show, hide and delete custom contact info fields on your users profiles.",10,1598,0,"2020-11-07T14:40:00.000Z","5.5.18","5.5","7.0",[19,20,21,22],"admin","custom-profile","profile","user-profile","https:\u002Fcustomprofilefields.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-profile-fields.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-04T11:21:16.587Z",[35,58,76,97,112],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"custom-user-profile-photo","Custom User Profile Photo","0.5.3","Vincent Listrani","https:\u002F\u002Fprofiles.wordpress.org\u002Fvincentlistrani\u002F","\u003Cp>A more flexible way to attach and display a photo for a WordPress user profile.\u003C\u002Fp>\n\u003Cp>Some users might not have or want to have a gravatar account or other universal avatar account. They simply may want to use a one-time specified photo to represent them on your WordPress site. This plugin solves that use case.\u003C\u002Fp>\n\u003Cp>With the ability to upload a photo to a user profile via the WordPress Media Uploader or by specifying an external URL to an image, your users and\u002For authors can have a personalized photo specific to your website.*\u003C\u002Fp>\n\u003Cp>This plugin will add a custom set of fields to the user profile page which will allow for the use of a custom profile photo.\u003C\u002Fp>\n\u003Cp>You can add\u002Fchange\u002Fedit uploaded photos directly from the user profile page. The external option allows you to provide a URL to the external image or remove it.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>As of v0.4\u003C\u002Fstrong>, the plugin now filters the get_avatar() function found in most WordPress themes.\u003C\u002Fp>\n\u003Cp>Simply go to the users section and select a user or select “Your Profile” depending on your permission level. The new fields are added to the bottom of the user profile page. Choose which type of photo you want to use. Upload an image or add an external url. Then press the Update Profile button.\u003C\u002Fp>\n\u003Cp>If you require a customized approach or your theme does not support the get_avatar() hook, use the example below.\u003C\u002Fp>\n\u003Cp>To retrieve the photo on the front-end use the following example on your template page(s).\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n    \u002F\u002F Retrieve The Post's Author ID\n    $user_id = get_the_author_meta('ID');\n    \u002F\u002F Set the image size. Accepts all registered images sizes and array(int, int)\n    $size = 'thumbnail';\n\n    \u002F\u002F Get the image URL using the author ID and image size params\n    $imgURL = get_cupp_meta($user_id, $size);\n\n    \u002F\u002F Print the image on the page\n    echo '\u003Cimg src=\"'. $imgURL .'\" alt=\"\">';\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You will need to place the code above in each area of your theme where you wish to add and retrieve your theme’s custom avatar image. This can include but is not limited to single.php, page.php, and comments.php.\u003C\u002Fp>\n\u003Cp>*Future Updates to this plugin include allowing other roles to access this feature, a settings page to allow a custom default image and other options.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default, always included\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003Cli>Hungarian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Thanks to \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ffinalwebsites\u002F\" rel=\"nofollow ugc\">Olaf Lederer\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fharkalygergo\" rel=\"nofollow ugc\">Harkály Gergő\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fsqhendr\u002F\" rel=\"nofollow ugc\">sqhendr\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fsomtijds\u002F\" rel=\"nofollow ugc\">SOMTIJDS\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.closemarketing.es\" rel=\"nofollow ugc\">David Pérez\u003C\u002Fa>\u003C\u002Fp>\n","Add a customized User Profile photo to a WordPress user profile.",5000,150231,88,26,"2017-05-24T05:25:00.000Z","4.7.32","3.6.1","",[52,53,54,55,22],"custom-profile-photo","custom-profile-picture","profile-photo","profile-picture","http:\u002F\u002Fvincentlistrani.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-user-profile-photo.0.5.3.zip",{"slug":55,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":50,"tags":72,"homepage":50,"download_link":75,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"Profile Picture","1.0","Arul Jayaraj","https:\u002F\u002Fprofiles.wordpress.org\u002Faruljayarajs\u002F","\u003Cp>Users can set his profile picture from admin end and as well as Front End.\u003C\u002Fp>\n\u003Cp>Admin End it would come automatically based on the user role, who has \u003Ccode>upload_files\u003C\u002Fcode> capability, otherwise we need to assign capability to them.\u003C\u002Fp>\n\u003Cp>In Front End when we use \u003Ccode>\u003C?php do_action('edit_user_profile',$current_user); ?>\u003C\u002Fcode> on edit profile section, it would be placed on additonal user profile fields.\u003C\u002Fp>\n\u003Cp>*Future Updates: Display current user images alone, short code and migrate withsocial media profile pictures.\u003C\u002Fp>\n","Set a profile picture as your wish using media upload.",80,8715,86,3,"2016-06-03T02:30:00.000Z","4.5.33","3.0",[53,54,55,73,74],"user-photo","user-profile-picture","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprofile-picture.1.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":50,"tested_up_to":70,"requires_at_least":88,"requires_php":50,"tags":89,"homepage":93,"download_link":94,"security_score":95,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":96},"tismy-user-profile-upload","Tismy User Profile Upload","1.0.2","Elliott Richmond","https:\u002F\u002Fprofiles.wordpress.org\u002Ferichmond\u002F","\u003Cp>Sometimes handing your site over to clients or when you run a site with multiple users if can be a pain to explain how your\u003Cbr \u002F>\nusers can create their own profile picture for comments or any other custom functionality that uses the get_avatar() function.\u003C\u002Fp>\n\u003Cp>Before they would have to create a global Gravatar account which is fine if that’s what you want however, with this plugin there\u003Cbr \u002F>\nis no need to rely on your users having a Gravatar account.\u003C\u002Fp>\n\u003Cp>This plugin will allow the users on your WordPress site to upload their own Profile Picture through the Media Library either by Uploading a new file or choosing one from the Media Library.\u003C\u002Fp>\n","Upload your own user profile picture rather than falling back to the default or having your users create a Gravatar account.",40,4331,96,5,"3.0.1",[19,90,91,22,92],"upload","user","users","http:\u002F\u002Fwww.squareonemd.co.uk\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftismy-user-profile-upload.1.0.2.zip",100,"2026-03-15T10:48:56.248Z",{"slug":98,"name":99,"version":60,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":95,"num_ratings":30,"last_updated":105,"tested_up_to":49,"requires_at_least":106,"requires_php":50,"tags":107,"homepage":110,"download_link":111,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"buddypress-profile-view-from-admin","Plugin Name: Buddypress profile view from admin","rameshwor.maharjan","https:\u002F\u002Fprofiles.wordpress.org\u002Frameshwormaharjan\u002F","\u003Cp>This buddypress plugin allows admin  user to view a member profile page from admin user list page.\u003C\u002Fp>\n","This plugin allows admin user to view buddypress profile from admin amd will not work without buddypress.",2966,"2013-09-12T04:44:00.000Z","2.9.1",[19,108,109],"buddypress","user-profile-view","http:\u002F\u002Fwebavenue.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-profile-view-from-admin.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":11,"downloaded":120,"rating":95,"num_ratings":30,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":50,"tags":124,"homepage":129,"download_link":130,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"dashboard-user-profile-detais-dupd","Dashboard User profile Detais-(DUPD)","2.0","Mahamodul Hasan Khan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhk-hasan-khan\u002F","\u003Cp>This plugin add a Butiful Widget for you site Dashboard.\u003C\u002Fp>\n\u003Cp>Show in site deshboard = User Avatar , Username , E-mail , Register Date & Much More\u003Cbr \u002F>\nif you make blog site u can use this plugin\u003Cbr \u002F>\nmust active gravatar\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>its auto generate widget.\u003C\u002Fli>\n\u003Cli>full profile show.\u003C\u002Fli>\n\u003Cli>Setting page “Dashboard User profile Detais-(DUPD)” under “setting” menu to set the Template Text of your Widget.  \u003C\u002Fli>\n\u003Cli>Simple plugin so that you can customize it as per your need. \u003C\u002Fli>\n\u003Cli>Easy to configure\u003C\u002Fli>\n\u003C\u002Ful>\n","A smart, easy way to add Dashboard User Profile Widget to your Wordpress Site.",4805,"2019-10-01T09:22:00.000Z","5.2.24","3.8",[125,126,127,91,128],"dashboard-user-profile-detais","profile-detais","profile-widget","wp-admin-profile","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdashboard-user-profile-detais-dupd\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-user-profile-detais-dupd.zip",{"attackSurface":132,"codeSignals":153,"taintFlows":205,"riskAssessment":224,"analyzedAt":231},{"hooks":133,"ajaxHandlers":149,"restRoutes":150,"shortcodes":151,"cronEvents":152,"entryPointCount":13,"unprotectedCount":13},[134,140,145],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","admin_menu","cpf_options_page","edit-profile-fields.php",42,{"type":141,"name":142,"callback":143,"priority":11,"file":138,"line":144},"filter","user_contactmethods","cpf_hide_contactmethods",43,{"type":135,"name":146,"callback":147,"file":138,"line":148},"edit_user_profile_update","cpf_update_user_profile",44,[],[],[],[],{"dangerousFunctions":154,"sqlUsage":155,"outputEscaping":194,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":203,"bundledLibraries":204},[],{"prepared":13,"raw":156,"locations":157},17,[158,161,164,166,169,171,173,174,175,178,180,183,185,187,188,191,192],{"file":138,"line":159,"context":160},64,"$wpdb->get_results() with variable interpolation",{"file":138,"line":162,"context":163},99,"$wpdb->get_var() with variable interpolation",{"file":138,"line":165,"context":160},103,{"file":167,"line":46,"context":168},"includes\\options-html.php","$wpdb->query() with variable interpolation",{"file":167,"line":170,"context":168},52,{"file":167,"line":172,"context":168},81,{"file":167,"line":32,"context":168},{"file":167,"line":86,"context":160},{"file":176,"line":177,"context":163},"includes\\table-create.php",18,{"file":176,"line":179,"context":163},39,{"file":176,"line":181,"context":182},41,"$wpdb->get_row() with variable interpolation",{"file":176,"line":184,"context":182},54,{"file":176,"line":186,"context":182},67,{"file":176,"line":65,"context":182},{"file":189,"line":190,"context":160},"uninstall.php",9,{"file":189,"line":156,"context":168},{"file":189,"line":193,"context":168},21,{"escaped":195,"rawEcho":196,"locations":197},25,2,[198,201],{"file":167,"line":199,"context":200},185,"raw output",{"file":167,"line":202,"context":200},208,6,[],[206],{"entryPoint":207,"graph":208,"unsanitizedCount":13,"severity":223},"\u003Coptions-html> (includes\\options-html.php:0)",{"nodes":209,"edges":220},[210,215],{"id":211,"type":212,"label":213,"file":167,"line":214},"n0","source","$_POST",46,{"id":216,"type":217,"label":218,"file":167,"line":170,"wp_function":219},"n1","sink","query() [SQLi]","query",[221],{"from":211,"to":216,"sanitized":222},true,"low",{"summary":225,"deductions":226},"The \"edit-profile-fields\" v1.0.0 plugin presents a mixed security posture.  On the positive side, its static analysis reveals no identified attack surface through AJAX, REST API, shortcodes, or cron events, and no dangerous functions, file operations, or external HTTP requests were detected. The vast majority of output is properly escaped, and capability checks are in place, indicating an effort towards secure coding practices.  However, a significant concern arises from the SQL queries; all 17 queries are executed without prepared statements, which is a major security risk, particularly in the context of user-submitted data.  The absence of nonce checks, while not directly tied to an exposed attack vector in this analysis, is a common security oversight that could be exploited if an attack surface were to be discovered.  The plugin's vulnerability history is clean, with no known CVEs, which is a strong positive indicator. Despite the lack of direct vulnerabilities in its history, the raw SQL queries represent a tangible and exploitable risk that needs immediate attention.",[227,229],{"reason":228,"points":11},"All SQL queries lack prepared statements",{"reason":230,"points":68},"No nonce checks implemented","2026-03-17T01:04:12.767Z",{"wat":233,"direct":239},{"assetPaths":234,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[235],"\u002Fwp-content\u002Fplugins\u002Fedit-profile-fields\u002Fincludes\u002Foptions.css",[],[],[],{"cssClasses":240,"htmlComments":241,"htmlAttributes":242,"restEndpoints":243,"jsGlobals":244,"shortcodeOutput":245},[],[],[],[],[],[]]