[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuhvZVIJ7QyrfS2ydLt3dq2TcmWOPa5c1WFfSg9vttKg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":151,"fingerprints":217},"editorial-access-manager","Editorial Access Manager","0.3.2","Taylor Lovett","https:\u002F\u002Fprofiles.wordpress.org\u002Ftlovett1\u002F","\u003Cp>A simple plugin to let you control who has access to what posts. By default in WordPress, we can create users\u003Cbr \u002F>\nand assign them to roles. Roles are automatically assigned certain capabilities. See the codex article for a list of\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FRoles_and_Capabilities\" rel=\"nofollow ugc\">Roles and Capabilities\u003C\u002Fa>. Sometimes default roles are not enough,\u003Cbr \u002F>\nand we have one-off situations. Editorial Access Manager lets you set which users or roles have access to specific\u003Cbr \u002F>\nposts. Perhaps you have a user who is a Contributor, but you want them to have access to edit one specific page? This\u003Cbr \u002F>\nplugin can help you.\u003C\u002Fp>\n\u003Ch4>Configuration Overview\u003C\u002Fh4>\n\u003Cp>There are no overarching settings for this plugin. Simply go to the edit post screen in the WordPress admin and\u003Cbr \u002F>\nconfigure access settings in the “Editorial Access Manager” meta box in the sidebar.\u003C\u002Fp>\n\u003Ch4>Managing Access by Roles\u003C\u002Fh4>\n\u003Cp>In the “Editorial Access Manager” meta box, enable custom access management by “Roles”. Once enabled, the post can only be\u003Cbr \u002F>\nedited by users that fall into those roles. However, no matter what, the Administrator role can always edit any post.\u003Cbr \u002F>\nThis if for safety reasons. You can also only use roles that have the “edit_posts” capability; therefore “Subscriber” by\u003Cbr \u002F>\ndefault cannot be used.\u003C\u002Fp>\n\u003Ch4>Managing Access by Users\u003C\u002Fh4>\n\u003Cp>In the “Editorial Access Manager” meta box, enable custom access management by “Users”. Once enabled, the post can only be\u003Cbr \u002F>\nedited by designated users. However, no matter what, any administrator can edit any post. This if for safety reasons.\u003Cbr \u002F>\nYou can also only use users that have the “edit_others_posts” capability; therefore “Subscriber” users by default\u003Cbr \u002F>\ncannot be used.\u003C\u002Fp>\n\u003Cp>Fork the plugin on \u003Ca href=\"http:\u002F\u002Fgithub.com\u002Ftlovett1\u002Feditorial-access-manager\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fp>\n","Allow for granular editorial access control for all post types in WordPress",80,6308,98,8,"2017-03-18T19:23:00.000Z","4.9.29","3.6","",[20,21,22,23,24],"editorial-access-management","role-management","user-capabilities","user-permissions","user-roles","http:\u002F\u002Fwww.taylorlovett.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feditorial-access-manager.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"tlovett1",9,8320,88,3845,71,"2026-04-03T20:54:29.128Z",[41,65,88,108,127],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":63,"unpatched_count":63,"last_vuln_date":64,"fetched_at":30},"user-roles-and-capabilities","User Roles and Capabilities","1.2.6","mahabub81","https:\u002F\u002Fprofiles.wordpress.org\u002Fmahabub81\u002F","\u003Cp>manage user roles and capabilities. Create new roles and delete existing roles. Using this plugin you will not be able to modify any capabilities for administrator user role.\u003Cbr \u002F>\nWordPress built in roles cant be deleted.\u003Cbr \u002F>\nIf you find any issue just let us know we will get back to you with the fix in 24 hours.\u003C\u002Fp>\n\u003Ch3>Features of Roles and Capabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fully tested by QA team.\u003C\u002Fli>\n\u003Cli>Create new roles.\u003C\u002Fli>\n\u003Cli>Delete existing roles.\u003C\u002Fli>\n\u003Cli>Clone existing roles.\u003C\u002Fli>\n\u003Cli>Rename Role\u003C\u002Fli>\n\u003Cli>Import \u002F Export Roles and Capabilities\u003C\u002Fli>\n\u003Cli>Manage user Capabilities.\u003C\u002Fli>\n\u003Cli>set permission.\u003C\u002Fli>\n\u003Cli>Change default user role.\u003C\u002Fli>\n\u003Cli>Assign multiple roles to users.\u003C\u002Fli>\n\u003Cli>set permissions \u002F capabilities to users.\u003C\u002Fli>\n\u003Cli>single screen to manage capability for all roles.\u003C\u002Fli>\n\u003Cli>easy to use.\u003C\u002Fli>\n\u003C\u002Ful>\n","Manage user roles and Capabilities, create new roles and change default role.",8000,125081,96,21,"2021-05-09T07:04:00.000Z","5.7.15","3.5",[57,22,24,58,59],"roles-and-capabilities","wordpress-capabilities","wordpress-user-roles","http:\u002F\u002Fsolvease.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-roles-and-capabilities.1.2.6.zip",63,1,"2025-06-19 00:00:00",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":18,"tags":80,"homepage":86,"download_link":87,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-hide-adminbar","WP Hide Admin Bar","1.0.2","P Roy","https:\u002F\u002Fprofiles.wordpress.org\u002Fraviry\u002F","\u003Cp>This plugin will help to hide admin-bar based on selected user roles and user capabilities.\u003C\u002Fp>\n","This plugin will help to hide admin-bar based on selected user roles and user capabilities.",200,2954,100,2,"2020-03-07T12:50:00.000Z","5.4.19","4.5",[81,82,83,84,85],"admin-bar-hide","hide-admin-bar","hide-admin-bar-based-on-user-capabilities","hide-admin-bar-based-on-user-roles","wp-hide-admin-bar","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-hide-adminbar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-hide-adminbar.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":73,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":18,"tags":102,"homepage":18,"download_link":106,"security_score":107,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp247-body-classes","WP247 Body Classes","2.2.0","wescleveland","https:\u002F\u002Fprofiles.wordpress.org\u002Fwescleveland\u002F","\u003Cp>Add unique classes to the body tag for easy styling based on post attributes (post type, slug, and ID) and various WordPress “is” functions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>wp_is_mobile()\u003C\u002Fli>\n\u003Cli>is_home()\u003C\u002Fli>\n\u003Cli>is_front_page()\u003C\u002Fli>\n\u003Cli>is_blog()\u003C\u002Fli>\n\u003Cli>is_admin()\u003C\u002Fli>\n\u003Cli>is_admin_bar_showing()\u003C\u002Fli>\n\u003Cli>is_404()\u003C\u002Fli>\n\u003Cli>is_super_admin()\u003C\u002Fli>\n\u003Cli>is_user_logged_in()\u003C\u002Fli>\n\u003Cli>is_search()\u003C\u002Fli>\n\u003Cli>is_archive()\u003C\u002Fli>\n\u003Cli>is_author()\u003C\u002Fli>\n\u003Cli>is_category()\u003C\u002Fli>\n\u003Cli>is_tag()\u003C\u002Fli>\n\u003Cli>is_tax()\u003C\u002Fli>\n\u003Cli>is_date()\u003C\u002Fli>\n\u003Cli>is_year()\u003C\u002Fli>\n\u003Cli>is_month()\u003C\u002Fli>\n\u003Cli>is_day()\u003C\u002Fli>\n\u003Cli>is_time()\u003C\u002Fli>\n\u003Cli>is_single()\u003C\u002Fli>\n\u003Cli>is_sticky()\u003C\u002Fli>\n\u003Cli>$post->post_type\u003C\u002Fli>\n\u003Cli>$post->name\u003C\u002Fli>\n\u003Cli>$post->ID\u003C\u002Fli>\n\u003Cli>wp_get_post_categories() (Page\u002FPost Categories)\u003C\u002Fli>\n\u003Cli>wp_get_post_tags()       (Page\u002FPost Tags)\u003C\u002Fli>\n\u003Cli>$user->nicename\u003C\u002Fli>\n\u003Cli>$user->id\u003C\u002Fli>\n\u003Cli>$user->roles\u003C\u002Fli>\n\u003Cli>$user->allcaps\u003C\u002Fli>\n\u003Cli>$archive->slug (e.g. Category slug, Tag slug, etc.)\u003C\u002Fli>\n\u003Cli>$archive->id   (e.g. Category id, Tag id, etc.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Add post specific classes to the body tag in the post editor. Use any class name you want to uniquely style an individual post or a set of posts.\u003C\u002Fp>\n\u003Cp>Add classes based on user scrolling through the page. You can check things like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>is-scroll-top        (at the top of the page – synonym for is-not-scroll)\u003C\u002Fli>\n\u003Cli>is-not-scroll-top    (not at the top of the page – synonym for is-scroll)\u003C\u002Fli>\n\u003Cli>is-scroll            (not at the top of the page – synonym for is-not-scroll-top)\u003C\u002Fli>\n\u003Cli>is-not-scroll        (at the top of the page – synonym for is-scroll-top)\u003C\u002Fli>\n\u003Cli>is-scroll-top-px     (has not reached the scroll start value for scroll measurement by pixels)\u003C\u002Fli>\n\u003Cli>is-scroll-top-vh     (has not reached the scroll start value for scroll measurement by viewport height)\u003C\u002Fli>\n\u003Cli>is-scroll-top-dh     (has not reached the scroll start value for scroll measurement by document height)\u003C\u002Fli>\n\u003Cli>is-scroll-10-px      (scrolled down 10 pixels)\u003C\u002Fli>\n\u003Cli>is-scroll-8-vh       (scrolled down 8% of the viewport height)\u003C\u002Fli>\n\u003Cli>is-scroll-5-dh       (scrolled down 5% of the document height)\u003C\u002Fli>\n\u003Cli>is-scroll-mid-px     (has reached the scroll start value but not the scroll limit for scroll measurement by pixels)\u003C\u002Fli>\n\u003Cli>is-scroll-mid-vh     (has reached the scroll start value but not the scroll limit for scroll measurement by viewport height)\u003C\u002Fli>\n\u003Cli>is-scroll-mid-vh     (has reached the scroll start value but not the scroll limit for scroll measurement by document height)\u003C\u002Fli>\n\u003Cli>is-scroll-max-px     (has reached the scroll limit for scroll measurement by pixels)\u003C\u002Fli>\n\u003Cli>is-scroll-max-vh     (has reached the scroll limit for scroll measurement by percent of viewport height)\u003C\u002Fli>\n\u003Cli>is-scroll-max-dh     (has reached the scroll limit for scroll measurement by percent of document height)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Add classes based on the results from mobiledetect.net’s \u003Cstrong>Mobile_Detect\u003C\u002Fstrong> script. This script parses the value passed by the browser in the HTTP_USER_AGENT string. Consequently, mobile detection is more of an art than a science and, unfortunately, is not perfect. You can check things like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>is-mobile\u003C\u002Fli>\n\u003Cli>is-tablet\u003C\u002Fli>\n\u003Cli>is-phone\u003C\u002Fli>\n\u003Cli>Mobile Operating System\u003C\u002Fli>\n\u003Cli>Mobile Browser\u003C\u002Fli>\n\u003Cli>Type of tablet\u003C\u002Fli>\n\u003Cli>Type of phone\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin adds classes to the html body tag indicating:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>whether or not the requesting device is a mobile device (.is-mobile or .is-not-mobile)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>the type of post being viewed (.is-? where ? is the post type (page, post, whetever special post types are defined) ).\u003Cbr \u002F>\n E.g. .is-page or .is-post\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>the slug of the post being viewed (.is-?-! where ? is the post type and ! is the post slug).\u003Cbr \u002F>\n E.g. a post with slug “hello-world’ would have class .is-post-hello-world\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>the ID of the post being viewed (.is-?-# where ? is the post type and # is the post ID).\u003Cbr \u002F>\n E.g. a post with ID “1” would have class .is-page-1\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>whether or not the requested page shows archived results (.is-archive or .is-not-archive)\u003C\u002Fp>\n\u003Cp>If the page being displayed is an archive\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>the type of archive being viewed (.is-? where ? represents the type of archive (author, category, date, tag) )\u003Cbr \u002F>\nE.g. .is-author\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>the slug of the archive being viewed (.is-?-! where ? is the archive type and ! is the archive slug)\u003Cbr \u002F>\nE.g. a category with slug “uncategorized’ would have class .is-category-uncategorized\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>the ID of the archive being viewed (.is-?-# where ? is the archive type and # is the archive ID)\u003Cbr \u002F>\nE.g. a category with ID “1” would have class .is-category-1\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>How far down the page the viewer has scrolled in pixels or as a percentage of viewport height or as a percentage of document height\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Post specific class(es) that are set in the post editor\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Use these classes in your styling to provide a better browsing experience for your viewers.\u003C\u002Fp>\n\u003Ch4>Custom Body Classes\u003C\u002Fh4>\n\u003Cp>Create your own Custom Body Classes by adding your PHP code in the “Custom Body Classes” section.\u003C\u002Fp>\n\u003Cp>Here’s an example. Not sure why we would want to do it, but suppose we want to do some custom styling when the page is being displayed to someone that can manage WordPress options. We might enter something like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>if (current_user_can('manage_options')) $classes[] = 'user-can-manage-options';\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then we can use the \u003Cstrong>body.user-can-manage-options\u003C\u002Fstrong> qualifier in our CSS styling.\u003C\u002Fp>\n\u003Ch4>Example\u003C\u002Fh4>\n\u003Cp>Suppose you have a large h1 top margin that you want to eliminate on mobile devices to avoid a lot of white space. After activating the wp247-body-classes plugin and indicating that the .is-mobile class is desired, all you need to do is add this line to your CSS:\u003C\u002Fp>\n\u003Cp>body.is-mobile h1 {\u003Cbr \u002F>\n    margin-top: 0;\u003Cbr \u002F>\n}\u003C\u002Fp>\n\u003Cp>Suppose you have a sticky header but want to shrink it by dynamically reducing the top and bottom padding from 25px to 5px as the viewer scrolls down the page based on 20 pixel scroll increments up to 80 pixels of scrolling:\u003C\u002Fp>\n\u003Cp>Set WP247 Body Classes Scroll setting to “Scroll by Pixel” with a 10 pixel increment and an 80 pixel limit and then add the following to your CSS:\u003C\u002Fp>\n\u003Cp>body.is-scroll-20-px header {\u003Cbr \u002F>\n    padding-top: 20px;\u003Cbr \u002F>\n    padding-bottom: 20px;\u003Cbr \u002F>\n}\u003Cbr \u002F>\nbody.is-scroll-40-px header {\u003Cbr \u002F>\n    padding-top: 15px;\u003Cbr \u002F>\n    padding-bottom: 15px;\u003Cbr \u002F>\n}\u003Cbr \u002F>\nbody.is-scroll-60-px header {\u003Cbr \u002F>\n    padding-top: 10px;\u003Cbr \u002F>\n    padding-bottom: 10px;\u003Cbr \u002F>\n}\u003Cbr \u002F>\nbody.is-scroll-max-px header {\u003Cbr \u002F>\n    padding-top: 5px;\u003Cbr \u002F>\n    padding-bottom: 5px;\u003Cbr \u002F>\n}\u003C\u002Fp>\n","Add unique classes to the body tag for easy styling based on various attributes (archive, user, post, mobile, scrolling) and WordPress \"is\"  &hellip;",7558,90,6,"2024-05-24T16:06:00.000Z","6.5.8","4.0",[103,104,105,22,24],"mobile","post-type","scroll","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp247-body-classes.2.2.0.zip",92,{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":28,"downloaded":116,"rating":28,"num_ratings":28,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":125,"download_link":126,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wpsal-simple-access-list","WPSAL (Simple Access List)","1.2.0","VERYA Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fveryaca\u002F","\u003Cp>\u003Cstrong>WPSAL (Simple Access List)\u003C\u002Fstrong> is a lightweight plugin that allows \u003Cem>WordPress\u003C\u002Fem> site owners to control access to posts, pages and custom post types. You can restrict content to specific \u003Cstrong>users\u003C\u002Fstrong> or \u003Cstrong>roles\u003C\u002Fstrong> and redirect unauthorized visitors to any page.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Restrict access to posts, pages or custom post types.\u003C\u002Fli>\n\u003Cli>Assign access to individual \u003Cstrong>users\u003C\u002Fstrong> or \u003Cstrong>roles\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Redirect unauthorized visitors to a page of your choice.\u003C\u002Fli>\n\u003Cli>Developer-friendly with filters and hooks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to the \u003Cstrong>Posts\u003C\u002Fstrong>, \u003Cstrong>Pages\u003C\u002Fstrong>, or any custom post type list in the \u003Cem>WordPress\u003C\u002Fem> admin.\u003C\u002Fli>\n\u003Cli>Hover over a post row to reveal the \u003Cstrong>WPSAL\u003C\u002Fstrong> action menu. Click it.\u003C\u002Fli>\n\u003Cli>In the modal that appears, select the allowed \u003Cstrong>users\u003C\u002Fstrong> and\u002For \u003Cstrong>roles\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Optionally select a \u003Cstrong>redirect page\u003C\u002Fstrong> for unauthorized visitors.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Save\u003C\u002Fstrong> — the access restrictions are applied immediately.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Ideal for:\u003C\u002Fstrong> membership sites, client portals, private blogs, or any scenario requiring flexible content access control.\u003C\u002Fp>\n\u003Ch3>Development Notes\u003C\u002Fh3>\n\u003Cp>This plugin includes minified JavaScript and CSS files.\u003Cbr \u002F>\nThe uncompressed source files are publicly available here:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SweetAlert2 v11.26.18: https:\u002F\u002Fgithub.com\u002Fsweetalert2\u002Fsweetalert2\u002Farchive\u002Frefs\u002Ftags\u002Fv11.26.18.zip\u003C\u002Fli>\n\u003Cli>TomSelect v2.5.1: https:\u002F\u002Fgithub.com\u002Forchidjs\u002Ftom-select\u002Farchive\u002Frefs\u002Ftags\u002Fv2.5.1.zip\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support \u002F Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>For documentation, visit: https:\u002F\u002Fwpsal.verya.xyz\u002F.\u003C\u002Fli>\n\u003Cli>For support or to report bugs, please visit the plugin page on the \u003Cem>WordPress\u003C\u002Fem> repository.\u003C\u002Fli>\n\u003C\u002Ful>\n","We have ONE goal in mind: making it easy to control access to pages and posts.",199,"2026-02-13T18:40:00.000Z","6.9.4","6.6","7.4",[122,123,124,21,23],"access-control","content-restriction","content-visibility","https:\u002F\u002Fwpsal.verya.xyz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpsal-simple-access-list.1.2.0.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":118,"requires_at_least":140,"requires_php":141,"tags":142,"homepage":18,"download_link":147,"security_score":148,"vuln_count":149,"unpatched_count":28,"last_vuln_date":150,"fetched_at":30},"advanced-access-manager","Advanced Access Manager – Access Governance for WordPress","7.1.0","AAM Plugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fvasyltech\u002F","\u003Cp>\u003Cstrong>Advanced Access Manager (AAM)\u003C\u002Fstrong> introduces \u003Cstrong>Access Governance for WordPress\u003C\u002Fstrong> – a systematic approach to securing your site by controlling who can access what, when, and why.\u003C\u002Fp>\n\u003Cp>Most WordPress security plugins focus on external threats like malware, firewalls, and brute-force attacks. AAM addresses the \u003Cstrong>root cause of the #1 WordPress security risk: broken access controls, excessive privileges, and misconfigured roles\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Instead of reacting to attacks, AAM helps you \u003Cstrong>design security into your WordPress site\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>What Access Governance means in practice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mitigate Broken Access Controls\u003C\u002Fstrong>. Ensure roles, users, and permissions are correctly configured to prevent unauthorized actions and privilege escalation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Eliminate Excessive Privileges\u003C\u002Fstrong>. Identify overpowered users and reduce access to critical functionality, admin areas, and APIs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Content by Design\u003C\u002Fstrong>. Control who can view, edit, publish, or delete posts, pages, media, taxonomies, and custom content types.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Govern Access with Policy\u003C\u002Fstrong>. Define access rules using JSON Access Policies — portable, auditable, and automation-friendly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Build Custom Security Logic\u003C\u002Fstrong>. Use the AAM PHP Framework to create advanced, programmatic access controls tailored to your application.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security Audit\u003C\u002Fstrong>. Detect risky role assignments, misconfigurations, and compromised accounts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular Access Control\u003C\u002Fstrong>. Manage permissions for any user, role, or visitor with precision.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role & Capability Management\u003C\u002Fstrong>. Customize WordPress roles and capabilities beyond defaults.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin & Menu Control\u003C\u002Fstrong>. Restrict dashboard areas and tailor the admin experience per user or role.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API & Endpoint Protection\u003C\u002Fstrong>. Secure REST and XML-RPC access with fine-grained controls.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Authentication Options\u003C\u002Fstrong>. Support passwordless and secure login flows.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Ready Framework\u003C\u002Fstrong>. Extend WordPress security using AAM’s powerful SDK.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ad-Free & Transparent\u003C\u002Fstrong>. – No ads, no tracking, no bloat.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Built for Security-Conscious WordPress Users\u003C\u002Fh4>\n\u003Cp>AAM is trusted by \u003Cstrong>150,000+ websites\u003C\u002Fstrong> to deliver enterprise-grade access control without unnecessary complexity. Whether you’re a site owner, agency, developer, or security professional, AAM gives you \u003Cstrong>full control over WordPress access — by design\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Most core features are free. Advanced capabilities are available via premium add-ons.\u003C\u002Fp>\n\u003Cp>No hidden tracking. No data collection. No unwanted changes.\u003Cbr \u002F>\nJust \u003Cstrong>security you can reason about, audit, and trust\u003C\u002Fstrong>.\u003C\u002Fp>\n","Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.",100000,7384389,84,420,"2026-03-08T15:53:00.000Z","5.8.0","5.6.0",[143,144,145,146,24],"access-governance","api-security","restricted-content","security","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-access-manager.7.1.0.zip",95,11,"2024-03-20 00:00:00",{"attackSurface":152,"codeSignals":189,"taintFlows":209,"riskAssessment":210,"analyzedAt":216},{"hooks":153,"ajaxHandlers":185,"restRoutes":186,"shortcodes":187,"cronEvents":188,"entryPointCount":28,"unprotectedCount":28},[154,159,163,168,172,176,180],{"type":155,"name":156,"callback":157,"file":158,"line":149},"action","plugins_loaded","load_textdomain","classes\\class-editorial-access-manager.php",{"type":155,"name":160,"callback":161,"file":158,"line":162},"admin_init","setup",12,{"type":164,"name":165,"callback":166,"priority":75,"file":158,"line":167},"filter","map_meta_cap","filter_map_meta_cap",13,{"type":155,"name":169,"callback":170,"file":158,"line":171},"add_meta_boxes","action_add_meta_boxes",54,{"type":155,"name":173,"callback":174,"file":158,"line":175},"save_post","action_save_post",55,{"type":155,"name":177,"callback":178,"file":158,"line":179},"admin_enqueue_scripts","action_admin_enqueue_scripts",56,{"type":155,"name":181,"callback":182,"priority":183,"file":158,"line":184},"bulk_edit_custom_box","action_bulk_edit_custom_box",10,57,[],[],[],[],{"dangerousFunctions":190,"sqlUsage":191,"outputEscaping":193,"fileOperations":28,"externalRequests":28,"nonceChecks":63,"capabilityChecks":76,"bundledLibraries":205},[],{"prepared":28,"raw":28,"locations":192},[],{"escaped":183,"rawEcho":194,"locations":195},4,[196,199,201,203],{"file":158,"line":197,"context":198},419,"raw output",{"file":158,"line":200,"context":198},426,{"file":158,"line":202,"context":198},432,{"file":158,"line":204,"context":198},440,[206],{"name":207,"version":29,"knownCves":208},"jQuery",[],[],{"summary":211,"deductions":212},"The 'editorial-access-manager' plugin v0.3.2 exhibits a strong security posture based on the provided static analysis.  The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with attack surface signals is a significant positive. Furthermore, the code demonstrates good practices by utilizing prepared statements for all SQL queries and includes nonce and capability checks, indicating an awareness of common WordPress security vulnerabilities. The lack of reported vulnerabilities in its history is also a reassuring sign.\n\nHowever, a notable concern arises from the output escaping analysis, where only 71% of the 14 identified outputs are properly escaped. This leaves a potential for cross-site scripting (XSS) vulnerabilities if the unescaped data is user-controlled or originates from an untrusted source. While the taint analysis shows no critical or high-severity issues, the partial output escaping warrants attention. The plugin's limited attack surface and secure coding practices in areas like SQL and authentication are commendable, but the unescaped output represents the most significant immediate risk.",[213],{"reason":214,"points":215},"Partial output escaping detected",5,"2026-03-16T21:27:51.024Z",{"wat":218,"direct":235},{"assetPaths":219,"generatorPatterns":226,"scriptPaths":227,"versionParams":228},[220,221,222,223,224,225],"\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fbuild\u002Fcss\u002Fpost-admin.css","\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fbuild\u002Fcss\u002Fpost-admin.min.css","\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fbuild\u002Fjs\u002Fpost-admin.min.js","\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fjs\u002Fpost-admin.js","\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fbower_components\u002Fchosen_v1.1.0\u002Fchosen.min.css","\u002Fwp-content\u002Fplugins\u002Feditorial-access-manager\u002Fbower_components\u002Fchosen_v1.1.0\u002Fchosen.jquery.js",[],[],[229,230,231,232,233,234],"editorial-access-manager\u002Fbuild\u002Fcss\u002Fpost-admin.css?ver=","editorial-access-manager\u002Fbuild\u002Fcss\u002Fpost-admin.min.css?ver=","editorial-access-manager\u002Fbuild\u002Fjs\u002Fpost-admin.min.js?ver=","editorial-access-manager\u002Fjs\u002Fpost-admin.js?ver=","editorial-access-manager\u002Fbower_components\u002Fchosen_v1.1.0\u002Fchosen.min.css?ver=","editorial-access-manager\u002Fbower_components\u002Fchosen_v1.1.0\u002Fchosen.jquery.js?ver=",{"cssClasses":236,"htmlComments":238,"htmlAttributes":239,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[237],"eam-access-manager-wrap",[],[240,241,242,243,244,245],"name=\"eam_enable_custom_access\"","id=\"eam_enable_custom_access\"","name=\"eam_allowed_roles[]\"","id=\"eam_allowed_roles\"","name=\"eam_allowed_users[]\"","id=\"eam_allowed_users\"",[],[],[]]