[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBkwNAfA-qi1dU5Rsw532FI4J7Gmu6-o3CPnTL6UWP_o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":57,"analysis":165,"fingerprints":443},"error-log-monitor","Error Log Monitor","1.7.12","Janis Elsts","https:\u002F\u002Fprofiles.wordpress.org\u002Fwhiteshadow\u002F","\u003Cp>This plugin adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send you email notifications about newly logged errors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically detects error log location.\u003C\u002Fli>\n\u003Cli>Explains how to configure PHP error logging if it’s not enabled yet.\u003C\u002Fli>\n\u003Cli>The number of displayed log entries is configurable.\u003C\u002Fli>\n\u003Cli>Sends you email notifications about logged errors (optional).\u003C\u002Fli>\n\u003Cli>Configurable email address and frequency.\u003C\u002Fli>\n\u003Cli>You can easily clear the log file.\u003C\u002Fli>\n\u003Cli>The dashboard widget is only visible to administrators.\u003C\u002Fli>\n\u003Cli>Optimized to work well even with very large log files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once you’ve installed the plugin, go to the Dashboard and enable the “PHP Error Log” widget through the “Screen Options” panel. The widget should automatically display the last 20 lines from your PHP error log. If you see an error message like “Error logging is disabled” instead, follow the displayed instructions to configure error logging.\u003C\u002Fp>\n\u003Cp>Email notifications are disabled by default. To enable them, click the “Configure” link in the top-right corner of the widget and enter your email address in the “Periodically email logged errors to:” box. If desired, you can also change email frequency by selecting the minimum time interval between emails from the “How often to send email” drop-down.\u003C\u002Fp>\n","Adds a Dashboard widget that displays the latest messages from your PHP error log. It can also send logged errors to email.",20000,631204,86,48,"2025-10-01T15:12:00.000Z","6.8.5","4.5","7.4",[20,21,22,23,24],"admin","administration","dashboard-widget","error-reporting","php","http:\u002F\u002Fw-shadow.com\u002Fblog\u002F2012\u002F07\u002F25\u002Ferror-log-monitor-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ferror-log-monitor.1.7.12.zip",99,1,0,"2019-02-25 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"WF-3fda31fa-efc9-44b9-99ba-9e3e23aa2ee0-error-log-monitor","freemius-sdk-missing-authorization-to-arbitrary-options-update-10","Freemius SDK \u003C= 2.2.3 - Missing Authorization to Arbitrary Options Update","The Freemius SDK for WordPress is vulnerable to authorization bypass due to a missing capability check on the _get_db_option and _set_db_option functions in versions up to, and including, 2.2.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change site settings and potentially take over the site.",null,"\u003C1.6.5","1.6.5","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Missing Authorization","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3fda31fa-efc9-44b9-99ba-9e3e23aa2ee0?source=api-prod",1793,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":54,"trust_score":55,"computed_at":56},"whiteshadow",7,430890,92,469,73,"2026-04-05T16:37:32.239Z",[58,79,97,120,142],{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":29,"num_ratings":29,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"dashboard-posts-stats","Dashboard Posts Stats","0.1","Felipe Lavín","https:\u002F\u002Fprofiles.wordpress.org\u002Ffelipelavinz\u002F","\u003Cp>Adds a simple but useful chart with the published posts during the last 30 days to your admin dashboard.\u003C\u002Fp>\n","Add a nice graph with your published posts during the last 30 days on a dashboard widget.",10,2055,"2013-01-21T18:56:00.000Z","3.5.2","3.0.1","",[21,73,22,74,75],"cms","data-visualization","visualization","http:\u002F\u002Fwww.yukei.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdashboard-posts-stats.0.1.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":66,"downloaded":87,"rating":29,"num_ratings":29,"last_updated":71,"tested_up_to":88,"requires_at_least":89,"requires_php":71,"tags":90,"homepage":93,"download_link":94,"security_score":95,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":96},"microplugins","Microplugins","1.1.3","Andy Navarro","https:\u002F\u002Fprofiles.wordpress.org\u002Fandaniel05\u002F","\u003Cp>Útil para cualquier sitio WordPress.\u003C\u002Fp>\n\u003Cp>Normalmente cuando se necesita añadir alguna funcionalidad al sitio se tienen 2 opciones por ese orden:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Instalar algún plugin que cumpla con las necesidades.\u003C\u002Fli>\n\u003Cli>Añadir código al archivo ‘functions.php’ del tema activo.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>La utilidad de los microplugins está relacionada con el punto 2 de la lista de opciones anterior.\u003C\u002Fp>\n\u003Cp>Definimos un microplugin como el fragmento de código que se necesita añadir al archivo ‘functions.php’ del tema activo para conseguir la funcionalidad deseada.\u003C\u002Fp>\n\u003Cp>Los microplugins se crean en forma de entradas WordPress y tienen código PHP válido en su contenido.\u003C\u002Fp>\n\u003Cp>Añadirle funcionalidad al sitio mediante microplugins tiene las siguientes ventajas: 1. Sus funcionalidades son globales al sitio y no dependen del tema activo por lo que se evita tener que modificar el archivo ‘functions.php’ del mismo. 2. Se tiene en un único lugar y de una forma más organizada el listado de funcionalidades que se han creado. 3. Facilidad a la hora de manipularlos y ver los resultados. 4. Al ser entradas de WordPress cuentan con un control de versiones mediante las revisiones.\u003C\u002Fp>\n\u003Cp>El principal problema que se puede presentar a la hora de trabajar con microplugins consiste en que el código introducido por el usuario puede presentar errores fatales y ocasionar que el sitio quede fuera de funcionamiento. Es importante aclarar que en este caso el microplugin sería desactivado automáticamente y el sitio estaría fuera de funcionamiento solo por un instante.\u003C\u002Fp>\n\u003Cp>IMPORTANTE: Si en algún momento fuera necesario desactivar los microplugins manualmente, esto se puede hacer borrando todos los archivos existentes en el directorio ‘cache’ de la carpeta del plugin.\u003C\u002Fp>\n\u003Cp>IMPORTANTE: Se debe aclarar que los microplugins no producen demora en el sitio tal como se puede pensar inicialmente. Para procesar los mismos se usa un archivo de caché que se puede encontrar en la carpeta ‘cache’.\u003C\u002Fp>\n\u003Cp>Si se desea comprender más a fondo el funcionamiento de este plugin debe leer la sección de preguntas y respuestas.\u003C\u002Fp>\n","Añade funcionalidad al sitio mediante código desde la administración.",1613,"4.6.30","4.6",[20,21,91,24,92],"code","plugins","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmicroplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmicroplugins.1.1.3.zip",100,"2026-03-15T10:48:56.248Z",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":71,"download_link":116,"security_score":117,"vuln_count":118,"unpatched_count":29,"last_vuln_date":119,"fetched_at":31},"wp-maintenance-mode","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder","2.6.20","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your blog is down for maintenance, add a coming soon page for a new website or create a landing page for an existing site. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end. You can use a date with a countdown timer for visitor information or set a value and unit for information.\u003C\u002Fp>\n\u003Cp>Also works with WordPress Multisite installs (each blog from the network has its own maintenance settings).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully customizable (change colors, texts and backgrounds).\u003C\u002Fli>\n\u003Cli>Subscription form (export emails to .csv file).\u003C\u002Fli>\n\u003Cli>Countdown timer (remaining time).\u003C\u002Fli>\n\u003Cli>Contact form (receive emails from visitors).\u003C\u002Fli>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Landing page templates;\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Social media icons;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>SEO options;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>Bot functionality to collect the emails in a friendly and efficient way;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give us feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fandrianvaleanu\u002FWP-Maintenance-Mode\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptimole.com\u002F\" rel=\"nofollow ugc\">Optimole\u003C\u002Fa> – Optimole is your all-in-one image optimization solution for WordPress & beyond.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">WPShout\u003C\u002Fa> – In-Depth WordPress Tutorials for Developers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frevive.social\u002F\" rel=\"nofollow ugc\">Revive Social\u003C\u002Fa> – Revive Old Posts helps you keep your content alive and in front the audiences that matter.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002F\" rel=\"nofollow ugc\">CodeinWP\u003C\u002Fa> – CodeinWP stands for all-things-WordPress. From web design to freelancing and from development to business, your questions are covered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomainwheel.com\" rel=\"nofollow ugc\">DomainWheel\u003C\u002Fa> – Free Short Website name generator, with the help of AI, for instant ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check-out \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" title=\"Themeisle blog\" rel=\"nofollow ugc\">our blog\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress\u002Freviews\u002F\" title=\"WordPress Reviews\" rel=\"nofollow ugc\">WordPress Reviews\u003C\u002Fa> and see other \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress-plugins\u002F\" title=\"WordPress Plugins Comparisons\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.",500000,19310486,859,"2025-12-10T19:23:00.000Z","6.9.4","4.7","7.1",[20,21,113,114,115],"coming-soon","maintenance-mode","unavailable","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-mode.2.6.20.zip",96,6,"2024-01-05 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":130,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":71,"tags":135,"homepage":137,"download_link":138,"security_score":139,"vuln_count":140,"unpatched_count":29,"last_vuln_date":141,"fetched_at":31},"adminimize","Adminimize","1.11.11","WP Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fwp_media\u002F","\u003Cp>If you manage a multi-author WordPress blog or WordPress sites for clients, then you may have wondered if it was possible to clean up the WordPress admin area for your users? There are lots of things in the WordPress admin area that your users don’t need to see or use. This plugin help you to hide unnecessary items from WordPress admin area.\u003C\u002Fp>\n\u003Cp>Adminimize makes it easy to remove items from view based on a user’s role.\u003C\u002Fp>\n\u003Ch4>What does this plugin do?\u003C\u002Fh4>\n\u003Cp>The plugin changes the administration backend and gives you the power to assign rights on certain parts. Admins can activate\u002Fdeactivate every part of the menu and even parts of the sub-menu. Meta fields can be administered separately for posts and pages. Certain parts of the write menu can be deactivated separately for admins or non-admins. The header of the backend is minimized and optimized to give you more space and the structure of the menu gets changed to make it more logical – this can all be done per user so each role and their resulting users can have his own settings.\u003C\u002Fp>\n\u003Ch4>Support Custom Post Type\u003C\u002Fh4>\n\u003Cp>The plugin support all functions also for custom post types, automatically in the settings page.\u003C\u002Fp>\n\u003Ch4>Support Custom Options on all different post types\u003C\u002Fh4>\n\u003Cp>It is possible to add own options to hide areas in the back-end of WordPress. It is easy and you must only forgive a ID or class, a selector, of the markup, that you will hide.\u003C\u002Fp>\n\u003Ch4>Compatibility with plugins for MetaBoxes in Write-area\u003C\u002Fh4>\n\u003Cp>You can add your own options, you must only check for css selectors.\u003C\u002Fp>\n\u003Ch4>Help with “Your own options”\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002F328449\" title=\"Plugin: Adminimize Help with Your own options (3 posts)\" rel=\"ugc\">entry on the WP community forum\u003C\u002Fa> for help with this great possibility.\u003C\u002Fp>\n\u003Ch4>License\u003C\u002Fh4>\n\u003Cp>Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you can thank me and leave a \u003Ca href=\"http:\u002F\u002Fbueltge.de\u002Fwunschliste\u002F\" title=\"Wishliste and Donate\" rel=\"nofollow ugc\">small donation\u003C\u002Fa> for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>The plugin comes with various translations, please refer to the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FInstalling_WordPress_in_Your_Language\" title=\"Installing WordPress in Your Language\" rel=\"nofollow ugc\">WordPress Codex\u003C\u002Fa> for more information about activating the translation. If you want to help to translate the plugin to your language, please have a look at the sitemap.pot file which contains all definitions and may be used with a \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Fsoftware\u002Fgettext\u002F\" rel=\"nofollow ugc\">gettext\u003C\u002Fa> editor like \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002F\" rel=\"nofollow ugc\">Poedit\u003C\u002Fa> (Windows) or use, I prefers this, the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fadminimize\" rel=\"nofollow ugc\">translation service from wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n","Adminimize that lets you hide 'unnecessary' items from the WordPress backend",200000,3104947,94,253,"2024-03-15T16:24:00.000Z","6.4.8","4.0",[21,136],"customization","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadminimize\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadminimize.1.11.11.zip",84,2,"2014-08-01 00:00:00",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":53,"num_ratings":152,"last_updated":153,"tested_up_to":154,"requires_at_least":155,"requires_php":71,"tags":156,"homepage":162,"download_link":163,"security_score":27,"vuln_count":140,"unpatched_count":29,"last_vuln_date":164,"fetched_at":31},"wp-phpmyadmin-extension","WP phpMyAdmin","5.2.2.01","Puvox Software","https:\u002F\u002Fprofiles.wordpress.org\u002Fpuvoxsoftware\u002F","\u003Ch4>[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] :\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>• Checked against vulnerability holes.\u003Cbr \u002F>\n  • No extra load\u002Fslowness to site.\u003Cbr \u002F>\n  • Does not collect & share private data.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Plugin Description\u003C\u002Fh4>\n\u003Cp>The famous database browser & manager (for MySQL & MariaDB) – use it inside WordPress Dashboard without an extra hassle.\u003C\u002Fp>\n\u003Ch3>NOTES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>This plugin has been started from 2018 year, and we have no connections to the old age’s vulnerable wp-phpMyAdmin plugin (published elsewhere by 3rd party scammers) . So, this current plugin is just a wrapper for official phpMyAdmin release and depends itself on the realiability & security of the \u003Ccode>phpMyAdmin\u003C\u002Fcode> itself. Also, initially we wanted to put PhpMyAdmin released \u003Ccode>.zip\u003C\u002Fcode> file untouched (to ensure the checksums are same) and unpack that \u003Ccode>.zip\u003C\u002Fcode> directly upon plugin’s installation, but unfortunately WordPress Plugin Team didn’t allow to put \u003Ccode>.zip\u003C\u002Fcode> file in the package (saying that SVN doesn’t like working with \u003Ccode>.zip\u003C\u002Fcode> files). Thus, we had to submit extracted PMA (but still original & untouched) to the repository.\u003C\u002Fli>\n\u003Cli>PHP >= 7.2.5 is required to for \u003Cstrong>phpMyAdmin\u003C\u002Fstrong> latest version (otherwise you will have option to use older version of PMA, which is not encouraged to be used).\u003C\u002Fli>\n\u003Cli>For the reason to make it compact, some unnecessary files (language files, OpenLayer\u002FGIS map lib, extra themes, etc) are removed.\u003C\u002Fli>\n\u003Cli>It’s recommended, that you enable the plugin only while you need to use PhpMyAdmin. Otherwise, for longer periods, you can deactivate plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Liability\u003C\u002Fh4>\n\u003Cp>We are not developers of PhpMyAdmin itself, neither affiliated with them. We just made this plugin as a wrapper (container) of official PhpMyAdmin, to make it possible to be installed as a WP plugin. However, we don’t monitor PhpMyAdmin package’s source code itself. We take no responsibility about this plugin. Use it at your own responsibility (However, as it’s also visible in stats, thousands of users are using this extendion and only few people have complained about errors).\u003C\u002Fp>\n\u003Ch4>Available Options\u003C\u002Fh4>\n\u003Cp>See all available options and their description on plugin’s settings page.\u003C\u002Fp>\n","[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] phpMyAdmin -  Database Browser & Manager (for MySQL & MariaDB)",50000,1055306,58,"2025-10-17T18:58:00.000Z","6.7.5","6.0",[157,158,159,160,161],"database","manager","mysql","phpminiadmin","phpmyadmin","https:\u002F\u002Fpuvox.software\u002Fsoftware\u002Fwordpress-plugins\u002F?plugin=wp-phpmyadmin-extension","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-phpmyadmin-extension.zip","2022-08-01 00:00:00",{"attackSurface":166,"codeSignals":262,"taintFlows":364,"riskAssessment":428,"analyzedAt":442},{"hooks":167,"ajaxHandlers":258,"restRoutes":259,"shortcodes":260,"cronEvents":261,"entryPointCount":29,"unprotectedCount":29},[168,173,176,180,184,189,193,197,201,206,209,214,217,221,224,230,235,238,243,246,249,253],{"type":169,"name":170,"callback":171,"file":172,"line":55},"action","wp_dashboard_setup","registerWidget","Elm\\DashboardWidget.php",{"type":169,"name":174,"callback":171,"file":172,"line":175},"wp_network_dashboard_setup",74,{"type":169,"name":177,"callback":178,"file":172,"line":179},"admin_init","handleLogClearing",75,{"type":169,"name":181,"callback":182,"file":172,"line":183},"admin_enqueue_scripts","enqueueWidgetDependencies",88,{"type":169,"name":185,"callback":186,"file":187,"line":188},"plugins_loaded","loadTextDomain","Elm\\Plugin.php",34,{"type":169,"name":190,"callback":191,"file":187,"line":192},"init","initSetupWizard",37,{"type":169,"name":194,"callback":195,"file":187,"line":196},"elm_settings_changed","onWidgetSettingsChanged",40,{"type":169,"name":198,"callback":199,"file":187,"line":200},"shutdown","flushBlacklistChanges",429,{"type":169,"name":202,"callback":203,"file":204,"line":205},"admin_notices","displayWizardNotice","Elm\\SetupWizard.php",15,{"type":169,"name":181,"callback":207,"file":204,"line":208},"registerDependencies",28,{"type":169,"name":210,"callback":211,"file":212,"line":213},"_admin_menu","_pages_init","scb\\AdminPage.php",62,{"type":169,"name":177,"callback":215,"file":212,"line":216},"option_init",135,{"type":169,"name":218,"callback":219,"file":212,"line":220},"admin_menu","page_init",138,{"type":169,"name":202,"callback":222,"file":212,"line":223},"admin_msg",245,{"type":225,"name":226,"callback":227,"file":228,"line":229},"filter","cron_schedules","_add_timing","scb\\Cron.php",60,{"type":169,"name":231,"callback":232,"file":233,"line":234},"activate_plugin","delayed_activation","scb\\load.php",42,{"type":169,"name":185,"callback":236,"priority":237,"file":233,"line":14},"load",9,{"type":169,"name":239,"callback":240,"file":241,"line":242},"load-post.php","pre_register","scb\\PostMetabox.php",64,{"type":169,"name":244,"callback":240,"file":241,"line":245},"load-post-new.php",65,{"type":169,"name":247,"callback":248,"file":241,"line":13},"add_meta_boxes","register",{"type":169,"name":250,"callback":251,"priority":66,"file":241,"line":252},"save_post","_save_post",87,{"type":169,"name":254,"callback":255,"file":256,"line":257},"widgets_init","_scb_register","scb\\Widget.php",31,[],[],[],[],{"dangerousFunctions":263,"sqlUsage":264,"outputEscaping":278,"fileOperations":66,"externalRequests":29,"nonceChecks":358,"capabilityChecks":51,"bundledLibraries":359},[],{"prepared":29,"raw":265,"locations":266},4,[267,271,274,276],{"file":268,"line":269,"context":270},"scb\\BoxesPage.php",204,"$wpdb->query() with variable interpolation",{"file":272,"line":273,"context":270},"scb\\Util.php",350,{"file":272,"line":275,"context":270},353,{"file":272,"line":277,"context":270},366,{"escaped":279,"rawEcho":280,"locations":281},78,39,[282,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321,322,324,326,328,330,332,333,335,337,339,341,344,346,347,349,351,353,355,357],{"file":172,"line":283,"context":284},213,"raw output",{"file":172,"line":286,"context":284},273,{"file":172,"line":288,"context":284},415,{"file":172,"line":290,"context":284},435,{"file":172,"line":292,"context":284},483,{"file":172,"line":294,"context":284},755,{"file":172,"line":296,"context":284},770,{"file":172,"line":298,"context":284},1066,{"file":172,"line":300,"context":284},1088,{"file":172,"line":302,"context":284},1120,{"file":172,"line":304,"context":284},1180,{"file":172,"line":306,"context":284},1517,{"file":172,"line":308,"context":284},1521,{"file":204,"line":310,"context":284},157,{"file":204,"line":312,"context":284},161,{"file":204,"line":314,"context":284},180,{"file":204,"line":316,"context":284},181,{"file":204,"line":318,"context":284},186,{"file":204,"line":320,"context":284},195,{"file":204,"line":269,"context":284},{"file":204,"line":323,"context":284},216,{"file":204,"line":325,"context":284},248,{"file":212,"line":327,"context":284},189,{"file":212,"line":329,"context":284},263,{"file":268,"line":331,"context":284},136,{"file":268,"line":220,"context":284},{"file":268,"line":334,"context":284},141,{"file":268,"line":336,"context":284},144,{"file":268,"line":338,"context":284},147,{"file":268,"line":340,"context":284},319,{"file":342,"line":343,"context":284},"scb\\Hooks.php",69,{"file":342,"line":345,"context":284},72,{"file":342,"line":179,"context":284},{"file":241,"line":348,"context":284},154,{"file":241,"line":350,"context":284},214,{"file":272,"line":352,"context":284},46,{"file":256,"line":354,"context":284},63,{"file":256,"line":356,"context":284},68,{"file":256,"line":55,"context":284},3,[360],{"name":361,"version":362,"knownCves":363},"Freemius","1.0",[],[365,389,399,410],{"entryPoint":366,"graph":367,"unsanitizedCount":28,"severity":41},"form_handler (scb\\AdminPage.php:225)",{"nodes":368,"edges":385},[369,374,378],{"id":370,"type":371,"label":372,"file":212,"line":373},"n0","source","$_POST",241,{"id":375,"type":376,"label":377,"file":212,"line":373},"n1","transform","→ validate()",{"id":379,"type":380,"label":381,"file":382,"line":383,"wp_function":384},"n2","sink","call_user_func() [RCE]","scb\\Forms.php",1049,"call_user_func",[386,388],{"from":370,"to":375,"sanitized":387},false,{"from":375,"to":379,"sanitized":387},{"entryPoint":390,"graph":391,"unsanitizedCount":28,"severity":41},"\u003CAdminPage> (scb\\AdminPage.php:0)",{"nodes":392,"edges":396},[393,394,395],{"id":370,"type":371,"label":372,"file":212,"line":373},{"id":375,"type":376,"label":377,"file":212,"line":373},{"id":379,"type":380,"label":381,"file":382,"line":383,"wp_function":384},[397,398],{"from":370,"to":375,"sanitized":387},{"from":375,"to":379,"sanitized":387},{"entryPoint":400,"graph":401,"unsanitizedCount":28,"severity":41},"validate_post_data (scb\\Forms.php:219)",{"nodes":402,"edges":407},[403,405,406],{"id":370,"type":371,"label":372,"file":382,"line":404},229,{"id":375,"type":376,"label":377,"file":382,"line":404},{"id":379,"type":380,"label":381,"file":382,"line":383,"wp_function":384},[408,409],{"from":370,"to":375,"sanitized":387},{"from":375,"to":379,"sanitized":387},{"entryPoint":411,"graph":412,"unsanitizedCount":265,"severity":41},"\u003CForms> (scb\\Forms.php:0)",{"nodes":413,"edges":424},[414,417,419,420,422],{"id":370,"type":371,"label":415,"file":382,"line":416},"$_POST (x3)",221,{"id":375,"type":380,"label":381,"file":382,"line":418,"wp_function":384},681,{"id":379,"type":371,"label":372,"file":382,"line":404},{"id":421,"type":376,"label":377,"file":382,"line":404},"n3",{"id":423,"type":380,"label":381,"file":382,"line":383,"wp_function":384},"n4",[425,426,427],{"from":370,"to":375,"sanitized":387},{"from":379,"to":421,"sanitized":387},{"from":421,"to":423,"sanitized":387},{"summary":429,"deductions":430},"The \"error-log-monitor\" plugin v1.7.12 exhibits a mixed security posture. On one hand, the static analysis shows a commendable lack of readily exposed attack vectors such as unprotected AJAX handlers, REST API routes, shortcodes, or cron events. This suggests a good understanding of fundamental WordPress security by the developers.\n\nHowever, significant concerns arise from the code analysis. A striking 100% of SQL queries are executed without prepared statements, which is a major risk for SQL injection vulnerabilities. Additionally, while the plugin has a moderate number of file operations and nonce checks, it also presents a high rate of unsanitized taint flows, specifically four identified flows with unsanitized paths, all flagged as high severity. This, coupled with only 67% of output being properly escaped, indicates potential for cross-site scripting (XSS) and other injection attacks.\n\nThe plugin's vulnerability history reveals one previously known high-severity CVE, indicating a past incident that required patching. The absence of currently unpatched vulnerabilities is positive, but the historical presence of a high-severity issue, particularly related to missing authorization (a common pattern), combined with the current taint analysis findings, suggests a recurring theme of injection-related risks that need diligent attention and robust sanitization practices. The plugin has strengths in minimizing its attack surface but weaknesses in secure data handling and processing.",[431,433,436,438,440],{"reason":432,"points":66},"100% of SQL queries are not using prepared statements",{"reason":434,"points":435},"4 high severity taint flows with unsanitized paths",12,{"reason":437,"points":118},"33% of output is not properly escaped",{"reason":439,"points":205},"1 previously known high severity CVE",{"reason":441,"points":358},"Bundled library Freemius v1.0 may be outdated","2026-03-16T17:29:32.191Z",{"wat":444,"direct":453},{"assetPaths":445,"generatorPatterns":448,"scriptPaths":449,"versionParams":450},[446,447],"\u002Fwp-content\u002Fplugins\u002Ferror-log-monitor\u002Fcss\u002Fdashboard-widget.css","\u002Fwp-content\u002Fplugins\u002Ferror-log-monitor\u002Fjs\u002Fdashboard-widget.js",[],[447],[451,452],"error-log-monitor\u002Fjs\u002Fdashboard-widget.js?ver=","error-log-monitor\u002Fcss\u002Fdashboard-widget.css?ver=",{"cssClasses":454,"htmlComments":456,"htmlAttributes":457,"restEndpoints":461,"jsGlobals":464,"shortcodeOutput":466},[455],"ws_php_error_log",[],[458,459,460],"data-elm-log-action","data-elm-log-target","data-elm-log-nonce",[462,463],"\u002Fwp-json\u002Felm-log-monitor\u002Fv1\u002Fsettings","\u002Fwp-json\u002Felm-log-monitor\u002Fv1\u002Flog-entries",[465],"Elm",[]]