[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWSGs6OuQSG2X5sfIr-gtdH7-sLGhdcKQKDBWpSvys8M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":128,"fingerprints":286},"emailchef-add-on-for-pmp","Emailchef Add On for Paid Memberships Pro","1.9.1","Emailchef","https:\u002F\u002Fprofiles.wordpress.org\u002Femailchef\u002F","\u003Cp>Once Paid Memberships Pro is installed, you gain the ability to designate distinct lists for different membership levels, along with optional lists that members can join during checkout or through their user profile. By integrating seamlessly, the user’s email and membership level details are automatically merged.\u003C\u002Fp>\n\u003Cp>On the settings page, site administrators can easily choose specific lists for users and members, in addition to fine-tuning other features to enhance the overall experience.\u003C\u002Fp>\n\u003Ch3>Additional Settings\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Non-member Lists:\u003C\u002Fstrong> These lists are designated for users without a membership level. Once users acquire a membership level, they will be automatically removed from these lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Opt-in Lists:\u003C\u002Fstrong> These lists represent the subscription options available to users during the PMPro checkout process. Users can modify their selections later via their profile. It’s important to note that lists designated as Opt-in Lists should not be simultaneously categorized as Non-member Lists or Level Lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unsubscribe on Level Change?:\u003C\u002Fstrong> When set to ‘No’, users will retain their subscriptions to all lists, even if they lose a membership level. Conversely, selecting ‘Yes’ means users will be automatically unsubscribed from any level-specific lists they belong to upon losing that level, provided those lists are not also classified as Non-Member lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Update on Profile Save:\u003C\u002Fstrong> Selecting ‘Yes’ enables PMPro to refresh Emailchef list information each time a user’s profile page is saved. If ‘No’ is chosen, PMPro will update Emailchef lists only when there’s a change in the user’s membership level, email, or selected opt-in lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Membership Levels and Lists:\u003C\u002Fstrong> These are the lists that users will automatically be subscribed to when they receive a membership level.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Configuration and Settings\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Enter your Emailchef email and password:\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>After entering your credentials user, continue with the setup by assigning User or Member Lists and reviewing the additional settings.\u003C\u002Fp>\n","Enhance your membership website's functionality with the Paid Memberships Pro plugin, and seamlessly subscribe WordPress users and members to you …",0,1459,"","6.9.4","6.0","7.0",[18,19,20,21],"email-marketing","emailchef","paid-memberships-pro","pmpro","https:\u002F\u002Fwww.emailchef.com\u002Fwordpress-paid-memberships-pro-emailchef-add-on\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femailchef-add-on-for-pmp.1.9.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":19,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,10,30,94,"2026-04-04T14:03:50.463Z",[35,56,75,95,112],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":24,"num_ratings":29,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":13,"tags":48,"homepage":52,"download_link":53,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"administrator-access-to-pmpro-protected-content","Administrator Access to PMPro Protected Content","1.3","Thomas S","https:\u002F\u002Fprofiles.wordpress.org\u002Feighty20results\u002F","\u003Cp>By default Paid Memberships Pro will \u003Cem>not\u003C\u002Fem> let an administrator get access to a protected post or page without making the administrator a member of one of the membership levels that are required for that post\u002Fpage in the “Require Membership” checkboxes in the post\u002Fpage editor.\u003C\u002Fp>\n\u003Cp>This is contrary to what a traditional interpretation of the “Administrator” role represents for WordPress (or any user based security system). People expect the administrator\u002Froot account(s) on the system to have full access to administer and view the content on the site.\u003C\u002Fp>\n\u003Cp>This behavior also represents one of the frequent problems experienced when trying to use a WordPress front-end post or page editor; The expected content for the post\u002Fpage being edited either doesn’t show up, or is being redirected away from.\u003C\u002Fp>\n\u003Cp>This plugin will remove the PMPro access restrictions to content for any user assigned to the WordPress ‘administrator’ role.\u003C\u002Fp>\n\u003Cp>As of version 1.2, the same functionality has been extended to the PMPro [membership] short code.\u003Cbr \u002F>\nThis plugin should be used with caution!\u003C\u002Fp>\n\u003Ch3>Credit\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Ca href=\"https:\u002F\u002Fwww.freeiconspng.com\u002Fimg\u002F29108\" rel=\"nofollow ugc\">Unlock Hd Icon by Ahkâm\u003C\u002Fa> – Copyright (c) Ahkâm\u003Cbr \u002F>\nThis plugin uses the logo by \u003Ca href=\"https:\u002F\u002Fwww.paid-memberships-pro.com\u002F\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa> – Copyright (c) Stranger Studios, LLC\u003C\u002Fp>\n\u003Ch3>v1.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>REFACTOR: Updated to signify support for latest WordPress releases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>ENHANCEMENT: Add check override when using [membership] short code\u003C\u002Fli>\n\u003Cli>BUG FIX: Didn’t guarantee false return when user isn’t logged in or not an admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>BUG FIX: Didn’t prevent redirect(s) when accessing the Membership Account page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release of plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","Overrides the PMPro \"Require Membership\" settings and grants view access to any user assigned to the WordPress \"Administrator\" rol …",60,2535,"2020-09-16T20:02:00.000Z","5.5.18","4.8",[49,50,51,20,21],"membership","membership-management","page-editor","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadministrator-access-to-pmpro-protected-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadministrator-access-to-pmpro-protected-content.zip",85,"2026-03-15T15:16:48.613Z",{"slug":57,"name":58,"version":59,"author":39,"author_profile":40,"description":60,"short_description":61,"active_installs":30,"downloaded":62,"rating":32,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":73,"download_link":74,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"e20r-members-list","E20R Better Members List for Paid Memberships Pro","8.6","\u003Cp>Extensible, sortable & bulk action capable members listing tool for Paid Memberships Pro. This plugin is a complete replacement for the “Members List” functionality in PMPro and supports most of the same filters and hooks. The key differences have to do with managing columns. Now you can also use the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Fclasses\u002Fwp_list_table\u002F\" rel=\"nofollow ugc\">standard WordPress filters\u003C\u002Fa> to columns you can add\u002Fremove\u002Fmake sortable, additional bulk actions, etc.\u003C\u002Fp>\n\u003Ch3>Extending the Members List\u003C\u002Fh3>\n\u003Cp>This plugin uses the \u003Ccode>WP_List_Table\u003C\u002Fcode> class to generate the flexible table approach you know and love from the WordPress Post\u002FPage\u002Fetc back-end. As a result, it’s has a standardized and flexible approach to adding columns to the table.\u003C\u002Fp>\n\u003Cp>I’ve also included a number of filters and actions to let a \u003Ca href=\"https:\u002F\u002Feighty20results.com\u002Fneed-something-else\u002F\" rel=\"nofollow ugc\">PHP developer\u003C\u002Fa> expand on the search functionality for the list.\u003C\u002Fp>\n\u003Cp>The same goes for the Export to CSV functionality.\u003C\u002Fp>\n\u003Cp>This plugin should support the standard Paid Memberships Pro filters in order to add new CSV export columns and data.\u003C\u002Fp>\n\u003Ch3>Supported Filters\u003C\u002Fh3>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feighty20results.com\u002Fe20r-members-list\u002Fblob\u002Fmain\u002Fdocs\u002FFILTERS.md\" rel=\"nofollow ugc\">FILTERS.md\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Supported Actions\u003C\u002Fh3>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feighty20results.com\u002Fe20r-members-list\u002Fblob\u002Fmain\u002Fdocs\u002FACTIONS.md\" rel=\"nofollow ugc\">ACTIONS.md\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cp>PHP 8.0 and later introduces warning messages for certain behaviors that were ignored prior to v8.0. Because of this, and the fact that this plugin relies on functionality from Paid Memberships Pro, the “end date” column may print messages indicating problems with the \u003Ccode>trim()\u003C\u002Fcode> function. Until Paid Memberships Pro updates their plugin to support PHP8.x, these messages will need to be disabled in your web server configuration (suppressed).\u003C\u002Fp>\n\u003Cp>Setting the “Members per page” in the “Options” drop-down on the Members List page to a number greater than 50 can result in unexpected errors\u002Fwarnings. The default value is 20. One symptom is seeing the PHP warning: “Warning: Unknown: Input variables exceeded 2000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0”\u003C\u002Fp>\n","Extensible, sortable & bulk action capable members listing + export to CSV tool for Paid Memberships Pro.",12123,3,"2022-03-27T17:11:00.000Z","5.9.13","4.9","7.1",[69,70,71,20,72],"better-members-list","members","memberships","pmpro-enhancements","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fe20r-members-list","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fe20r-members-list.8.6.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":30,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":13,"tags":89,"homepage":93,"download_link":94,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"first-data-for-pmpro","First Data for Paid Memberships Pro","1.0.1","cardpaysolutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fcardpaysolutions\u002F","\u003Cp>The First Data for Paid Memberships Pro plugin adds First Data as a payment method within your Paid Memberships Pro website. First Data makes accepting credit cards simple.\u003Cbr \u002F>\nAccept all major credit cards including Visa, MasterCard, American Express, Discover, JCB, and Diners Club. The First Data for Paid Memberships Pro plugin\u003Cbr \u002F>\nallows your customers to securely use their credit card to pay for both one-time and recurring memberships.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Supports both one-time and recurring transaction types\u003C\u002Fli>\n\u003Cli>Customers can update or cancel existing membership subscriptions\u003C\u002Fli>\n\u003Cli>Supports all Paid Memberships Pro 1.7+ features\u003C\u002Fli>\n\u003Cli>Uses the PMPro built in checkout so the customer never leaves your website\u003C\u002Fli>\n\u003Cli>AVS and CVC responses are provided to assist with fraud prevention\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>A First Data Merchant Account and Authorize.Net gateway is required.\u003C\u002Fp>\n\u003Cp>You can apply for a properly configured First Data merchant account through the link below. There are no set-up fees and we\u003Cbr \u002F>\noffer several flexible pricing plans.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.authnetsource.com\u002Fpmpro?payeezy=hide&pid=df63ff78f8d6a3e8\" rel=\"nofollow ugc\">Click Here to Sign Up!\u003C\u002Fa>\u003C\u002Fp>\n","First Data for Paid Memberships Pro allows merchants to accept all major credit cards for both one-time and recurring membership payments.",2610,20,1,"2018-01-18T21:37:00.000Z","4.9.29","3.5",[90,91,20,92,21],"first-data","firstdata","payeezy","http:\u002F\u002Fwww.authnetsource.com\u002Fpmpro?payeezy=hide&pid=df63ff78f8d6a3e8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffirst-data-for-pmpro.1.0.1.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":30,"downloaded":103,"rating":11,"num_ratings":11,"last_updated":104,"tested_up_to":87,"requires_at_least":105,"requires_php":13,"tags":106,"homepage":110,"download_link":111,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"wp-security-audit-log-for-paid-memberships-pro","WP Security Audit Log addon for Paid Memberships Pro","1.1.5","Bill Stoltz","https:\u002F\u002Fprofiles.wordpress.org\u002Fbillstotlz\u002F","\u003Cp>This plugin Extends the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-security-audit-log\u002F\" rel=\"ugc\">WP Security Audit Log\u003C\u002Fa> to log events from the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpaid-memberships-pro\u002F\" rel=\"ugc\">Paid Memberships Pro\u003C\u002Fa> plugin.  This plugin also includes some audit logs alerts to track changes to User Meta values.\u003C\u002Fp>\n\u003Ch4>Actions \u002F Hooks Supported in the plugin\u003C\u002Fh4>\n\u003Cp>This plugin currently supports the following actions.\u003C\u002Fp>\n\u003Cp>User Meta Actions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>added_user_meta\u003C\u002Fstrong>  – logs alert whenever a Meta Field is created for user account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>update_user_meta\u003C\u002Fstrong> – Saves current value of a Meta Field so we can see what changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>updated_user_meta\u003C\u002Fstrong> – logs alert with Value of Meta Field that changed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>deleted_user_meta\u003C\u002Fstrong> – logs event when a User Meta Field is deleted for a user account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Actions that are related to Paid Memberships Pro (PMPro) plugin:\u003C\u002Fp>\n\u003Cp>PMPro creates what it calls an “order” everytime a payment is made on an account. This includes the initial payment and recurring or subscription payments.\u003Cbr \u002F>\nPMPro provides several actions to allow us to log creation and changes of these orders\u002Fpayments.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pmpro_added_order\u003C\u002Fstrong> – logs an event when a PMPro Order for a membership payment is created.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_delete_order\u003C\u002Fstrong> – logs an event when a PMPro Order for a membership payment is deleted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_update_order\u003C\u002Fstrong> – saved information about a PMPro Order for a membership payment to see what changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_updated_order\u003C\u002Fstrong> – logs an event when a PMPro Order for a membership payment with information that was changed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When a user either joins a PMPro defined membership level or the account is cancelled or changed to another level, we can use the following actions\u003Cbr \u002F>\nto try to see what was changed and who changed the account.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pmpro_before_change_membership_level\u003C\u002Fstrong> – saves information about an user that is about to change or cancel current PMPro membership level\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_after_change_membership_level\u003C\u002Fstrong>‘ – logs event that details changes in membership levels for a user. Could be upgrade or canceling PMPro membership.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_after_checkout\u003C\u002Fstrong> – logs information after PMPro checkout process complete. Displays related PMPro order number and any discount codes applied during checkout.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PMPro allows the system to define several different levels, with differt criteria. These actions allow use to monitor changes to these levels and\u003Cbr \u002F>\nwhat users are making the changes.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pmpro_delete_membership_level\u003C\u002Fstrong> – logs an event when a PMPro membership level is deleted and no longer available for users to select.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_save_membership_level\u003C\u002Fstrong> – logs an event when a PMPro membership level is added or updated. logs details of level to see new values.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PMPro allows the use of discount codes during the checkout \u002F payment process.  These actions allow us the ability to monitor changes\u003Cbr \u002F>\nto the discount codes.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pmpro_delete_discount_code\u003C\u002Fstrong> – logs event when a PMPro discount code is deleted from the system.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_save_discount_code\u003C\u002Fstrong> – logs event when a PMPro discount code is added or updated. Log details about discount code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_save_discount_code_level\u003C\u002Fstrong> – Discount codes can change PMPro Membership Leves in different ways, this logs a event detailing the discount to be applied to s specific PMPro Membership Level\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PMPro supports multiple payment gateways. Some of the gateways allow subscription payments. The following actions in PMPro are called when certain subscription\u003Cbr \u002F>\nevents occur. Some of these actions are payment gateway specific.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pmpro_subscription_cancelled\u003C\u002Fstrong> – logs and event when a payment subscription is cancelled. This could be from a user action or possible payment failure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_subscription_expired\u003C\u002Fstrong> – logs an event when a payment subscription expires. Could be only valid for 5 payments.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_subscription_ipn_event_processed\u003C\u002Fstrong> – logs event when Paypal IPN event is processed. Usually only on a subscription payment initiated by PayPal.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_subscription_payment_completed\u003C\u002Fstrong> – logs event when a subscription payment is completed successfully.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_subscription_payment_failed\u003C\u002Fstrong> – logs an event when payment gateway is unable to process a subscription payment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pmpro_subscription_payment_went_past_due\u003C\u002Fstrong> – logs an event when payment gateway is unable to process a subscription payment and the due date is past.\u003C\u002Fli>\n\u003C\u002Ful>\n","An Addon to the WP Security Audit Log plugin to log events from Paid Memberships Pro plugin",1726,"2018-01-22T02:25:00.000Z","4",[107,20,21,108,109],"event-log-wordpress","wordpress-security-audit-log","wordpress-security-plugin","https:\u002F\u002Fgithub.com\u002Fbwsolutions\u002Fwpsal4pmpro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-security-audit-log-for-paid-memberships-pro.1.1.5.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":30,"downloaded":120,"rating":11,"num_ratings":11,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":13,"tags":124,"homepage":13,"download_link":127,"security_score":54,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":55},"zesty-custom-post-types-for-paid-memberships-pro","Zesty Custom Post Types for Paid Memberships Pro","1.0.0","Bijingus","https:\u002F\u002Fprofiles.wordpress.org\u002Fbijingus\u002F","\u003Cp>This plugin lets you restrict any custom post type’s content when using Paid Membershps Pro.\u003C\u002Fp>\n\u003Cp>Simply select the custom post type you’d like to restrict for members only and a box with restriction levels will then appear when editing any post of that type.\u003C\u002Fp>\n","Restrict any custom post type with Paid Memberships Pro.",795,"2022-06-23T13:50:00.000Z","6.0.11","4.6",[125,49,20,21,126],"custom-post-types","restrict","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzesty-custom-post-types-for-paid-memberships-pro.zip",{"attackSurface":129,"codeSignals":203,"taintFlows":239,"riskAssessment":278,"analyzedAt":285},{"hooks":130,"ajaxHandlers":192,"restRoutes":200,"shortcodes":201,"cronEvents":202,"entryPointCount":29,"unprotectedCount":29},[131,137,140,143,145,148,151,154,157,160,163,166,169,172,175,178,180,183,185,187,189],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","plugins_loaded","anonymous","includes\\class-emailchef-add-on-for-pmp.php",142,{"type":132,"name":138,"callback":134,"file":135,"line":139},"admin_enqueue_scripts",164,{"type":132,"name":141,"callback":134,"file":135,"line":142},"admin_menu",165,{"type":132,"name":138,"callback":134,"file":135,"line":144},166,{"type":132,"name":146,"callback":134,"file":135,"line":147},"admin_init",167,{"type":132,"name":149,"callback":134,"file":135,"line":150},"admin_post_pmproecaddon_save_data",175,{"type":132,"name":152,"callback":134,"file":135,"line":153},"show_user_profile",176,{"type":132,"name":155,"callback":134,"file":135,"line":156},"edit_user_profile",177,{"type":132,"name":158,"callback":134,"file":135,"line":159},"pmpro_show_user_profile",178,{"type":132,"name":161,"callback":134,"file":135,"line":162},"personal_options_update",179,{"type":132,"name":164,"callback":134,"file":135,"line":165},"edit_user_profile_update",180,{"type":132,"name":167,"callback":134,"file":135,"line":168},"pmpro_personal_options_update",181,{"type":132,"name":170,"callback":134,"file":135,"line":171},"pmpro_after_checkout",182,{"type":132,"name":173,"callback":134,"file":135,"line":174},"pmpro_checkout_after_tos_fields",183,{"type":132,"name":176,"callback":134,"file":135,"line":177},"wp_enqueue_scripts",206,{"type":132,"name":176,"callback":134,"file":135,"line":179},207,{"type":132,"name":181,"callback":134,"file":135,"line":182},"pmproecaddon_api_response",208,{"type":132,"name":170,"callback":134,"file":135,"line":184},213,{"type":132,"name":173,"callback":134,"file":135,"line":186},214,{"type":132,"name":170,"callback":134,"file":135,"line":188},216,{"type":132,"name":190,"callback":134,"file":135,"line":191},"user_register",217,[193,197],{"action":194,"nopriv":195,"callback":134,"hasNonce":195,"hasCapCheck":195,"file":135,"line":196},"emailchef-add-on-for-pmp_check_login",false,168,{"action":198,"nopriv":195,"callback":134,"hasNonce":195,"hasCapCheck":195,"file":135,"line":199},"emailchef-add-on-for-pmp_disconnect",169,[],[],[],{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":207,"fileOperations":11,"externalRequests":85,"nonceChecks":63,"capabilityChecks":11,"bundledLibraries":238},[],{"prepared":11,"raw":11,"locations":206},[],{"escaped":31,"rawEcho":208,"locations":209},13,[210,214,217,219,220,223,225,226,228,230,232,234,236],{"file":211,"line":212,"context":213},"admin\\class-emailchef-add-on-for-pmp-admin.php",249,"raw output",{"file":215,"line":216,"context":213},"admin\\partials\\logged-out.php",17,{"file":215,"line":218,"context":213},19,{"file":215,"line":31,"context":213},{"file":221,"line":222,"context":213},"admin\\partials\\options.php",31,{"file":221,"line":224,"context":213},40,{"file":221,"line":224,"context":213},{"file":221,"line":227,"context":213},42,{"file":221,"line":229,"context":213},62,{"file":221,"line":231,"context":213},64,{"file":221,"line":233,"context":213},66,{"file":221,"line":235,"context":213},68,{"file":221,"line":237,"context":213},162,[],[240,259,269],{"entryPoint":241,"graph":242,"unsanitizedCount":11,"severity":258},"page_options_ajax_check_login (admin\\class-emailchef-add-on-for-pmp-admin.php:125)",{"nodes":243,"edges":255},[244,249],{"id":245,"type":246,"label":247,"file":211,"line":248},"n0","source","$_POST (x2)",133,{"id":250,"type":251,"label":252,"file":211,"line":253,"wp_function":254},"n1","sink","update_option() [Settings Manipulation]",149,"update_option",[256],{"from":245,"to":250,"sanitized":257},true,"low",{"entryPoint":260,"graph":261,"unsanitizedCount":11,"severity":258},"save_options (admin\\class-emailchef-add-on-for-pmp-admin.php:253)",{"nodes":262,"edges":267},[263,265],{"id":245,"type":246,"label":247,"file":211,"line":264},294,{"id":250,"type":251,"label":252,"file":211,"line":266,"wp_function":254},295,[268],{"from":245,"to":250,"sanitized":257},{"entryPoint":270,"graph":271,"unsanitizedCount":11,"severity":258},"\u003Cclass-emailchef-add-on-for-pmp-admin> (admin\\class-emailchef-add-on-for-pmp-admin.php:0)",{"nodes":272,"edges":276},[273,275],{"id":245,"type":246,"label":274,"file":211,"line":248},"$_POST (x4)",{"id":250,"type":251,"label":252,"file":211,"line":253,"wp_function":254},[277],{"from":245,"to":250,"sanitized":257},{"summary":279,"deductions":280},"The emailchef-add-on-for-pmp plugin v1.9.1 exhibits a mixed security posture. On the positive side, the code analysis reveals no dangerous functions, all SQL queries use prepared statements, and there are no identified taint flows with unsanitized paths or critical\u002Fhigh severity issues. The absence of any recorded vulnerabilities or CVEs in its history is also a strong indicator of responsible development and maintenance in the past. However, a significant concern lies in the attack surface. Two AJAX handlers are present, and crucially, both lack authentication checks. This directly exposes potentially sensitive functionality to unauthenticated users, creating a notable risk. While the plugin demonstrates good practices in data handling and query security, the unprotected entry points represent a clear vulnerability that could be exploited by attackers.",[281,283],{"reason":282,"points":30},"Unprotected AJAX handlers",{"reason":284,"points":63},"Low percentage of properly escaped output","2026-03-17T06:01:27.158Z",{"wat":287,"direct":300},{"assetPaths":288,"generatorPatterns":293,"scriptPaths":294,"versionParams":295},[289,290,291,292],"\u002Fwp-content\u002Fplugins\u002Femailchef-add-on-for-pmp\u002Fadmin\u002Fcss\u002Femailchef-add-on-for-pmp-admin.css","\u002Fwp-content\u002Fplugins\u002Femailchef-add-on-for-pmp\u002Fadmin\u002Fjs\u002Femailchef-add-on-for-pmp-admin.js","\u002Fwp-content\u002Fplugins\u002Femailchef-add-on-for-pmp\u002Fpublic\u002Fcss\u002Femailchef-add-on-for-pmp-public.css","\u002Fwp-content\u002Fplugins\u002Femailchef-add-on-for-pmp\u002Fpublic\u002Fjs\u002Femailchef-add-on-for-pmp-public.js",[],[290,292],[296,297,298,299],"emailchef-add-on-for-pmp\u002Fadmin\u002Fcss\u002Femailchef-add-on-for-pmp-admin.css?ver=","emailchef-add-on-for-pmp\u002Fadmin\u002Fjs\u002Femailchef-add-on-for-pmp-admin.js?ver=","emailchef-add-on-for-pmp\u002Fpublic\u002Fcss\u002Femailchef-add-on-for-pmp-public.css?ver=","emailchef-add-on-for-pmp\u002Fpublic\u002Fjs\u002Femailchef-add-on-for-pmp-public.js?ver=",{"cssClasses":301,"htmlComments":308,"htmlAttributes":316,"restEndpoints":321,"jsGlobals":322,"shortcodeOutput":324},[302,303,304,305,306,307],"pmproecaddon_sectiontitle","pmproecaddon_content","pmproecaddon_title","pmproecaddon_subTitle","pmproecaddon_input_group","pmproecaddon_button",[309,310,311,312,313,314,315],"\u003C!-- Account details -->","\u003C!-- Consumer Key -->","\u003C!-- Consumer Secret -->","\u003C!-- Login -->","\u003C!-- Sync -->","\u003C!-- Memberships -->","\u003C!-- Membership Levels -->",[317,318,318,319,320,320],"data-nonce-action=\"emailchef-add-on-for-pmp_check_login\"","data-nonce-field=\"_pmproecaddon_nonce\"","data-nonce-action=\"emailchef-add-on-for-pmp_edit_user_optin\"","data-nonce-field=\"_pmproecaddon_edit_user_optin_nonce\"",[],[323],"pmproecaddon_login_object",[]]