[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6SPZyjiTBPYnGZsqgJf2Yuuhd6XfgMoKSWYvUeGHKXM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":137,"fingerprints":394},"emergency-management","Emergency Management","1.4.2.0","Michael","https:\u002F\u002Fprofiles.wordpress.org\u002Fmitfi\u002F","\u003Cp>Provides means to reset all or selectable passwords (roles, users) and\u002For to delete (the related) sessions, to define a role-based password expiry, to renew your security KEYs & SALTs and to define & monitor your required password complexity\u002Fstrength.\u003Cbr \u002F>\nUpon password reset, the related users will be informed by eMail. The eMail text can be edited easily through this plugin.\u003Cbr \u002F>\nWhen the password expiry function is set, users with the related roles will be required to renew their password upon login, once expired.\u003Cbr \u002F>\nWhen a certain password strength\u002Fcomplexity has been set, the password strength will be monitored and related hints will be displayed accordingly.\u003Cbr \u002F>\nThis plugin is self explanatory and can be accessed through the users menu.\u003C\u002Fp>\n\u003Cp>Inspired by: Joe Sexton (PW-Check with Regular Expressions and related basic functions structure)\u003Cbr \u002F>\nInspired by: andymoyle (Plugin “Emergency password reset V6.1” providing this as a kind of ‘brute force’ functionality)\u003Cbr \u002F>\nInspired by: Miller Media (Plugin “Expire User Passwords”, providing some basic ideas of functionality but in conflict with the plugin ‘Theme My Login’)\u003C\u002Fp>\n","Handle all security topics: Reset passwords, delete sessions, define role-based password expiries, renew security KEYs & SALTs, define & monit &hellip;",10,2784,0,"","7.0","5.3","7.4",[19,20,21,22,23],"expire","passwords","salts","security","sessions","https:\u002F\u002Fde.wordpress.org\u002Fplugins\u002Femergency-management\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femergency-management.1.4.2.0.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"mitfi",3,40,30,94,"2026-04-05T09:55:44.626Z",[38,61,81,100,116],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":14,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"wc-password-strength-settings","Password Strength Settings for WooCommerce","3.0.1","Danny Santoro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielsantoro\u002F","\u003Cp>Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>WooCommerce has an integrated Password Strength Meter which forces users to use strong passwords. Sometimes this isn’t desirable – with this plugin, you can choose between five password levels ranging from “Anything Goes” to “Strong Passwords Only”. In addition, you can modify the colors and appearance of these custom messages, as well as modify or remove the password hint. For details on how the password strength is determined, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielSantoro\u002Fwc-password-strength-settings\u002Fwiki\u002FHow-Password-Strength-is-Determined\" rel=\"nofollow ugc\">please read the documentation here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s New?\u003C\u002Fh4>\n\u003Cp>Version 3.0.0 is a bit of a rewrite to bring the plugin up to modern coding standards. Functionality should not be impacted, but if it is, please reach out on the support forums.\u003C\u002Fp>\n\u003Cp>Version 3.0.1 is simply a hotfix declaring compatibility with WooCommerce HPOS. Since this plugin doesn’t touch anything with the orders or order metadata, it shouldn’t be impacted at all. \u003Cem>However\u003C\u002Fem>, if you notice any issues then please reach out via the contact form on my website.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>While this does allow for user accounts to have weaker passwords, it’s a good idea to still encourage strong password use – \u003Cem>especially\u003C\u002Fem> for administrators!\u003C\u002Fp>\n\u003Ch4>Planned Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option to remove “- Please enter a stronger password.” that is added by WordPress.\u003C\u002Fli>\n\u003Cli>Nothing else at the moment, but let me know if you have any ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n","Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.",10000,176985,90,24,"2023-10-11T20:51:00.000Z","6.3.8","5.8",[54,20,22,55,56],"accounts","users","woocommerce","https:\u002F\u002Fdanielsantoro.com\u002Fproject\u002Fwoocommerce-password-strength-settings-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-password-strength-settings.zip",85,"2026-03-15T15:16:48.613Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":35,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":14,"tags":75,"homepage":79,"download_link":80,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"salt-shaker","Salt Shaker","2.1.1","Nagdy","https:\u002F\u002Fprofiles.wordpress.org\u002Fnagdy\u002F","\u003Cp>By using Salt Shaker plugin, you’ll be able to harden your WordPress security. It allows you to change the salt keys either manually or automatically.\u003C\u002Fp>\n\u003Cp>Try it out on a \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fsalt-shaker\" rel=\"nofollow ugc\">free dummy site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Use SALT Keys in WordPress?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you log in to WordPress, you have the option to remain logged in long-term. To achieve this, WordPress stores your login data in cookies instead of in a PHP session. Malicious individuals can hijack your cookies through various means, leaving your website vulnerable.\u003C\u002Fp>\n\u003Cp>To make it harder for attackers to use cookie data, you can take advantage of SALT keys. WordPress SALT keys encrypt your password, making it harder to guess. What’s more, it’s next to impossible for hackers to simply ‘unscramble’ the result in order to get at the original password.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpengine.com\u002Fresources\u002Fgenerate-wordpress-salt-keys\u002F#Why_Use_SALT_Keys_in_WordPress\" rel=\"nofollow ugc\">Read more on WPEngine Blog\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What people says about Salt Shaker\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fwp-tutorials\u002Fhow-to-automatically-change-wordpress-salt-keys\u002F\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fkinsta.com\u002Fknowledgebase\u002Fwordpress-salts\u002F\" rel=\"nofollow ugc\">Kinsta\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpengine.com\u002Fresources\u002Fgenerate-wordpress-salt-keys\u002F\" rel=\"nofollow ugc\">WPEngine\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Ftips-tricks\u002Fwhat-are-wordpress-salt-keys-and-how-can-you-change-them\" rel=\"nofollow ugc\">Elgenat Themes\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.hostinger.com\u002Ftutorials\u002Fwordpress-salts\" rel=\"nofollow ugc\">Hostinger\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Like Salt Shaker? Consider leaving a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsalt-shaker\u002Freviews\u002F\" rel=\"ugc\">5 star review\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Salt Shaker Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Improve your WordPress security.\u003C\u002Fli>\n\u003Cli>Easy to use, set it and forget it, with minimal settings.\u003C\u002Fli>\n\u003Cli>Manual and immediate WP security keys and salts changing.\u003C\u002Fli>\n\u003Cli>Set automated schedule for keys and salts change.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Developers?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Feel free to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FamElnagdy\u002Fsalt-shaker\" rel=\"nofollow ugc\">fork the project on GitHub\u003C\u002Fa> and submit your contributions via pull request.\u003C\u002Fp>\n","Salt Shaker enhances WordPress security by changing WordPress security keys and salts manually and automatically.",6000,235565,27,"2025-12-01T07:31:00.000Z","6.9.4","5.0",[76,77,21,22,78],"authentication-keys","salt-keys","security-keys","https:\u002F\u002Fnagdy.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsalt-shaker.2.1.1.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":73,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":14,"download_link":99,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"expire-user-passwords","Expire User Passwords","1.4.2","Matt Miller","https:\u002F\u002Fprofiles.wordpress.org\u002Fmillermedianow\u002F","\u003Cp>Note: This is a forked version of the now unsupported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexpire-passwords\u002F\" rel=\"ugc\">Expire Passwords\u003C\u002Fa> plugin. The notes below are copied over from the original plugin and will be updated as relevant updates become available. Please help by contributing to the GitHub repository \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">Expire Passwords\u003C\u002Fa> on GitHub\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-user-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Albanian (Shqip)\u003C\u002Fli>\n\u003Cli>Arabic (العربية)\u003C\u002Fli>\n\u003Cli>Armenian (Հայերեն)\u003C\u002Fli>\n\u003Cli>Basque (Euskara)\u003C\u002Fli>\n\u003Cli>Bengali (বাংলা)\u003C\u002Fli>\n\u003Cli>Bulgarian (Български)\u003C\u002Fli>\n\u003Cli>Catalan (Català)\u003C\u002Fli>\n\u003Cli>Chinese Simplified (简体中文)\u003C\u002Fli>\n\u003Cli>Croatian (Hrvatski)\u003C\u002Fli>\n\u003Cli>Czech (Čeština)\u003C\u002Fli>\n\u003Cli>Danish (Dansk)\u003C\u002Fli>\n\u003Cli>Dutch (Nederlands)\u003C\u002Fli>\n\u003Cli>Estonian (Eesti)\u003C\u002Fli>\n\u003Cli>Finnish (Suomi)\u003C\u002Fli>\n\u003Cli>French (Français)\u003C\u002Fli>\n\u003Cli>Galician (Galego)\u003C\u002Fli>\n\u003Cli>Georgian (ქართული)\u003C\u002Fli>\n\u003Cli>German (Deutsch)\u003C\u002Fli>\n\u003Cli>Greek (Ελληνικά)\u003C\u002Fli>\n\u003Cli>Hebrew (עברית)\u003C\u002Fli>\n\u003Cli>Hindi (हिन्दी)\u003C\u002Fli>\n\u003Cli>Hungarian (Magyar)\u003C\u002Fli>\n\u003Cli>Indonesian (Bahasa Indonesia)\u003C\u002Fli>\n\u003Cli>Irish (Gaeilge)\u003C\u002Fli>\n\u003Cli>Italian (Italiano)\u003C\u002Fli>\n\u003Cli>Japanese (日本語)\u003C\u002Fli>\n\u003Cli>Korean (한국어)\u003C\u002Fli>\n\u003Cli>Latvian (Latviešu)\u003C\u002Fli>\n\u003Cli>Lithuanian (Lietuvių)\u003C\u002Fli>\n\u003Cli>Macedonian (Македонски)\u003C\u002Fli>\n\u003Cli>Norwegian (Norsk)\u003C\u002Fli>\n\u003Cli>Persian (فارسی)\u003C\u002Fli>\n\u003Cli>Persian – Afghanistan (دری)\u003C\u002Fli>\n\u003Cli>Polish (Polski)\u003C\u002Fli>\n\u003Cli>Portuguese – Brazil (Português do Brasil)\u003C\u002Fli>\n\u003Cli>Portuguese – Portugal (Português)\u003C\u002Fli>\n\u003Cli>Romanian (Română)\u003C\u002Fli>\n\u003Cli>Russian (Русский)\u003C\u002Fli>\n\u003Cli>Serbian (Српски)\u003C\u002Fli>\n\u003Cli>Slovak (Slovenčina)\u003C\u002Fli>\n\u003Cli>Slovenian (Slovenščina)\u003C\u002Fli>\n\u003Cli>Spanish (Español)\u003C\u002Fli>\n\u003Cli>Swedish (Svenska)\u003C\u002Fli>\n\u003Cli>Tamil (தமிழ்)\u003C\u002Fli>\n\u003Cli>Thai (ไทย)\u003C\u002Fli>\n\u003Cli>Turkish (Türkçe)\u003C\u002Fli>\n\u003Cli>Ukrainian (Українська)\u003C\u002Fli>\n\u003Cli>Urdu (اردو)\u003C\u002Fli>\n\u003Cli>Vietnamese (Tiếng Việt)\u003C\u002Fli>\n\u003Cli>Welsh (Cymraeg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",3000,57937,84,5,"2026-02-17T09:27:00.000Z","4.0","8.1",[97,98,20,22,55],"login","membership","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-user-passwords.1.4.2.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":35,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":14,"tags":114,"homepage":14,"download_link":115,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"user-session-control","User Session Control","0.3.1","Frankie Jarrett","https:\u002F\u002Fprofiles.wordpress.org\u002Ffjarrett\u002F","\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fuser-session-control\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WordPress 4.1 “Dinah” introduced the awesome power of user session management.\u003C\u002Fp>\n\u003Cp>However, you are limited to only being able to destroy your own sessions, and you cannot destroy them individually.\u003C\u002Fp>\n\u003Cp>This plugin allows Administrators to view and manage all sessions by all users on an individual basis.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Displays a custom “God view” screen of all active user sessions\u003C\u002Fli>\n\u003Cli>Sort sessions by user, role, creation date, expiry date or IP address\u003C\u002Fli>\n\u003Cli>Quickly and easily destroy sessions you think may be a security risk\u003C\u002Fli>\n\u003Cli>Respects the timezone, date format and time format saved under General Settings\u003C\u002Fli>\n\u003Cli>View all user sessions from all blogs on your network via the Network Admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Deutsch\u003C\u002Fli>\n\u003Cli>Español\u003C\u002Fli>\n\u003Cli>Français\u003C\u002Fli>\n\u003Cli>Português\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffjarrett\u002Fuser-session-control\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","View and manage all active user sessions in a custom admin screen.",700,10133,7,"2016-12-23T19:25:00.000Z","4.7.32","4.1",[97,22,23,55],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-session-control.0.3.1.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":126,"num_ratings":127,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":15,"tags":131,"homepage":135,"download_link":136,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":60},"login-timeout-sessions","Login Timeout Sessions","1.2.1","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>Allows you the ability to set login session \u002F expiry Settings on user capacities by admin panel.\u003C\u002Fp>\n\u003Cp>By default the capabilities of the user are not defined in WordPress, for enhanced security their capabilities have a limit for the modification of site data, removal and creation.\u003C\u002Fp>\n\u003Ch3>Key Feature Comes with Login Timeout Sessions Plugin\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Set new login session.\u003C\u002Fli>\n\u003Cli>Set login ‘Remember me’ session.\u003C\u002Fli>\n\u003Cli>Set special timeout session for Users with a specific capability.\u003C\u002Fli>\n\u003Cli>For example: You can set a longer or shorter login time for administrators with the “edit_theme_options” capability. (see Roles and Capabilities in WordPress Codex).\u003C\u002Fli>\n\u003Cli>Use the default WordPress behaviours.\u003C\u002Fli>\n\u003Cli>Add Updates panel (Settings > Login Sessions).\u003C\u002Fli>\n\u003Cli>Deactivate restore default WordPress behavior.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Flogin-timeout-sessions\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nFor any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n","Allows you the ability to set login session \u002F expiry Settings on user capacities by admin panel.",300,4349,70,2,"2025-11-05T11:00:00.000Z","6.8.5","5.5",[132,117,133,134],"login-session","session-expired","set-login-expiry","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-timeout-sessions\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-timeout-sessions.1.2.1.zip",{"attackSurface":138,"codeSignals":255,"taintFlows":359,"riskAssessment":387,"analyzedAt":393},{"hooks":139,"ajaxHandlers":251,"restRoutes":252,"shortcodes":253,"cronEvents":254,"entryPointCount":13,"unprotectedCount":13},[140,146,149,155,159,163,166,170,174,178,182,186,190,193,197,201,205,209,213,217,220,224,229,233,236,239,244,247],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","init","mfem_translations","emergency-management.php",111,{"type":141,"name":142,"callback":147,"file":144,"line":148},"mfem_translate_global_strings",124,{"type":150,"name":151,"callback":152,"priority":153,"file":144,"line":154},"filter","admin_footer_text","mfem_update_admin_footer_text",1,138,{"type":150,"name":156,"callback":157,"priority":153,"file":144,"line":158},"update_footer","mfem_update_admin_footer_version",151,{"type":141,"name":160,"callback":161,"file":144,"line":162},"admin_enqueue_scripts","mfem_add_stylesheet",161,{"type":141,"name":160,"callback":164,"file":144,"line":165},"hook_mfem_jQuery_script",171,{"type":141,"name":167,"callback":168,"file":144,"line":169},"admin_menu","add_emergency_management_menu_items",190,{"type":141,"name":171,"callback":172,"file":144,"line":173},"user_register","mfem_save_pw_register_timestamp_to_meta",308,{"type":141,"name":175,"callback":176,"file":144,"line":177},"after_password_reset","mfem_save_pw_reset_timestamp_to_meta",314,{"type":141,"name":179,"callback":180,"file":144,"line":181},"profile_update","mfem_save_pw_profile_change_timestamp_to_meta",322,{"type":150,"name":183,"callback":184,"priority":13,"file":144,"line":185},"login_redirect","mfem_check_on_login",373,{"type":150,"name":187,"callback":188,"priority":13,"file":144,"line":189},"login_message","lost_password_message",418,{"type":150,"name":191,"callback":188,"priority":13,"file":144,"line":192},"tml_before_form",419,{"type":141,"name":194,"callback":195,"priority":13,"file":144,"line":196},"validate_password_reset","mfem_validate_password_change",447,{"type":141,"name":198,"callback":199,"file":144,"line":200},"admin_post_mfem-pwxform","mfem_warning_pwxform_handler",811,{"type":141,"name":202,"callback":203,"file":144,"line":204},"admin_post_mfem-pwxconfirm","mfem_reset_passwords",812,{"type":141,"name":206,"callback":207,"file":144,"line":208},"admin_post_mfem-saltsform","mfem_warning_saltsform_handler",815,{"type":141,"name":210,"callback":211,"file":144,"line":212},"admin_post_mfem-saltsconfirm","mfem_renew_salts",816,{"type":141,"name":214,"callback":215,"file":144,"line":216},"admin_post_mfem-pwstrengthform1","mfem_save_pw_strength_handler",818,{"type":141,"name":218,"callback":215,"file":144,"line":219},"admin_post_mfem-pwstrengthform2",819,{"type":141,"name":221,"callback":222,"file":144,"line":223},"admin_post_mfem-pwexpiryform","mfem_pw_expiry_handler",821,{"type":150,"name":225,"callback":226,"priority":11,"file":227,"line":228},"password_hint","mfem_password_hint","mfem-enqueue-pw-strength-check.php",20,{"type":141,"name":230,"callback":231,"priority":11,"file":227,"line":232},"user_profile_update_errors","mfem_validateProfileUpdate",26,{"type":150,"name":234,"callback":235,"priority":11,"file":227,"line":71},"registration_errors","mfem_validateRegistration",{"type":141,"name":194,"callback":237,"priority":11,"file":227,"line":238},"mfem_validatePasswordReset",28,{"type":150,"name":240,"callback":241,"priority":11,"file":242,"line":243},"wp_mail_from_name","closure","mfem-password-reset.php",95,{"type":150,"name":245,"callback":241,"priority":11,"file":242,"line":246},"wp_mail_from",96,{"type":150,"name":248,"callback":249,"priority":11,"file":242,"line":250},"wp_mail_content_type","emergency_password_reset_set_html_mail_content_type",97,[],[],[],[],{"dangerousFunctions":256,"sqlUsage":257,"outputEscaping":259,"fileOperations":32,"externalRequests":13,"nonceChecks":13,"capabilityChecks":92,"bundledLibraries":358},[],{"prepared":13,"raw":13,"locations":258},[],{"escaped":260,"rawEcho":261,"locations":262},18,47,[263,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,350,352,354,356],{"file":144,"line":264,"context":265},531,"raw output",{"file":144,"line":267,"context":265},545,{"file":144,"line":269,"context":265},546,{"file":144,"line":271,"context":265},552,{"file":144,"line":273,"context":265},553,{"file":144,"line":275,"context":265},559,{"file":144,"line":277,"context":265},560,{"file":144,"line":279,"context":265},566,{"file":144,"line":281,"context":265},567,{"file":144,"line":283,"context":265},571,{"file":144,"line":285,"context":265},574,{"file":144,"line":287,"context":265},576,{"file":144,"line":289,"context":265},600,{"file":144,"line":291,"context":265},626,{"file":144,"line":293,"context":265},630,{"file":144,"line":295,"context":265},633,{"file":144,"line":297,"context":265},640,{"file":144,"line":299,"context":265},644,{"file":144,"line":301,"context":265},648,{"file":144,"line":303,"context":265},650,{"file":144,"line":305,"context":265},652,{"file":144,"line":307,"context":265},655,{"file":144,"line":309,"context":265},672,{"file":144,"line":311,"context":265},676,{"file":144,"line":313,"context":265},678,{"file":144,"line":315,"context":265},680,{"file":144,"line":317,"context":265},720,{"file":144,"line":319,"context":265},745,{"file":144,"line":321,"context":265},746,{"file":144,"line":323,"context":265},747,{"file":144,"line":325,"context":265},748,{"file":144,"line":327,"context":265},749,{"file":144,"line":329,"context":265},750,{"file":144,"line":331,"context":265},751,{"file":144,"line":333,"context":265},752,{"file":144,"line":335,"context":265},753,{"file":144,"line":337,"context":265},754,{"file":144,"line":339,"context":265},758,{"file":144,"line":341,"context":265},771,{"file":144,"line":343,"context":265},792,{"file":144,"line":345,"context":265},799,{"file":144,"line":347,"context":265},800,{"file":144,"line":349,"context":265},805,{"file":144,"line":351,"context":265},829,{"file":144,"line":353,"context":265},840,{"file":144,"line":355,"context":265},851,{"file":144,"line":357,"context":265},862,[],[360,379],{"entryPoint":361,"graph":362,"unsanitizedCount":13,"severity":378},"mfem_emergency_management_main (emergency-management.php:461)",{"nodes":363,"edges":375},[364,369],{"id":365,"type":366,"label":367,"file":144,"line":368},"n0","source","$_POST",471,{"id":370,"type":371,"label":372,"file":144,"line":373,"wp_function":374},"n1","sink","update_option() [Settings Manipulation]",480,"update_option",[376],{"from":365,"to":370,"sanitized":377},true,"low",{"entryPoint":380,"graph":381,"unsanitizedCount":13,"severity":378},"\u003Cemergency-management> (emergency-management.php:0)",{"nodes":382,"edges":385},[383,384],{"id":365,"type":366,"label":367,"file":144,"line":368},{"id":370,"type":371,"label":372,"file":144,"line":373,"wp_function":374},[386],{"from":365,"to":370,"sanitized":377},{"summary":388,"deductions":389},"The \"emergency-management\" plugin v1.4.2.0 exhibits a generally strong security posture based on the static analysis. The absence of any entry points (AJAX, REST API, shortcodes, cron events) significantly reduces the potential attack surface. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries and having no recorded vulnerabilities or CVEs. The code signals indicate a moderate level of attention to security, with capability checks present. However, a concerning aspect is the low percentage of properly escaped output (28%), which suggests a significant risk of cross-site scripting (XSS) vulnerabilities. While the taint analysis found no critical or high-severity issues, the unescaped output leaves room for exploitation.\n\nThe lack of vulnerability history is a positive indicator, suggesting the plugin has been developed with security in mind or has not been a target for attackers. The presence of file operations is noted, but without further context, their security implications cannot be definitively assessed. The absence of dangerous functions, external HTTP requests, and bundled libraries are all positive security attributes. The critical weakness lies in the insufficient output escaping, which, despite other strengths, presents a tangible risk that needs immediate attention.",[390],{"reason":391,"points":392},"Low percentage of properly escaped output",15,"2026-03-16T23:26:40.238Z",{"wat":395,"direct":404},{"assetPaths":396,"generatorPatterns":399,"scriptPaths":400,"versionParams":401},[397,398],"\u002Fwp-content\u002Fplugins\u002Femergency-management\u002Fstyles\u002Femergency-management.css","\u002Fwp-content\u002Fplugins\u002Femergency-management\u002Fjs\u002Fmfem_jQuery.js",[],[398],[402,403],"emergency-management\u002Fstyles\u002Femergency-management.css?ver=","emergency-management\u002Fjs\u002Fmfem_jQuery.js?ver=",{"cssClasses":405,"htmlComments":406,"htmlAttributes":437,"restEndpoints":438,"jsGlobals":439,"shortcodeOutput":443},[],[407,408,409,409,409,410,410,410,410,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,412,425,426,427,428,429,430,431,431,431,432,432,433,434,435,436],"\u003C!-- no direct access -->","\u003C!-- The current plugin version -->","\u003C!-- translated (WordPress action hook 'init') -->","\u003C!-- just for switching on and off during testing -->","\u003C!-- Do some initial stuff... -->","\u003C!-- no longer used from 1.4.0.0 -->","\u003C!-- I am here - provided for future add-ons -->","\u003C!-- I am back -->","\u003C!-- Add a password renewal timestamp to each user's meta data as if the password was just renewed - for later use = the starting point -->","\u003C!-- Add only, if it doesn't exist, yet (...well, it shouldn't upon activation!) -->","\u003C!-- Unix timestamp (seconds since Unix Epoch) -->","\u003C!-- Do some stuff upon plugin deactivation -->","\u003C!-- Update the show towards being still present but deactivated now -->","\u003C!-- I am here but deactivated -->","\u003C!-- Clean up upon plugin uninstall -->","\u003C!-- Delete all options used in the emergency-management plugin -->","\u003C!-- good-bye -->","\u003C!-- just in case as it always has a short life here... -->","\u003C!-- Delete all meta data generated by the plugin -->","\u003C!-- Load the plugin's textdomain to retrieve the translations -->","\u003C!-- determine the correct .mo-file -->","\u003C!-- Load the very plugin translations (if they exist for $mfem_locale) as the WP SVN version synchronization seems failing... -->","\u003C!-- else: load WordPress plugin translations from \u002Fwp-content\u002Flanguages\u002Fplugins\u002F -->","\u003C!-- load WordPress plugin translations with normal logic -->","\u003C!-- translated -->","\u003C!-- Priority 1 to make it work -->","\u003C!-- Enqueue plugin's backend style-file -->","\u003C!-- Enqueue the plugin's javascript\u002FjQuery -->","\u003C!-- Just for the admin area -->","\u003C!-- Add the submenu entry and the help tabs... -->",[],[],[440,441,442],"thanks_for_using_emergency_management","mfem_session_tooltip","you_cannot_reuse_your_old_password",[]]