[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUKO7csaN5JnFSTpdNSeuE0oSn2-26KpimRby1gsK1iE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":133,"fingerprints":209},"email-cop","Email Cop","0.1.1","Ashish Kumar (Ashfame)","https:\u002F\u002Fprofiles.wordpress.org\u002Fashfame\u002F","\u003Cp>Prevents WordPress from sending out emails and save them so that you can preview them without actually having to send them. Best for checking or designing emails in development environment.\u003C\u002Fp>\n\u003Cp>Please report any issues directly to Github repo – https:\u002F\u002Fgithub.com\u002Fashfame\u002Femail-cop\u002F\u003C\u002Fp>\n\u003Cp>Pull requests are welcome 🙂\u003C\u002Fp>\n\u003Cp>Icon Credit: Cop icon – http:\u002F\u002Fwww.aha-soft.com\u002F\u003C\u002Fp>\n","Prevents WordPress from sending out emails and save them so that you can preview them without actually having to send them.",20,3293,100,2,"2019-11-05T17:32:00.000Z","5.2.24","3.0.1","",[20,21,22],"development","email","tools","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-cop\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-cop.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"ashfame",4,1040,30,84,"2026-04-04T06:23:31.684Z",[38,55,77,98,115],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":53,"download_link":54,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"stop-emails","Stop Emails","1.2.1","Sal Ferrarello","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalcode\u002F","\u003Cp>Stops outgoing emails sent from WordPress.  This plugin stops\u003Cbr \u002F>\noutgoing emails generated by WordPress core, plugins, and themes.\u003Cbr \u002F>\nEmails sent using the \u003Ccode>wp_mail()\u003C\u002Fcode> function, will not be sent.\u003Cbr \u002F>\nIn the case where an author does not use the recommended \u003Ccode>wp_mail()\u003C\u002Fcode>\u003Cbr \u002F>\nfunction and instead sends the email using another mechanism, an email will\u003Cbr \u002F>\nstill be sent.\u003C\u002Fp>\n\u003Cp>This plugin allows you to suspend sending emails when doing development work.\u003Cbr \u002F>\nAny calls to \u003Ccode>wp_mail()\u003C\u002Fcode> will fail silently.  WordPress\u003Cbr \u002F>\nwill operate as if the email were sent successfully\u003Cbr \u002F>\nbut no email will actually be sent.\u003C\u002Fp>\n\u003Cp>On the admin menu page Settings > Stop Emails, there is the option\u003Cbr \u002F>\nto log all emails to the PHP error log.  By default this logging is\u003Cbr \u002F>\ndisabled.\u003C\u002Fp>\n\u003Cp>NOTE: If using the PHP \u003Ccode>mail()\u003C\u002Fcode> function directly, this\u003Cbr \u002F>\nplugin will NOT stop the emails.\u003C\u002Fp>\n\u003Cp>Built by \u003Ca href=\"http:\u002F\u002Fsalferrarello.com\u002F\" rel=\"nofollow ugc\">Sal Ferrarello\u003C\u002Fa> \u002F \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsalcode\" rel=\"nofollow ugc\">@salcode\u003C\u002Fa>\u003C\u002Fp>\n","Stop all outgoing emails sent from WordPress.",5000,76809,12,"2026-01-13T02:08:00.000Z","6.9.4","3.6",[20,21],"http:\u002F\u002Fsalferrarello.com\u002Fstop-emails-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-emails.1.2.1.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":13,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":18,"requires_php":18,"tags":68,"homepage":72,"download_link":73,"security_score":74,"vuln_count":75,"unpatched_count":26,"last_vuln_date":76,"fetched_at":28},"wp-reroute-email","WP Reroute Email","1.5.2","Sajjad Hossain","https:\u002F\u002Fprofiles.wordpress.org\u002Fmsh134\u002F","\u003Cp>This plugin intercepts all outgoing emails from a WordPress site, sent using the wp_mail() function, and reroutes them to a predefined configurable email address. This is useful in case where you do not want email sent from a WordPress site to reach the users. For an example, to resolve an issue you downloaded production database to your development site and you want no email is sent to production users when testing. You may enable this plugin in development server and reroute emails to your given email address.\u003C\u002Fp>\n\u003Cp>WP Reroute Email provides options for adding your own text or the recipients address at the bottom of the mail.\u003C\u002Fp>\n\u003Cp>You may also save a copy of the email to database and view them from the interface.\u003C\u002Fp>\n\u003Cp>Now, you will be able to disable rerouting based on the subject texts.\u003C\u002Fp>\n","This plugin reroutes all outgoing emails from a WordPress site (sent using the wp_mail() function) to a predefined configurable email address.",1000,28119,9,"2025-07-06T06:59:00.000Z","6.8.5",[69,70,21,71],"developer-tool","development-server","mail","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-reroute-email\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-reroute-email.1.5.2.zip",98,3,"2023-07-05 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":18,"download_link":97,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"send-email-from-admin","Send Email From Admin","1.0","kojak711","https:\u002F\u002Fprofiles.wordpress.org\u002Fkojak711\u002F","\u003Cp>Send Email From Admin gives you the ability to easily send a custom HTML email from the WordPress administration screen. You can send to existing users or add your own recipients. You can send to multiple recipients and choose to send group emails or individual emails. Emails can also have an attachment. A new menu item called ‘Send Email’ is added under the Tools menu. This plugin is also translatable.\u003C\u002Fp>\n\u003Cp>NOTE: This is not intended to be a mass\u002Fbulk mailing plugin. This is a very lean plugin that is best suited to send an email to one or up to a handful of recipients.\u003C\u002Fp>\n","Easily send a simple custom email with an attachment from the WordPress administration screen.",800,12291,92,18,"2023-03-21T16:04:00.000Z","6.2.9","4.0",[93,94,21,95,96],"admin-email","custom-email","email-tools","send-email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsend-email-from-admin.1.0.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":26,"num_ratings":26,"last_updated":108,"tested_up_to":67,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":18,"download_link":114,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"test-email-redirector","Test Email Redirector","1.3.3","Zaib Makda","https:\u002F\u002Fprofiles.wordpress.org\u002Fconnectzaib\u002F","\u003Cp>The Test Email Redirector ensures no accidental emails reach real users during WordPress development, staging, or testing. Redirect’s all outgoing emails to a designated test address. Additional features include optional CC\u002FBCC addresses and the ability to include original recipient information in the forwarded email.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Redirect all outgoing emails to a test email address.\u003Cbr \u002F>\n– Add optional CC and BCC addresses.\u003Cbr \u002F>\n– Include original recipient information in the forwarded email.\u003Cbr \u002F>\n– Enable or disable email redirection without deactivating the plugin.\u003Cbr \u002F>\n– Fully configurable via the WordPress admin Tools menu.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. See the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">License URI\u003C\u002Fa> for details.\u003C\u002Fp>\n","Redirects all outgoing WordPress emails to a specified test address for development and testing purposes.",60,534,"2025-08-01T09:59:00.000Z","5.0","7.2",[20,21,112,113],"forward","testing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftest-email-redirector.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":13,"num_ratings":32,"last_updated":125,"tested_up_to":126,"requires_at_least":17,"requires_php":18,"tags":127,"homepage":131,"download_link":132,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"basic-dev-tools","Basic Dev Tools","1.4.1","Rodrigo Techera","https:\u002F\u002Fprofiles.wordpress.org\u002Frodtech\u002F","\u003Cp>This was developed thinking in the common things that a developer could need at the time of build an app in WP.\u003C\u002Fp>\n\u003Ch4>Special Settings\u003C\u002Fh4>\n\u003Cp>A Special Setting Page allowing you to easily change global settings that in ocations are hidden in WP.\u003C\u002Fp>\n\u003Ch4>Cron Task and Schedules Manager\u003C\u002Fh4>\n\u003Cp>A section that allow you to create and delete schedules and tasks that run internally in the WP Cron. You could see and monitor the distinct schedules, the times and next executions for each one. Also you have the posibilty to execute one of them without affect the cron schedules.\u003C\u002Fp>\n\u003Ch4>Post Types Manager with shotcodes\u003C\u002Fh4>\n\u003Cp>A section that allow you to create distinct Post Types without a line of code. You could specify names and special settings like new taxonomies for each one of them. Then you could call them with the common functions for posts from WP or using special shortcodes prepared for you to manage it.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frodrigo-techera\u002Fbasic-dev-tools\" rel=\"nofollow ugc\">Fork it on Github\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","A plugin with some Basic Tools For Development and Developers. Trying to be easier the way of develop common things in WP",10,1724,"2015-11-19T12:37:00.000Z","4.4.34",[128,129,130,20,22],"basic-tools","cron","developer","http:\u002F\u002Fmarsminds.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbasic-dev-tools.1.4.1.zip",{"attackSurface":134,"codeSignals":155,"taintFlows":197,"riskAssessment":198,"analyzedAt":208},{"hooks":135,"ajaxHandlers":151,"restRoutes":152,"shortcodes":153,"cronEvents":154,"entryPointCount":26,"unprotectedCount":26},[136,142,146],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_notices","admin_notice","plugin.php",26,{"type":137,"name":143,"callback":144,"file":140,"line":145},"init","register_post_type",29,{"type":147,"name":148,"callback":149,"file":140,"line":150},"filter","single_template","provide_cpt_template",36,[],[],[],[],{"dangerousFunctions":156,"sqlUsage":157,"outputEscaping":159,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":196},[],{"prepared":26,"raw":26,"locations":158},[],{"escaped":26,"rawEcho":160,"locations":161},16,[162,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194],{"file":163,"line":164,"context":165},"inc\\cpt_template.php",41,"raw output",{"file":163,"line":167,"context":165},45,{"file":163,"line":169,"context":165},49,{"file":163,"line":171,"context":165},51,{"file":163,"line":173,"context":165},56,{"file":163,"line":175,"context":165},61,{"file":163,"line":177,"context":165},65,{"file":163,"line":179,"context":165},75,{"file":163,"line":181,"context":165},132,{"file":163,"line":183,"context":165},136,{"file":163,"line":185,"context":165},140,{"file":163,"line":187,"context":165},142,{"file":163,"line":189,"context":165},147,{"file":163,"line":191,"context":165},152,{"file":163,"line":193,"context":165},156,{"file":140,"line":195,"context":165},58,[],[],{"summary":199,"deductions":200},"The \"email-cop\" plugin v0.1.1 demonstrates a very limited attack surface, with no apparent AJAX handlers, REST API routes, shortcodes, or cron events exposed. This absence of direct entry points into the plugin's functionality is a positive security indicator.  Furthermore, the plugin utilizes prepared statements for all its SQL queries, which is a strong defense against SQL injection vulnerabilities. The lack of reported CVEs and a clean vulnerability history also suggests a potentially stable and secure codebase.\n\nHowever, the analysis reveals a significant concern regarding output escaping. With 100% of outputs unescaped, there is a high risk of cross-site scripting (XSS) vulnerabilities. Any dynamic data outputted by the plugin that is not properly sanitized before being rendered in the browser could be exploited by attackers. While the static analysis didn't reveal specific taint flows, the universal lack of output escaping creates a broad vulnerability landscape that requires immediate attention.  The absence of nonce and capability checks, while not directly exploitable due to the limited attack surface, indicates a potential lack of robust authorization and validation mechanisms that could become problematic if the attack surface were to expand in future versions.\n\nIn conclusion, while the \"email-cop\" plugin v0.1.1 benefits from a small attack surface and secure database practices, the pervasive issue of unescaped output presents a critical security weakness. The plugin's clean history is a positive sign, but it doesn't negate the immediate threat posed by XSS vulnerabilities. Developers should prioritize implementing proper output escaping to mitigate this significant risk.",[201,203,206],{"reason":202,"points":48},"Unescaped output detected",{"reason":204,"points":205},"Missing nonce checks",5,{"reason":207,"points":205},"Missing capability checks","2026-03-16T22:45:37.212Z",{"wat":210,"direct":215},{"assetPaths":211,"generatorPatterns":212,"scriptPaths":213,"versionParams":214},[],[],[],[],{"cssClasses":216,"htmlComments":222,"htmlAttributes":223,"restEndpoints":224,"jsGlobals":225,"shortcodeOutput":226},[217,218,219,220,221],"email-meta","email-meta-content","avatar","email-body","email-body-content",[],[],[],[],[]]