[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHrL8o0Q-0Wa4kVZ1l-TGYoYcKTzaTby8M3cVxnmeR5o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":159,"fingerprints":193},"empty-tags-remover","Empty Tags Remover","1.2.3","Dan-Lucian Stefancu","https:\u002F\u002Fprofiles.wordpress.org\u002Fde-ce\u002F","\u003Cp>Empty Tags Remover adds a page called ‘Remove empty tags’ under ‘Posts’ admin menu where you can simply remove all the empty tags with just one click.\u003C\u002Fp>\n","Really simple plugin. It just removes all your empty tags on demand.",100,7827,2,"2024-12-13T23:50:00.000Z","6.7.5","2.5","",[19,20,21,22,23],"admin","edit","posts","remove","tags","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fempty-tags-remover\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fempty-tags-remover.1.2.3.zip",91,1,0,"2025-01-20 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-24640","empty-tags-remover-reflected-cross-site-scripting","Empty Tags Remover \u003C= 1.0 - Reflected Cross-Site Scripting","The Empty Tags Remover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.0","1.1.0","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-22 21:46:31",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F087df130-d75f-4792-b3f9-c78ddb0f7a48?source=api-prod",93,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":47,"trust_score":53,"computed_at":54},"de-ce",3,150,87,70,"2026-04-05T04:44:20.615Z",[56,79,100,119,137],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":17,"tags":71,"homepage":76,"download_link":77,"security_score":78,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"wp-sheet-editor-yoast-seo","Bulk Edit YOAST SEO fields in Spreadsheet","1.1.8","Jose Vega","https:\u002F\u002Fprofiles.wordpress.org\u002Fjosevega\u002F","\u003Cp>Edit YOAST SEO title, description, keyword, index status, and see SEO score when you are bulk editing Posts, Pages, and WooCommerce products using the spreadsheet.\u003C\u002Fp>\n\u003Cp>This plugin is perfect for you when:\u003C\u002Fp>\n\u003Col>\n\u003Cli>You need to Optimize Your Site SEO.\u003C\u002Fli>\n\u003Cli>You want to edit SEO title, description, and keywords quickly\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Installation steps\u003C\u002Fh4>\n\u003Col>\n\u003Cli>You need to install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages\u002F\" rel=\"ugc\">free “wp sheet editor” plugin\u003C\u002Fa> to be able to use this plugin\u003C\u002Fli>\n\u003Cli>YOAST SEO plugin must be active\u003C\u002Fli>\n\u003Cli>Done. Now you will see the SEO columns on the spreadsheet automatically.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>What is WP Sheet Editor\u003C\u002Fh4>\n\u003Cp>WP Sheet Editor is a free plugin that allows you to bulk edit WordPress posts, pages, and WooCommerce products using a spreadsheet.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages\u002F\" rel=\"ugc\">Download “wp sheet editor” plugin\u003C\u002Fa>\u003C\u002Fp>\n","Bulk Edit posts, pages, and WooCommerce products YOAST SEO fields using a spreadsheet.",1000,24326,52,5,"2024-02-24T02:56:00.000Z","6.4.8","3.6",[19,72,73,74,75],"bulk-edit","pages","posts-management","quick-edit","http:\u002F\u002Fwpsheeteditor.com\u002F?utm_source=wp-admin&utm_medium=plugins-list&utm_campaign=yoast","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sheet-editor-yoast-seo.1.1.8.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":11,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":17,"download_link":99,"security_score":78,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"posts-columns-manager","Posts Columns Manager","1.7.0","Serhiy Zakharchenko","https:\u002F\u002Fprofiles.wordpress.org\u002Fzahardoc\u002F","\u003Cp>Did you ever want to add some custom columns to the posts overview page?\u003Cbr \u002F>\nThis plugin gives you the possibility to add meta fields, taxonomies, or ACF fields there.\u003Cbr \u002F>\nJust add any number of columns you want and enjoy seeing them right from the posts overview pages.\u003C\u002Fp>\n","Did you ever want to add some custom columns to the posts overview page?",800,6366,13,"2023-06-26T16:23:00.000Z","6.2.9","4.7","5.6",[19,95,96,97,98],"columns","editor","manage","posts-overview","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fposts-columns-manager.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":11,"num_ratings":13,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":17,"download_link":118,"security_score":78,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"edit-lock","Edit Lock","1.0.3","doublejar","https:\u002F\u002Fprofiles.wordpress.org\u002Fdoublejar\u002F","\u003Cp>When you build a custom-made website, either for your client or yourself, there often are pages which contains HTML codes which may break if edited by casual users.\u003C\u002Fp>\n\u003Cp>This plugin allows you to disable editing on selected pages, to protect the pages from accidental or unwanted changes. By locking pages and posts, these crucial pages cannot be edited or deleted by users. An exception can be added for administrators to modify pages irregardless of locking status.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Locks any pages, posts, and even media files\u003C\u002Fli>\n\u003Cli>Custom post types are also supported\u003C\u002Fli>\n\u003Cli>Works with Gutenberg and Classic Editor\u003C\u002Fli>\n\u003Cli>Two locking mechanisms available\u003C\u002Fli>\n\u003Cli>Allows admin users to modify pages without unlocking or lock for everyone\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Locking mechanisms:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lock mode — Disable editing or deleting locked posts.\u003C\u002Fli>\n\u003Cli>Warn mode — Warn users when editing locked posts. Quick edit and deletion are disabled.\u003C\u002Fli>\n\u003C\u002Ful>\n","Disable page editing on selected pages, to protect the pages from accidental or unwanted changes that might break your site.",500,4971,"2022-10-09T00:44:00.000Z","6.1.10","5.4","7.0",[115,21,116,117],"disable-post-edit","security","wp-admin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-lock.1.0.3.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":108,"downloaded":127,"rating":128,"num_ratings":50,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":17,"tags":132,"homepage":135,"download_link":136,"security_score":78,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"tabs-in-post-editor","Tabs in Post Editor","1.1","Aaron Butacov","https:\u002F\u002Fprofiles.wordpress.org\u002Faaron-harun\u002F","\u003Cp>This simple plugin allows you to use the tab-key inside the post editor to indent code or paragraphs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin should work with all versions of WordPress, but has not been tested in versions earlier than 2.9\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allows for both multi-line and single line indenting\u003C\u002Fli>\n\u003Cli>Works in all major browsers.\u003C\u002Fli>\n\u003Cli>Toggle-able on each post. Enable or disable tabs automatically without reloading the page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Only works in the HTML editor\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","Write code in the WP post editor? Hate not being able to use [tab]s? Now you can.",16080,94,"2013-10-18T19:06:00.000Z","3.6.1","2.0",[19,133,20,134,21],"date","post","http:\u002F\u002Faahacreative.com\u002Four-projects\u002Ftabs-wordpress-post-editor\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftabs-in-post-editor.1.1.zip",{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":145,"downloaded":146,"rating":147,"num_ratings":148,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":17,"tags":152,"homepage":157,"download_link":158,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"filter-admin-published-default","Filter Admin Published Default","2.0.0","Chuck Reynolds","https:\u002F\u002Fprofiles.wordpress.org\u002Fryno267\u002F","\u003Cp>Enables all public post types (posts, pages, etc) in wp-admin to show the Published filter by default. This came out of a need as some clients of mine had a lot of pre-scheduled posts so a LOT of drafts are up top and I got tired of the extra click to filter by published. I tweeted out for ideas and @Norcross answered and quickly whipped up this; which we turned into a plugin for public release and here you go!\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once activated you don’t need to do anything.\u003C\u002Fp>\n","Enables all public post types (posts, pages, etc) in wp-admin to show the Published filter by default.",400,5971,88,7,"2026-03-10T05:03:00.000Z","6.9.4","5.2",[19,153,154,155,156],"edit-link","pages-edit","posts-edit","published","https:\u002F\u002Fgithub.com\u002Fchuckreynolds\u002Fwp-filter-admin-published-default","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilter-admin-published-default.2.0.0.zip",{"attackSurface":160,"codeSignals":172,"taintFlows":183,"riskAssessment":184,"analyzedAt":192},{"hooks":161,"ajaxHandlers":168,"restRoutes":169,"shortcodes":170,"cronEvents":171,"entryPointCount":28,"unprotectedCount":28},[162],{"type":163,"name":164,"callback":165,"file":166,"line":167},"action","admin_menu","add_empty_tags_page","empty-tags-remover.php",12,[],[],[],[],{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":28,"externalRequests":28,"nonceChecks":27,"capabilityChecks":28,"bundledLibraries":182},[],{"prepared":28,"raw":28,"locations":175},[],{"escaped":177,"rawEcho":27,"locations":178},4,[179],{"file":166,"line":180,"context":181},75,"raw output",[],[],{"summary":185,"deductions":186},"The \"empty-tags-remover\" plugin exhibits a generally positive security posture based on the provided static analysis.  The absence of any entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface.  Furthermore, the code demonstrates good practices by utilizing prepared statements for all SQL queries and having a high percentage of properly escaped output. The presence of a nonce check is also a positive indicator of security awareness.\n\nHowever, a significant concern arises from its vulnerability history. The plugin has a known CVE, specifically a medium-severity Cross-site Scripting (XSS) vulnerability. While this vulnerability is currently unpatched, the fact that it's marked as 'unpatched' in the historical data (even though the 'currently unpatched' count is 0) suggests a potential for future risks if patches are not consistently applied. The lack of capability checks is another area that could be improved, as it means that any authenticated user could potentially interact with the plugin's limited functionalities without specific permissions, although the current limited attack surface mitigates immediate risk.\n\nIn conclusion, while the plugin's core code appears to be relatively secure with a small attack surface and good data handling practices, the past XSS vulnerability and the absence of capability checks are noteworthy weaknesses. Developers should ensure that all past vulnerabilities are addressed and consider implementing capability checks to further harden the plugin against potential future exploits.",[187,190],{"reason":188,"points":189},"Known medium XSS vulnerability",10,{"reason":191,"points":67},"Missing capability checks","2026-03-16T20:36:37.882Z",{"wat":194,"direct":199},{"assetPaths":195,"generatorPatterns":196,"scriptPaths":197,"versionParams":198},[],[],[],[],{"cssClasses":200,"htmlComments":202,"htmlAttributes":203,"restEndpoints":204,"jsGlobals":205,"shortcodeOutput":206},[201],"wrap",[],[],[],[],[]]